From 5090e30fcc528be292fcb6b38a0e7f2b9e93a3e0 Mon Sep 17 00:00:00 2001 From: Jeremy Long Date: Sun, 16 Feb 2025 17:29:06 -0500 Subject: [PATCH] chore: remove open-vulnerability-client resolves #275 --- .github/workflows/gradle.yml | 1 - README.md | 172 +- open-vulnerability-clients/README.md | 155 - open-vulnerability-clients/build.gradle | 55 - .../openvulnerability/client/DataFeed.java | 21 - .../client/HttpAsyncClientSupplier.java | 43 - .../client/HttpClientSupplier.java | 43 - .../client/PagedDataSource.java | 70 - .../client/RecordDataSource.java | 80 - .../client/epss/EpssDataFeed.java | 63 - .../client/epss/EpssException.java | 67 - .../client/epss/EpssItem.java | 61 - .../client/epss/EpssResponseHandler.java | 69 - .../client/ghsa/AbstractPageable.java | 48 - .../openvulnerability/client/ghsa/CVSS.java | 85 - .../client/ghsa/CVSSSeverities.java | 70 - .../openvulnerability/client/ghsa/CWE.java | 165 - .../openvulnerability/client/ghsa/CWEs.java | 67 - .../ghsa/GitHubSecurityAdvisoryClient.java | 495 - .../GitHubSecurityAdvisoryClientBuilder.java | 182 - .../ghsa/GitHubSecurityAdvisoryException.java | 66 - .../client/ghsa/Identifier.java | 84 - .../client/ghsa/Package.java | 84 - .../client/ghsa/PackageVersion.java | 70 - .../client/ghsa/PageInfo.java | 108 - .../client/ghsa/RateLimit.java | 111 - .../client/ghsa/Reference.java | 70 - .../client/ghsa/SecurityAdvisories.java | 189 - .../client/ghsa/SecurityAdvisory.java | 322 - .../client/ghsa/SecurityAdvisoryResponse.java | 160 - .../client/ghsa/Severity.java | 64 - .../client/ghsa/SimpleFutureResponse.java | 46 - .../client/ghsa/Vulnerabilities.java | 70 - .../client/ghsa/Vulnerability.java | 257 - .../client/kev/KevCatalog.java | 71 - .../client/kev/KevDataFeed.java | 75 - .../client/kev/KevException.java | 67 - .../openvulnerability/client/kev/KevItem.java | 100 - .../openvulnerability/client/nvd/Config.java | 152 - .../client/nvd/CpeMatch.java | 168 - .../client/nvd/CveApiJson20.java | 193 - .../openvulnerability/client/nvd/CveItem.java | 351 - .../openvulnerability/client/nvd/CveTag.java | 131 - .../openvulnerability/client/nvd/CvssV2.java | 285 - .../client/nvd/CvssV2Data.java | 879 - .../openvulnerability/client/nvd/CvssV3.java | 271 - .../client/nvd/CvssV3Data.java | 1367 - .../openvulnerability/client/nvd/CvssV4.java | 159 - .../client/nvd/CvssV4Data.java | 2034 - .../client/nvd/DefCveItem.java | 76 - .../client/nvd/LangString.java | 92 - .../openvulnerability/client/nvd/Metrics.java | 151 - .../openvulnerability/client/nvd/Node.java | 160 - .../client/nvd/NvdApiException.java | 58 - .../nvd/NvdApiRetryExceededException.java | 58 - .../client/nvd/NvdApiRetryStrategy.java | 148 - .../client/nvd/NvdCveClient.java | 548 - .../client/nvd/NvdCveClientBuilder.java | 589 - .../client/nvd/RateLimitedCall.java | 48 - .../client/nvd/RateLimitedClient.java | 236 - .../client/nvd/RateMeter.java | 157 - .../client/nvd/Reference.java | 107 - .../client/nvd/VendorComment.java | 116 - .../client/nvd/Weakness.java | 116 - .../resources/json/cve-api-json-v2.2.0.schema | 498 - .../src/main/resources/json/cvss-v2.0.json | 103 - .../src/main/resources/json/cvss-v3.0.json | 142 - .../src/main/resources/json/cvss-v3.1.json | 142 - .../src/main/resources/json/cvss-v4.0.json | 387 - .../resources/securityAdvisories.mustache | 92 - .../resources/securityAdvisoryCwes.mustache | 25 - .../securityAdvisoryVulnerabilities.mustache | 34 - .../GitHubSecurityAdvisoryClientTest.java | 67 - .../client/ghsa/SerializationTest.java | 56 - .../client/kev/SerializationTest.java | 57 - .../nvd/NvdCveClientIntegrationTest.java | 73 - .../client/nvd/NvdCveClientTest.java | 41 - .../client/nvd/RateMeterTest.java | 48 - .../client/nvd/SerializationTest.java | 55 - .../src/test/resources/advisories.json | 912 - .../known_exploited_vulnerabilities.json | 10150 - .../src/test/resources/logback-test.xml | 15 - .../src/test/resources/nvd.json | 323565 --------------- settings.gradle | 4 +- vulnz/build.gradle | 2 +- 85 files changed, 157 insertions(+), 348987 deletions(-) delete mode 100644 open-vulnerability-clients/README.md delete mode 100644 open-vulnerability-clients/build.gradle delete mode 100644 open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/DataFeed.java delete mode 100644 open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/HttpAsyncClientSupplier.java delete mode 100644 open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/HttpClientSupplier.java delete mode 100644 open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/PagedDataSource.java delete mode 100644 open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/RecordDataSource.java delete mode 100644 open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/epss/EpssDataFeed.java delete mode 100644 open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/epss/EpssException.java delete mode 100644 open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/epss/EpssItem.java delete mode 100644 open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/epss/EpssResponseHandler.java delete mode 100644 open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/AbstractPageable.java delete mode 100644 open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/CVSS.java delete mode 100644 open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/CVSSSeverities.java delete mode 100644 open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/CWE.java delete mode 100644 open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/CWEs.java delete mode 100644 open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/GitHubSecurityAdvisoryClient.java delete mode 100644 open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/GitHubSecurityAdvisoryClientBuilder.java delete mode 100644 open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/GitHubSecurityAdvisoryException.java delete mode 100644 open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/Identifier.java delete mode 100644 open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/Package.java delete mode 100644 open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/PackageVersion.java delete mode 100644 open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/PageInfo.java delete mode 100644 open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/RateLimit.java delete mode 100644 open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/Reference.java delete mode 100644 open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/SecurityAdvisories.java delete mode 100644 open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/SecurityAdvisory.java delete mode 100644 open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/SecurityAdvisoryResponse.java delete mode 100644 open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/Severity.java delete mode 100644 open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/SimpleFutureResponse.java delete mode 100644 open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/Vulnerabilities.java delete mode 100644 open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/Vulnerability.java delete mode 100644 open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/kev/KevCatalog.java delete mode 100644 open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/kev/KevDataFeed.java delete mode 100644 open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/kev/KevException.java delete mode 100644 open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/kev/KevItem.java delete mode 100644 open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/Config.java delete mode 100644 open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/CpeMatch.java delete mode 100644 open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/CveApiJson20.java delete mode 100644 open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/CveItem.java delete mode 100644 open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/CveTag.java delete mode 100644 open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/CvssV2.java delete mode 100644 open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/CvssV2Data.java delete mode 100644 open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/CvssV3.java delete mode 100644 open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/CvssV3Data.java delete mode 100644 open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/CvssV4.java delete mode 100644 open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/CvssV4Data.java delete mode 100644 open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/DefCveItem.java delete mode 100644 open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/LangString.java delete mode 100644 open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/Metrics.java delete mode 100644 open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/Node.java delete mode 100644 open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/NvdApiException.java delete mode 100644 open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/NvdApiRetryExceededException.java delete mode 100644 open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/NvdApiRetryStrategy.java delete mode 100644 open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/NvdCveClient.java delete mode 100644 open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/NvdCveClientBuilder.java delete mode 100644 open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/RateLimitedCall.java delete mode 100644 open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/RateLimitedClient.java delete mode 100644 open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/RateMeter.java delete mode 100644 open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/Reference.java delete mode 100644 open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/VendorComment.java delete mode 100644 open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/Weakness.java delete mode 100644 open-vulnerability-clients/src/main/resources/json/cve-api-json-v2.2.0.schema delete mode 100644 open-vulnerability-clients/src/main/resources/json/cvss-v2.0.json delete mode 100644 open-vulnerability-clients/src/main/resources/json/cvss-v3.0.json delete mode 100644 open-vulnerability-clients/src/main/resources/json/cvss-v3.1.json delete mode 100644 open-vulnerability-clients/src/main/resources/json/cvss-v4.0.json delete mode 100644 open-vulnerability-clients/src/main/resources/securityAdvisories.mustache delete mode 100644 open-vulnerability-clients/src/main/resources/securityAdvisoryCwes.mustache delete mode 100644 open-vulnerability-clients/src/main/resources/securityAdvisoryVulnerabilities.mustache delete mode 100644 open-vulnerability-clients/src/test/java/io/github/jeremylong/openvulnerability/client/ghsa/GitHubSecurityAdvisoryClientTest.java delete mode 100644 open-vulnerability-clients/src/test/java/io/github/jeremylong/openvulnerability/client/ghsa/SerializationTest.java delete mode 100644 open-vulnerability-clients/src/test/java/io/github/jeremylong/openvulnerability/client/kev/SerializationTest.java delete mode 100644 open-vulnerability-clients/src/test/java/io/github/jeremylong/openvulnerability/client/nvd/NvdCveClientIntegrationTest.java delete mode 100644 open-vulnerability-clients/src/test/java/io/github/jeremylong/openvulnerability/client/nvd/NvdCveClientTest.java delete mode 100644 open-vulnerability-clients/src/test/java/io/github/jeremylong/openvulnerability/client/nvd/RateMeterTest.java delete mode 100644 open-vulnerability-clients/src/test/java/io/github/jeremylong/openvulnerability/client/nvd/SerializationTest.java delete mode 100644 open-vulnerability-clients/src/test/resources/advisories.json delete mode 100644 open-vulnerability-clients/src/test/resources/known_exploited_vulnerabilities.json delete mode 100644 open-vulnerability-clients/src/test/resources/logback-test.xml delete mode 100644 open-vulnerability-clients/src/test/resources/nvd.json diff --git a/.github/workflows/gradle.yml b/.github/workflows/gradle.yml index 4f3ea9ca..117a9f89 100644 --- a/.github/workflows/gradle.yml +++ b/.github/workflows/gradle.yml @@ -33,4 +33,3 @@ jobs: retention-days: 7 path: | vulnz/build/reports/tests - open-vulnerability-clients/build/reports/tests diff --git a/README.md b/README.md index 965f2b79..10a62c92 100644 --- a/README.md +++ b/README.md @@ -1,25 +1,161 @@ -# Open Vulnerability Project +# vulnz cli -The Open Vulnerability Project is a collection of Java libraries and a CLI to work -with various vulnerability data-sources (NVD, GitHub Security Advisories, CISA Known Exploited Vulnerablity Catalog, FIRST Exploit Prediction Scoring System (EPSS), etc.). +The cli is a spring-boot command line tool built with picocli. The example +below does run the setup - which creates both the `vulnz` symlink (in `/usr/local/bin`) +and a completion script. If using zsh, the completion will be added to +`/etc/bash_completion.d` or `/usr/local/etc/bash_completion.d` (depending +on if they exist); see [permanently installing completion](https://picocli.info/autocomplete.html#_installing_completion_scripts_permanently_in_bashzsh) +for more details. We may add a brew formula in the future. -- [open-vulnerability-clients](/open-vulnerability-clients) is a collection of clients to retrieve vulnerability data from various data-feeds and APIs. -- [vulnz](/vulnz) a simple CLI that can be used to access the vulnerability sources and persist the data using the open-vulnerability-store. +After running `install` you may need to restart your shell for the completion to work. -## Caching the NVD CVE API Data +```bash +./gradlew vulnz:build +cd vulnz/build/libs +./vulnz-7.2.2.jar install +vulnz cve --cveId CVE-2021-44228 --prettyPrint +``` -One of the primary uses of the vulnz CLI is to be able to create a local cache of -the NVD CVE Data from their API. See the [vulnz/README.md](/vulnz/README.md#caching-the-nvd-cve-data) -for instructions on how to create and maintain the local cache. +Example of using the CLI with an API key stored in [1password](https://1password.com/) using +the `op` CLI (see [getting started with op](https://developer.1password.com/docs/cli/get-started/)): -## Upgrading from vuln-tools +```bash +export NVD_API_KEY=op://vaultname/nvd-api/credential +eval $(op signin) +op run -- vulnz cve --threads 4 > cve-complete.json +``` -The project started off called vuln-tools and the various APIs were seperated into -standalone JAR files. The project has been renamed to the Open Vulnerability Project. +## Caching the NVD CVE Data -- All of the client libraries are now in the [open-vulnerability-clients](/open-vulnerability-clients). -- Packages have been renamed/moved: - - `io.github.jeremylong.ghsa.*` -> `io.github.jeremylong.openvulnerability.client.ghsa.*` - - `io.github.jeremylong.nvdlib.*` -> 'io.github.jeremylong.openvulnerability.client.nvd.*' - - `io.github.jeremylong.nvdlib.nvd` -> 'io.github.jeremylong.openvulnerability.client.nvd.*' -- The `NvdCveApi` class has been renamed to `NvdCveClient`. +The vulnz cli can create a cache of the NVD CVE data obtained from the API. The +data is stored in `json` files with the data saved in the traditional yearly groupings +starting with 2002 and going to the current year. In addition, a `cache.properties` is +created that contains the `lastModifiedDate` datetime as well as the prefix used for the +generated JSON files (by default `nvdcve-` is used). Additionally, a `modified` JSON file +is created that will hold the CVEs that have been modified in the last 7 days. After running +the below command you will end up with a directory with: + +- `cache.properties` +- `nvdcve-modified.json.gz` +- `nvdcve-modified.meta` +- `nvdcve-2002.json.gz` +- `nvdcve-2002.meta` +- `nvdcve-2003.json.gz` +- `nvdcve-2003.meta` +- ... +- `nvdcve-2024.json.gz` +- `nvdcve-2024.meta` + +### API Key is used and a 403 or 404 error occurs + +If an API Key is used and you receive a 404 error: + +``` +ERROR +io.github.jeremylong.openvulnerability.client.nvd.NvdApiException: NVD Returned Status Code: 404 +``` + +There is a good chance that the API Key is set incorrectly or is invalid. To check if the API Key works +the following `curl` command should return JSON: + +``` +curl -H "Accept: application/json" -H "apiKey: ########-####-####-####-############" -v https://services.nvd.nist.gov/rest/json/cves/2.0\?cpeName\=cpe:2.3:o:microsoft:windows_10:1607:\*:\*:\*:\*:\*:\*:\* +``` + +If no JSON is returned and you see a 404 error the API Key is invalid and you should request a new one. + +### Out-of-Memory Errors + +Create the local cache may result in an out-of-memory error. To resolve the +error simply increase the available memory for Java: + +```bash +export JAVA_OPTS="-Xmx2g" +``` + +Alternatively, run the CLI using the `-Xmx2g` argument: + +```bash +java -Xmx2g -jar ./vulnz-7.2.2.jar +``` + +An option to save memory would be: `-XX:+UseStringDeduplication`: +```bash +export JAVA_OPTS="-Xmx2g -XX:+UseStringDeduplication" +``` + +### Creating the Cache + +To create a local cache of the NVD CVE Data you can execute the following command +via a daily schedule to keep the cached data current: + +```bash +vulnz cve --cache --directory ./cache +``` + +Alternatively, without using the above install command: + +```bash +./vulnz-7.2.2.jar cve --cache --directory ./cache +``` + +When creating the cache all other arguments to the vulnz cli +will still work except the `--lastModEndDate` and `--lastModStartDate`. +As such, you can create `--prettyPrint` the cache or create a cache +of only "application" CVE using the `--virtualMatchString=cpe:2.3:a`. + +## Docker image + +### Configuration + +There are a couple of ENV vars + +- `NVD_API_KEY`: define your API key +- `DELAY`: override the delay - given in milliseconds. If you do not set an API KEY, the delay will be `10000` +- `MAX_RETRY_ARG` Using max retry attempts +- `MAX_RECORDS_PER_PAGE_ARG` Using max records per page +- `METRICS_ENABLE` If is set to `true`, OpenMetrics data for the vulnz cli can be retrieved via the endpoint http://.../metrics +- `METRICS_WRITE_INTERVAL` Sets the update interval for generating metrics, in milliseconds. Default: `5000` +- `METRICS_WRITE_FORMAT` Sets the output format for the metrics. Either openmetrics or Prometheus format. Default: `openmetrics` + +### Run + +```bash +# replace the NVD_API_KEY with your NVD api key +docker run --name vulnz -e NVD_API_KEY=myapikey jeremylong/open-vulnerability-data-mirror:v7.2.2 + +# if you like use a volume +docker run --name vulnz -e NVD_API_KEY=myapikey -v cache:/usr/local/apache2/htdocs jeremylong/open-vulnerability-data-mirror:v7.2.2 + +# adjust the memory usage +docker run --name vulnz -e JAVA_OPT=-Xmx2g jeremylong/open-vulnerability-data-mirror:v7.2.2 + +# you can also adjust the delay +docker run --name vulnz -e NVD_API_KEY=myapikey -e DELAY=3000 jeremylong/open-vulnerability-data-mirror:v7.2.2 + +``` + +If you like, run this to pre-populate the database right away + +```bash +docker exec -u mirror vulnz /mirror.sh +``` + +### Build + +Assuming the current version is `7.2.2` + +```bash +export TARGET_VERSION=7.2.2 +./gradlew vulnz:build -Pversion=$TARGET_VERSION +docker build vulnz/ -t ghcr.io/jeremylong/vulnz:$TARGET_VERSION --build-arg BUILD_VERSION=$TARGET_VERSION +``` + +### Release + +```bash +# checkout the repo +git tag -a 'v7.2.2'' -m 'release 7.2.2' +git push --tags +# this will build vulnz 7.2.2 on publish the docker image tagged 7.2.2 +``` diff --git a/open-vulnerability-clients/README.md b/open-vulnerability-clients/README.md deleted file mode 100644 index 3dd997c8..00000000 --- a/open-vulnerability-clients/README.md +++ /dev/null @@ -1,155 +0,0 @@ -# open-vulnerability-clients - -A collection of Java clients to access various vulnerability data-sources available -on the internet. Some of the data-sources require an API Key or Token to access the -API. - -## NVD Links - -- [Getting Started](https://nvd.nist.gov/developers/start-here) -- [Vulnerabilities API](https://nvd.nist.gov/developers/vulnerabilities) -- [Request an NVD API Key](https://nvd.nist.gov/developers/request-an-api-key) - -See API usage examples below. - -## GitHub Security Advisory Links - -- [GitHub Security Advisory Database](https://docs.github.com/en/enterprise-cloud@latest/code-security/security-advisories/global-security-advisories/browsing-security-advisories-in-the-github-advisory-database) -- [Explorer](https://docs.github.com/en/graphql/overview/explorer) - -See API usage examples below. - -## Exploit Prediction Scoring System (EPSS) Links - -- https://www.first.org/epss/ - -See API usage examples in the [open-vulnerability-store](https://github.com/jeremylong/Open-Vulnerability-Project/blob/b446bd01e0f4d9bd3c12a22226fd6755d2d6170e/open-vulnerability-store/src/main/java/io/github/jeremylong/openvulnerability/VulnerabilityService.java#L112) project. - -## CISA Known Exploited Vulnerabilities Catalog - -- https://www.cisa.gov/known-exploited-vulnerabilities-catalog - -See API usage examples in the [open-vulnerability-store](https://github.com/jeremylong/Open-Vulnerability-Project/blob/b446bd01e0f4d9bd3c12a22226fd6755d2d6170e/open-vulnerability-store/src/main/java/io/github/jeremylong/openvulnerability/VulnerabilityService.java#L143) project. - -## usage - -### maven - -```xml - - io.github.jeremylong - open-vulnerability-clients - 7.2.2 - -``` - -### gradle - -```groovy -implementation 'io.github.jeremylong:open-vulnerability-clients:7.2.2' -``` - -### api usage - -The APIs are intended to be fairly simple; an example implementation is given below to retrieve the entire GitHub Security Advisory data -set - including a mechanism to keep the data up to date. - -#### GitHub Security Advisory Example - -A Personal Access Token is required to access the GitHub Security Advisory GraphQL endpoint. - -```java -import io.github.jeremylong.openvulnerability.client.ghsa.GitHubSecurityAdvisoryClient; -import io.github.jeremylong.openvulnerability.client.ghsa.GitHubSecurityAdvisoryClientBuilder; -import io.github.jeremylong.openvulnerability.client.ghsa.SecurityAdvisory; - -import java.time.ZoneOffset; -import java.time.ZonedDateTime; -import java.util.List; - -public class Example { - - ZonedDateTime retrieveLastUpdated() { - // TODO implement a storage/retrieval mechanism for the last updated date. - return ZonedDateTime.now(ZoneOffset.UTC).minusDays(1); - } - - void storeLastUpdated(ZonedDateTime lastUpdated) { - // TODO implement a storage/retrieval mechanism for the last update time. - } - - @Test - void testNext() throws Exception { - String apiKey = System.getenv("GITHUB_TOKEN"); - - GitHubSecurityAdvisoryClientBuilder builder = GitHubSecurityAdvisoryClientBuilder - .aGitHubSecurityAdvisoryClient() - .withApiKey(apiKey); - - ZonedDateTime lastUpdated = retrieveLastUpdated(); - if (lastUpdated != null) { - builder.withUpdatedSinceFilter(lastUpdated); - } - try (GitHubSecurityAdvisoryClient client = builder.build()) { - if (client.hasNext()) { - List result = client.next(); - if (result != null && !result.isEmpty()) { - //TODO do something useful with the SecurityAdvisories - } - } - storeLastUpdated(client.getLastUpdated()); - } - } -} -``` - -#### NVD API Example - -An API Key for the NVD API is highly recommended - especially when downloading the full Vulnerability Catalog from the -NVD. Without an API key downloading takes 10+ minutes; whereas with an API key (and using 4 threads) the entire NVD -Vulnerability Catalog can be downloaded in ~90 seconds. - -```java -import io.github.jeremylong.openvulnerability.client.nvd.NvdCveClient; -import io.github.jeremylong.openvulnerability.client.nvd.NvdCveClientBuilder; -import io.github.jeremylong.openvulnerability.client.nvd.DefCveItem; - -import java.time.ZonedDateTime; -import java.util.Collection; - -public class Example { - - ZonedDateTime retrieveLastUpdated() { - // TODO implement a storage/retrieval mechanism. - return null; - } - - void storeLasUpdated(ZonedDateTime lastUpdated) { - // TODO implement a storage/retrieval mechanism. - } - - public void update() { - ZonedDateTime lastModifiedRequest = retrieveLastUpdated(); - NvdCveClientBuilder builder = NvdCveClientBuilder.aNvdCveApi(); - if (lastModifiedRequest != null) { - ZonedDateTime end = lastModifiedRequest.minusDays(-120); - builder.withLastModifiedFilter(lastModifiedRequest, end); - } - //TODO add API key with builder's `withApiKey()` - //TODO if an API Key is used consider adding `withThreadCount(4)` - //TODO add any additional filters via the builder's `withFilter()` - try (NvdCveClient api = builder.build()) { - while (api.hasNext()) { - Collection items = api.next(); - if (items != null && !items.isEmpty()) { - //TODO do something with the items - } - } - lastModifiedRequest = api.getLastModifiedRequest(); - } catch (Exception e) { - e.printStackTrace(); - } - storeLasUpdated(lastModifiedRequest); - } -} -``` diff --git a/open-vulnerability-clients/build.gradle b/open-vulnerability-clients/build.gradle deleted file mode 100644 index e963efc0..00000000 --- a/open-vulnerability-clients/build.gradle +++ /dev/null @@ -1,55 +0,0 @@ -plugins { - id 'vuln.tools.java-library-conventions' -} - -description = 'Clients for vulnerability sources' - -task addVesionResource (type: Copy) { - from ('../') - include 'gradle.properties' - destinationDir file('build/resources/main') - rename 'gradle.properties', "version.properties" -} -compileJava.dependsOn(addVesionResource) - -dependencies { - implementation 'org.apache.httpcomponents.client5:httpclient5:5.4.2' - implementation platform('com.fasterxml.jackson:jackson-bom:2.18.2') - implementation 'com.fasterxml.jackson.core:jackson-databind' - implementation 'com.fasterxml.jackson.datatype:jackson-datatype-jsr310' - implementation 'com.samskivert:jmustache:1.16' - testImplementation 'org.slf4j:slf4j-simple:2.0.16' -} - -publishing { - publications { - maven(MavenPublication) { - groupId project.group - artifactId project.name - version project.version - from components.java - pom { - url = 'https://github.com/jeremylong/vuln-tools/' - description = project.description - name = project.name - licenses { - license { - name = 'The Apache License, Version 2.0' - url = 'https://github.com/jeremylong/vuln-tools/blob/main/LICENSE.txt' - } - } - developers { - developer { - id = 'jeremy.long' - name = 'Jeremy Long' - } - } - scm { - url = 'https://github.com/jeremylong/vuln-tools' - connection = 'scm:git:https://github.com/jeremylong/vuln-tools.git' - developerConnection = 'scm:git:https://github.com/jeremylong/vuln-tools.git' - } - } - } - } -} diff --git a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/DataFeed.java b/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/DataFeed.java deleted file mode 100644 index 327dfd16..00000000 --- a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/DataFeed.java +++ /dev/null @@ -1,21 +0,0 @@ -/* - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * Copyright (c) 2023-2025 Jeremy Long. All Rights Reserved. - */ -package io.github.jeremylong.openvulnerability.client; - -public interface DataFeed { - T download(); -} diff --git a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/HttpAsyncClientSupplier.java b/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/HttpAsyncClientSupplier.java deleted file mode 100644 index 1a6aa1ad..00000000 --- a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/HttpAsyncClientSupplier.java +++ /dev/null @@ -1,43 +0,0 @@ -/* - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * Copyright (c) 2023-2025 Jeremy Long. All Rights Reserved. - */ -package io.github.jeremylong.openvulnerability.client; - -import org.apache.hc.client5.http.impl.async.CloseableHttpAsyncClient; -import org.apache.hc.client5.http.impl.async.HttpAsyncClients; -import org.apache.hc.client5.http.impl.routing.SystemDefaultRoutePlanner; - -import java.net.ProxySelector; -import java.util.function.Supplier; - -/** - * Supplier for {@link CloseableHttpAsyncClient}s. - *

- * May be used to provide customized HTTP clients to data source clients. - *

- * Closing of the supplied {@link CloseableHttpAsyncClient} instances is a responsibility of the caller. - */ -@FunctionalInterface -public interface HttpAsyncClientSupplier extends Supplier { - - static HttpAsyncClientSupplier getDefault() { - return () -> { - SystemDefaultRoutePlanner planner = new SystemDefaultRoutePlanner(ProxySelector.getDefault()); - return HttpAsyncClients.custom().setRoutePlanner(planner).useSystemProperties().build(); - }; - } - -} diff --git a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/HttpClientSupplier.java b/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/HttpClientSupplier.java deleted file mode 100644 index 14e5db32..00000000 --- a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/HttpClientSupplier.java +++ /dev/null @@ -1,43 +0,0 @@ -/* - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * Copyright (c) 2023-2025 Jeremy Long. All Rights Reserved. - */ -package io.github.jeremylong.openvulnerability.client; - -import org.apache.hc.client5.http.impl.classic.CloseableHttpClient; -import org.apache.hc.client5.http.impl.classic.HttpClientBuilder; -import org.apache.hc.client5.http.impl.routing.SystemDefaultRoutePlanner; - -import java.net.ProxySelector; -import java.util.function.Supplier; - -/** - * Supplier for {@link CloseableHttpClient}s. - *

- * May be used to provide customized HTTP clients to data source clients. - *

- * Closing of the supplied {@link CloseableHttpClient} instances is a responsibility of the caller. - */ -@FunctionalInterface -public interface HttpClientSupplier extends Supplier { - - static HttpClientSupplier getDefault() { - return () -> { - SystemDefaultRoutePlanner planner = new SystemDefaultRoutePlanner(ProxySelector.getDefault()); - return HttpClientBuilder.create().setRoutePlanner(planner).useSystemProperties().build(); - }; - } - -} diff --git a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/PagedDataSource.java b/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/PagedDataSource.java deleted file mode 100644 index f87957c9..00000000 --- a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/PagedDataSource.java +++ /dev/null @@ -1,70 +0,0 @@ -/* - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * Copyright (c) 2023-2025 Jeremy Long. All Rights Reserved. - */ -package io.github.jeremylong.openvulnerability.client; - -import java.time.ZonedDateTime; -import java.util.Collection; -import java.util.Iterator; - -public interface PagedDataSource extends AutoCloseable, Iterator> { - - /** - * Cleanup allocated resources. - * - * @throws Exception thrown if there is a problem. - */ - @Override - void close() throws Exception; - - /** - * Only available after the first call to `next()`; returns the total number of records that will be available. - * - * @return the total number of records that will be returned - */ - int getTotalAvailable(); - - /** - * Returns the last HTTP Status Code received. - * - * @return the last HTTP Status Code received. - */ - int getLastStatusCode(); - - /** - * Returns true if there are more records available; otherwise false. - * - * @return true if there are more records available; otherwise false. - */ - @Override - boolean hasNext(); - - /** - * Returns the next collection of vulnerability data. - * - * @return a collection of vulnerability data. - */ - @Override - Collection next(); - - /** - * Returns the latest updated date. - * - * @return the latest updated date - */ - ZonedDateTime getLastUpdated(); - -} diff --git a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/RecordDataSource.java b/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/RecordDataSource.java deleted file mode 100644 index b6e5b58c..00000000 --- a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/RecordDataSource.java +++ /dev/null @@ -1,80 +0,0 @@ -/* - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * Copyright (c) 2023-2025 Jeremy Long. All Rights Reserved. - */ -package io.github.jeremylong.openvulnerability.client; - -import java.time.ZonedDateTime; -import java.util.Collection; -import java.util.Iterator; - -/** - * A simple wrapper around a PagedDataSource that iterates over single objects rather than a page at a time. - * - * @param the data type - */ -public class RecordDataSource implements AutoCloseable, Iterator { - - private final PagedDataSource source; - private Iterator current; - - public RecordDataSource(PagedDataSource source) { - this.source = source; - } - - @Override - public void close() throws Exception { - source.close(); - } - - /** - * Returns the latest updated date. - * - * @return the latest updated date - */ - public ZonedDateTime getLastUpdated() { - return source.getLastUpdated(); - } - - /** - * Returns the last HTTP Status Code received. - * - * @return the last HTTP Status Code received. - */ - public int getLastStatusCode() { - return source.getLastStatusCode(); - } - - @Override - public boolean hasNext() { - return source.hasNext() || current != null && current.hasNext(); - } - - @Override - public T next() { - if (current == null || !current.hasNext()) { - if (source.hasNext()) { - Collection collection = source.next(); - if (collection != null) { - current = collection.iterator(); - } - } - } - if (current.hasNext()) { - return current.next(); - } - return null; - } -} diff --git a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/epss/EpssDataFeed.java b/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/epss/EpssDataFeed.java deleted file mode 100644 index 947f7397..00000000 --- a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/epss/EpssDataFeed.java +++ /dev/null @@ -1,63 +0,0 @@ -/* - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * Copyright (c) 2023-2025 Jeremy Long. All Rights Reserved. - */ -package io.github.jeremylong.openvulnerability.client.epss; - -import io.github.jeremylong.openvulnerability.client.DataFeed; -import io.github.jeremylong.openvulnerability.client.HttpClientSupplier; -import org.apache.hc.client5.http.classic.methods.HttpGet; -import org.apache.hc.client5.http.impl.classic.CloseableHttpClient; - -import java.io.IOException; -import java.util.List; - -/** - * Data Feed for the Exploit Prediction Scoring System (EPSS) scores from the Forum of Incident Response and Security - * Teams (FIRST) - * - * @see https://www.first.org/epss/data_stats - */ -public class EpssDataFeed implements DataFeed> { - private final static String DEFAULT_LOCATION = "https://epss.cyentia.com/epss_scores-current.csv.gz"; - - private final HttpClientSupplier httpClientSupplier; - private final String downloadUrl; - - public EpssDataFeed() { - this(DEFAULT_LOCATION); - } - - public EpssDataFeed(String downloadUrl) { - this(downloadUrl, null); - } - - public EpssDataFeed(String downloadUrl, HttpClientSupplier httpClientSupplier) { - this.downloadUrl = downloadUrl; - this.httpClientSupplier = httpClientSupplier != null ? httpClientSupplier : HttpClientSupplier.getDefault(); - } - - @Override - public List download() { - List list = null; - HttpGet request = new HttpGet(downloadUrl); - try (CloseableHttpClient client = httpClientSupplier.get()) { - list = client.execute(request, new EpssResponseHandler()); - } catch (IOException e) { - e.printStackTrace(); - } - return list; - } -} diff --git a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/epss/EpssException.java b/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/epss/EpssException.java deleted file mode 100644 index 9456ee7e..00000000 --- a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/epss/EpssException.java +++ /dev/null @@ -1,67 +0,0 @@ -/* - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * Copyright (c) 2022-2025 Jeremy Long. All Rights Reserved. - */ -package io.github.jeremylong.openvulnerability.client.epss; - -/** - * Exception thrown if there is a problem with the EPSS Data Feed. - * - * @author Jeremy Long - */ -public class EpssException extends RuntimeException { - - /** - * Serialization version UID. - */ - private static final long serialVersionUID = 6042021783700299275L; - - /** - * Generate a new exception. - * - * @param message the message - */ - public EpssException(String message) { - super(message); - } - - /** - * Generate a new exception. - * - * @param message the message - * @param cause the cause - */ - public EpssException(String message, Throwable cause) { - super(message, cause); - } - - /** - * Generate a new exception. - * - * @param cause the cause - */ - public EpssException(Throwable cause) { - super(cause); - } -} - -/* - * - * { securityAdvisory(nodeId: "MDU6U2VjdXJpdHlBZHZpc29yeTEyMzQ1Ng==") { id publishedAt updatedAt withdrawnAt severity - * severityReason reference permalink description origin vulnerableSoftware { package version } unsupportedPackages { - * name } identifiers { type value } advisories { nodes { id databaseId } } nonAffectingPackages { package } - * firstPatchedVersion { identifier } } } - * - */ \ No newline at end of file diff --git a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/epss/EpssItem.java b/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/epss/EpssItem.java deleted file mode 100644 index bc32bb34..00000000 --- a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/epss/EpssItem.java +++ /dev/null @@ -1,61 +0,0 @@ -/* - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * Copyright (c) 2023-2025 Jeremy Long. All Rights Reserved. - */ -package io.github.jeremylong.openvulnerability.client.epss; - -import com.fasterxml.jackson.annotation.JsonIgnoreProperties; -import com.fasterxml.jackson.annotation.JsonProperty; -import com.fasterxml.jackson.annotation.JsonPropertyOrder; - -import java.io.Serializable; - -/** - * Exploit Prediction Scoring System (EPSS) score. - * - * @see https://www.first.org/epss/ - */ -@JsonIgnoreProperties(ignoreUnknown = true) -@JsonPropertyOrder({"cve", "epss", "percentile"}) -public class EpssItem implements Serializable { - /** - * Serialization version UID. - */ - private static final long serialVersionUID = 5043194930534860395L; - @JsonProperty("cve") - String cve; - @JsonProperty("epss") - Double epss; - @JsonProperty("percentile") - Double percentile; - - public EpssItem(String cve, Double epss, Double percentile) { - this.cve = cve; - this.epss = epss; - this.percentile = percentile; - } - - public String getCve() { - return cve; - } - - public Double getEpss() { - return epss; - } - - public Double getPercentile() { - return percentile; - } -} diff --git a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/epss/EpssResponseHandler.java b/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/epss/EpssResponseHandler.java deleted file mode 100644 index 246aa517..00000000 --- a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/epss/EpssResponseHandler.java +++ /dev/null @@ -1,69 +0,0 @@ -/* - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * Copyright (c) 2023-2025 Jeremy Long. All Rights Reserved. - */ -package io.github.jeremylong.openvulnerability.client.epss; - -import org.apache.hc.client5.http.impl.classic.AbstractHttpClientResponseHandler; -import org.apache.hc.core5.http.ClassicHttpResponse; -import org.apache.hc.core5.http.HttpEntity; - -import java.io.BufferedReader; -import java.io.IOException; -import java.io.InputStream; -import java.io.InputStreamReader; -import java.io.Reader; -import java.nio.charset.StandardCharsets; -import java.util.ArrayList; -import java.util.List; -import java.util.zip.GZIPInputStream; - -public class EpssResponseHandler extends AbstractHttpClientResponseHandler> { - public EpssResponseHandler() { - super(); - } - - @Override - public List handleResponse(ClassicHttpResponse response) throws IOException { - return super.handleResponse(response); - } - - @Override - public List handleEntity(HttpEntity entity) throws IOException { - List list = new ArrayList<>(); - try (InputStream is = entity.getContent(); - GZIPInputStream gis = new GZIPInputStream(is); - Reader reader = new InputStreamReader(gis, StandardCharsets.UTF_8); - BufferedReader br = new BufferedReader(reader)) { - String line; - int idx = 0; - while ((line = br.readLine()) != null) { - idx += 1; - // two lines of headers - if (idx <= 2) { - continue; - } - try { - String[] data = line.split(","); - EpssItem score = new EpssItem(data[0], Double.parseDouble(data[1]), Double.parseDouble((data[2]))); - list.add(score); - } catch (NumberFormatException | ArrayIndexOutOfBoundsException ex) { - throw new EpssException("Unable to parse EPSS CSV", ex); - } - } - return list; - } - } -} diff --git a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/AbstractPageable.java b/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/AbstractPageable.java deleted file mode 100644 index f760d330..00000000 --- a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/AbstractPageable.java +++ /dev/null @@ -1,48 +0,0 @@ -/* - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * Copyright (c) 2023-2025 Jeremy Long. All Rights Reserved. - */ -package io.github.jeremylong.openvulnerability.client.ghsa; - -import com.fasterxml.jackson.annotation.JsonIgnore; -import com.fasterxml.jackson.annotation.JsonIgnoreProperties; -import com.fasterxml.jackson.annotation.JsonProperty; - -import java.io.Serializable; - -@JsonIgnoreProperties(ignoreUnknown = true) -public class AbstractPageable implements Serializable { - - /** - * Serialization version UID. - */ - private static final long serialVersionUID = 7420520124100919177L; - @JsonProperty(value = "totalCount", access = JsonProperty.Access.WRITE_ONLY) - private int totalCount; - - @JsonProperty(value = "pageInfo", access = JsonProperty.Access.WRITE_ONLY) - private PageInfo pageInfo; - - @JsonIgnore - int getTotalCount() { - return totalCount; - } - - @JsonIgnore() - PageInfo getPageInfo() { - return pageInfo; - } - -} diff --git a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/CVSS.java b/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/CVSS.java deleted file mode 100644 index ad70e882..00000000 --- a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/CVSS.java +++ /dev/null @@ -1,85 +0,0 @@ -/* - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * Copyright (c) 2023-2025 Jeremy Long. All Rights Reserved. - */ -package io.github.jeremylong.openvulnerability.client.ghsa; - -import com.fasterxml.jackson.annotation.JsonIgnoreProperties; -import com.fasterxml.jackson.annotation.JsonInclude; -import com.fasterxml.jackson.annotation.JsonInclude.Include; -import com.fasterxml.jackson.annotation.JsonProperty; - -import java.io.Serializable; -import java.util.Objects; - -/** - * The Common Vulnerability Scoring System. - * - * 

- * type CVSS
- *
- */ -@JsonInclude(Include.NON_NULL) -@JsonIgnoreProperties(ignoreUnknown = true) -public class CVSS implements Serializable { - - /** - * Serialization version UID. - */ - private static final long serialVersionUID = 7546185855105761759L; - @JsonProperty("score") - Double score; - - @JsonProperty("vectorString") - String vectorString; - - /** - * The CVSS score associated with this advisory. - * - * @return the CVSS score. - */ - public Double getScore() { - return score; - } - - /** - * The CVSS vector string associated with this advisory. - * - * @return the CVSS vector. - */ - public java.lang.String getVectorString() { - return vectorString; - } - - @Override - public String toString() { - return "CVSS{" + "score=" + score + ", vectorString='" + vectorString + '\'' + '}'; - } - - @Override - public boolean equals(Object o) { - if (this == o) - return true; - if (o == null || getClass() != o.getClass()) - return false; - CVSS cvss = (CVSS) o; - return Objects.equals(score, cvss.score) && Objects.equals(vectorString, cvss.vectorString); - } - - @Override - public int hashCode() { - return Objects.hash(score, vectorString); - } -} diff --git a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/CVSSSeverities.java b/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/CVSSSeverities.java deleted file mode 100644 index fb9e8e9b..00000000 --- a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/CVSSSeverities.java +++ /dev/null @@ -1,70 +0,0 @@ -/* - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * Copyright (c) 2023-2025 Jeremy Long. All Rights Reserved. - */ -package io.github.jeremylong.openvulnerability.client.ghsa; - -import com.fasterxml.jackson.annotation.JsonIgnoreProperties; -import com.fasterxml.jackson.annotation.JsonInclude; -import com.fasterxml.jackson.annotation.JsonProperty; -import com.fasterxml.jackson.annotation.JsonPropertyOrder; - -import java.io.Serializable; -import java.util.Objects; - -/** - * The Common Vulnerability Scoring System - */ -@JsonInclude(JsonInclude.Include.NON_NULL) -@JsonIgnoreProperties(ignoreUnknown = true) -@JsonPropertyOrder({"cvssV3", "cvssV4"}) -public class CVSSSeverities implements Serializable { - - private static final long serialVersionUID = -6425427956203326377L; - - @JsonProperty("cvssV3") - private CVSS cvssV3; - - @JsonProperty("cvssV4") - private CVSS cvssV4; - - public CVSS getCvssV3() { - return cvssV3; - } - - public CVSS getCvssV4() { - return cvssV4; - } - - @Override - public String toString() { - return "CVSSSeverities{" + "cvssV3=" + cvssV3 + ", cvssV4=" + cvssV4 + '}'; - } - - @Override - public boolean equals(Object o) { - if (this == o) - return true; - if (o == null || getClass() != o.getClass()) - return false; - CVSSSeverities cvss = (CVSSSeverities) o; - return cvssV3.equals(cvss.cvssV3) && cvssV4.equals(cvss.cvssV4); - } - - @Override - public int hashCode() { - return Objects.hash(cvssV3, cvssV4); - } -} diff --git a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/CWE.java b/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/CWE.java deleted file mode 100644 index 99e4aec4..00000000 --- a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/CWE.java +++ /dev/null @@ -1,165 +0,0 @@ -/* - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * Copyright (c) 2023-2025 Jeremy Long. All Rights Reserved. - */ -package io.github.jeremylong.openvulnerability.client.ghsa; - -import com.fasterxml.jackson.annotation.JsonIgnoreProperties; -import com.fasterxml.jackson.annotation.JsonProperty; -import com.fasterxml.jackson.annotation.JsonPropertyOrder; - -import java.io.Serializable; -import java.util.Objects; - -/** - * Common weakness enumeration. - */ -@JsonIgnoreProperties(ignoreUnknown = true) -@JsonPropertyOrder({"cweId", "name", "description"}) -public class CWE implements Serializable { - - /** - * Serialization version UID. - */ - private static final long serialVersionUID = -5061078131276736530L; - @JsonProperty(value = "node", access = JsonProperty.Access.WRITE_ONLY) - private CWERecord node; - - /** - * Returns the id of the CWE. - * - * @return the id of the CWE - */ - public String getCweId() { - if (node == null) { - return null; - } - return node.cweId; - } - - void setCweId(String cweId) { - if (node == null) { - this.node = new CWERecord(); - } - node.cweId = cweId; - } - - /** - * Returns a detailed description of this CWE. - * - * @return a detailed description of this CWE. - */ - public String getDescription() { - if (node == null) { - return null; - } - return node.description; - } - - void setDescription(String description) { - if (node == null) { - node = new CWERecord(); - } - node.description = description; - } - - /** - * The name of this CWE. - * - * @return the name of this CWE. - */ - public String getName() { - if (node == null) { - return null; - } - return node.name; - } - - void setName(String name) { - if (node == null) { - node = new CWERecord(); - } - node.name = name; - } - - @Override - public String toString() { - if (node == null) { - return ""; - } - return node.toString(); - } - - @Override - public boolean equals(Object o) { - if (this == o) - return true; - if (o == null || getClass() != o.getClass()) - return false; - CWE cwe = (CWE) o; - return Objects.equals(node, cwe.node); - } - - @Override - public int hashCode() { - return Objects.hash(node); - } - - /** - * A common weakness enumeration. - * - * 
-     * type CWE
-     *
- */ - @JsonIgnoreProperties(ignoreUnknown = true) - static class CWERecord implements Serializable { - - /** - * Serialization version UID. - */ - private static final long serialVersionUID = 8882754946152269822L; - @JsonProperty("cweId") - private String cweId; - - @JsonProperty("description") - private String description; - - @JsonProperty("name") - private String name; - - @Override - public String toString() { - return "CWE{" + "cweId='" + cweId + '\'' + ", description='" + description + '\'' + ", name='" + name + '\'' - + '}'; - } - - @Override - public boolean equals(Object o) { - if (this == o) - return true; - if (o == null || getClass() != o.getClass()) - return false; - CWERecord cweRecord = (CWERecord) o; - return Objects.equals(cweId, cweRecord.cweId) && Objects.equals(description, cweRecord.description) - && Objects.equals(name, cweRecord.name); - } - - @Override - public int hashCode() { - return Objects.hash(cweId, description, name); - } - } -} diff --git a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/CWEs.java b/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/CWEs.java deleted file mode 100644 index 27c7b457..00000000 --- a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/CWEs.java +++ /dev/null @@ -1,67 +0,0 @@ -/* - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * Copyright (c) 2023-2025 Jeremy Long. All Rights Reserved. - */ -package io.github.jeremylong.openvulnerability.client.ghsa; - -import com.fasterxml.jackson.annotation.JsonIgnore; -import com.fasterxml.jackson.annotation.JsonProperty; -import edu.umd.cs.findbugs.annotations.SuppressFBWarnings; - -import java.io.Serializable; -import java.util.List; -import java.util.Objects; - -public class CWEs extends AbstractPageable implements Serializable { - - /** - * Serialization version UID. - */ - private static final long serialVersionUID = 1810814451811673122L; - @JsonProperty("edges") - private List cwes; - - @SuppressFBWarnings(value = {"EI_EXPOSE_REP", - "EI_EXPOSE_REP2"}, justification = "I prefer to suppress these FindBugs warnings") - @JsonIgnore - public List getEdges() { - return cwes; - } - - @Override - public String toString() { - return "CWEs{" + "cwes=" + cwes + ", totalCount=" + getTotalCount() + "}"; - } - - @Override - public boolean equals(Object o) { - if (this == o) - return true; - if (o == null || getClass() != o.getClass()) - return false; - CWEs cwePage = (CWEs) o; - return Objects.equals(cwes, cwePage.cwes); - } - - @Override - public int hashCode() { - return Objects.hash(cwes); - } - - boolean addAllCwes(List c) { - return this.cwes.addAll(c); - } - -} diff --git a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/GitHubSecurityAdvisoryClient.java b/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/GitHubSecurityAdvisoryClient.java deleted file mode 100644 index 8a901ffd..00000000 --- a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/GitHubSecurityAdvisoryClient.java +++ /dev/null @@ -1,495 +0,0 @@ -/* - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * Copyright (c) 2023-2025 Jeremy Long. All Rights Reserved. - */ -package io.github.jeremylong.openvulnerability.client.ghsa; - -import com.fasterxml.jackson.core.JsonProcessingException; -import com.fasterxml.jackson.databind.ObjectMapper; -import com.fasterxml.jackson.databind.node.ObjectNode; -import com.fasterxml.jackson.datatype.jsr310.JavaTimeModule; -import com.samskivert.mustache.Mustache; -import com.samskivert.mustache.Template; -import edu.umd.cs.findbugs.annotations.SuppressFBWarnings; -import io.github.jeremylong.openvulnerability.client.HttpAsyncClientSupplier; -import io.github.jeremylong.openvulnerability.client.PagedDataSource; -import org.apache.hc.client5.http.async.methods.SimpleHttpRequest; -import org.apache.hc.client5.http.async.methods.SimpleHttpResponse; -import org.apache.hc.client5.http.async.methods.SimpleRequestBuilder; -import org.apache.hc.client5.http.impl.async.CloseableHttpAsyncClient; -import org.apache.hc.core5.http.ContentType; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import java.io.BufferedReader; -import java.io.IOException; -import java.io.InputStream; -import java.io.InputStreamReader; -import java.nio.charset.StandardCharsets; -import java.time.ZonedDateTime; -import java.time.format.DateTimeFormatter; -import java.util.Collection; -import java.util.HashMap; -import java.util.List; -import java.util.Map; -import java.util.Properties; -import java.util.concurrent.ExecutionException; -import java.util.concurrent.Future; -import java.util.stream.Collectors; - -public class GitHubSecurityAdvisoryClient implements PagedDataSource { - - public static final String GITHUB_GRAPHQL_ENDPOINT = "https://api.github.com/graphql"; - /** - * Reference to the logger. - */ - private static final Logger LOG = LoggerFactory.getLogger(GitHubSecurityAdvisoryClient.class); - /** - * The mustache template to retrieve advisories. - */ - private final static String ADVISORIES_TEMPLATE = "securityAdvisories.mustache"; - /** - * The mustache template to retrieve advisory vulnerabilities. - */ - private final static String VULNERABILITIES_TEMPLATE = "securityAdvisoryVulnerabilities.mustache"; - /** - * The mustache template to retrieve advisory CWEs. - */ - private final static String CWES_TEMPLATE = "securityAdvisoryCwes.mustache"; - /** - * HTTP Client to access the API. - */ - private final CloseableHttpAsyncClient httpClient; - /** - * Jackson JSON object mapper. - */ - private final ObjectMapper objectMapper; - /** - * Template for security advisories. - */ - private final Template advistoriesTemplate; - /** - * Template for security advisory's vulnerabilities - in case we have more than 100. - */ - private final Template vulnerabilitiesTemplate; - /** - * Template for security advisory's CWEs - in case we have more than 50. - */ - private final Template cwesTemplate; - /** - * Has the first HTTP call been made? - */ - private boolean firstCall = true; - /** - * The last HTTP status code received. - */ - private int lastStatusCode = 200; - /** - * The total count of advisories retrieved. - */ - private int totalCount = 0; - /** - * The number of available entries; only available after the first call to `next()`. - */ - private int totalAvailable = -1; - /** - * Asynchronous future HTTP Response. - */ - private Future futureResponse; - - /** - * The GitHub GraphQL endpoint. - */ - private final String endpoint; - /** - * The GitHub Access Token. - */ - private final String githubToken; - /** - * The user agent to append to the default open-vulnerability-client's user-agent string - */ - private final String userAgent; - /** - * The classification of the advisory ("GENERAL", "MALWARE") - */ - private String classifications; - /** - * The updatedSince filter. - */ - private String updatedSinceFilter; - /** - * The publishedSince filter. - */ - private String publishedSinceFilter; - - /** - * The last updated date time value retrieved. - */ - private ZonedDateTime lastUpdated; - /** - * The version of the client. - */ - private String version = "unknown"; - - /** - * Constructs a new client. - * - * @param githubToken the GitHub API Token. - */ - public GitHubSecurityAdvisoryClient(String githubToken) { - this(githubToken, null); - } - - /** - * Constructs a new client. - * - * @param endpoint the GraphQL endpoint of GitHub or GHE. - * @param githubToken the GitHub API Token. - */ - @SuppressFBWarnings("CT_CONSTRUCTOR_THROW") - public GitHubSecurityAdvisoryClient(String githubToken, String endpoint) { - this(githubToken, endpoint, null); - } - - /** - * Constructs a new client. - * - * @param githubToken the GitHub API Token. - * @param endpoint the GraphQL endpoint of GitHub or GHE. - * @param httpClientSupplier supplier for custom HTTP clients; if {@code null} a default client will be used - */ - @SuppressFBWarnings("CT_CONSTRUCTOR_THROW") - public GitHubSecurityAdvisoryClient(String githubToken, String endpoint, - HttpAsyncClientSupplier httpClientSupplier) { - this(githubToken, endpoint, httpClientSupplier, null); - } - - /** - * Constructs a new client. - * - * @param githubToken the GitHub API Token. - * @param endpoint the GraphQL endpoint of GitHub or GHE. - * @param httpClientSupplier supplier for custom HTTP clients; if {@code null} a default client will be used - * @param userAgent the user agent to append to the default open-vulnerability-client's user-agent string - */ - @SuppressFBWarnings("CT_CONSTRUCTOR_THROW") - public GitHubSecurityAdvisoryClient(String githubToken, String endpoint, HttpAsyncClientSupplier httpClientSupplier, - String userAgent) { - this.githubToken = githubToken; - this.userAgent = userAgent; - this.endpoint = endpoint != null ? endpoint : GITHUB_GRAPHQL_ENDPOINT; - advistoriesTemplate = loadMustacheTemplate(ADVISORIES_TEMPLATE); - vulnerabilitiesTemplate = loadMustacheTemplate(VULNERABILITIES_TEMPLATE); - cwesTemplate = loadMustacheTemplate(CWES_TEMPLATE); - - if (httpClientSupplier == null) { - httpClient = HttpAsyncClientSupplier.getDefault().get(); - } else { - httpClient = httpClientSupplier.get(); - } - httpClient.start(); - objectMapper = new ObjectMapper(); - objectMapper.registerModule(new JavaTimeModule()); - try { - Properties props = new Properties(); - props.load(getClass().getClassLoader().getResourceAsStream("version.properties")); - version = props.getProperty("version"); - } catch (IOException e) { - LOG.debug("Error loading version.properties", e); - } - } - - /** - * Loads a mustache template from the project's resources by name. - * - * @param resourceName the name of the template. - * @return the mustache template. - */ - private Template loadMustacheTemplate(String resourceName) { - String template; - try (InputStream is = getClass().getClassLoader().getResourceAsStream(resourceName); - InputStreamReader isr = new InputStreamReader(is, StandardCharsets.UTF_8); - BufferedReader reader = new BufferedReader(isr)) { - template = reader.lines().collect(Collectors.joining(System.lineSeparator())); - - } catch (IOException e) { - throw new GitHubSecurityAdvisoryException(e); - } - return Mustache.compiler().escapeHTML(false).compile(template); - } - - /** - * The classification of the advisory ("GENERAL", "MALWARE") - * - * @param classifications the classification of the advisory. - */ - public void setClassifications(String classifications) { - this.classifications = classifications; - } - - /** - * Filter the Security Advisories by those updated since the give date time. - * - * @param utcUpdatedSinceFilter the date to filter on. - */ - public void setUpdatedSinceFilter(ZonedDateTime utcUpdatedSinceFilter) { - DateTimeFormatter dtf = DateTimeFormatter.ofPattern("uuuu-MM-dd'T'HH:mm:ssX"); - this.updatedSinceFilter = utcUpdatedSinceFilter.format(dtf); - } - - /** - * Filter the Security Advisories by those published since the give date time. - * - * @param utcPublishedSinceFilter the date to filter on. - */ - public void setPublishedSinceFilter(ZonedDateTime utcPublishedSinceFilter) { - DateTimeFormatter dtf = DateTimeFormatter.ofPattern("uuuu-MM-dd'T'HH:mm:ssX"); - this.publishedSinceFilter = utcPublishedSinceFilter.format(dtf); - } - - /** - * Internal API to query the endpoint. - * - * @param json the GraphQL query body (i.e. minus the query:). - * @return the Asynchronous HTTP Response. - */ - private Future query(String json) { - ObjectNode jsonObj = objectMapper.createObjectNode(); - jsonObj.put("query", json); - String query; - try { - query = objectMapper.writeValueAsString(jsonObj); - } catch (JsonProcessingException e) { - throw new GitHubSecurityAdvisoryException("Unable to convert template to query", e); - } - SimpleRequestBuilder builder = SimpleRequestBuilder.post(endpoint); - builder.addHeader("Authorization", "bearer " + githubToken); - String ua = "open-vulnerability-client/" + version; - if (userAgent != null) { - ua += "; " + userAgent; - } - builder.addHeader("User-Agent", ua); - builder.setBody(query, ContentType.APPLICATION_JSON); - final SimpleHttpRequest request = builder.build(); - return httpClient.execute(request, new SimpleFutureResponse()); - } - - /** - * Cleanup allocated resources. - * - * @throws Exception thrown if there is a problem. - */ - @Override - public void close() throws Exception { - httpClient.close(); - } - - /** - * The number of available entries; only available after the first call to `next()`. - * - * @return the number of available entries - */ - @Override - public int getTotalAvailable() { - return totalAvailable; - } - - /** - * Returns the last HTTP Status Code received. - * - * @return the last HTTP Status Code received. - */ - public int getLastStatusCode() { - return lastStatusCode; - } - - /** - * Returns true if there are more records available; otherwise false. - * - * @return true if there are more records available; otherwise false. - */ - @Override - public boolean hasNext() { - if (lastStatusCode != 200) { - return false; - } - return firstCall || futureResponse != null; - } - - /** - * Returns the next list of security advisories. Note that even if `hasNext()` returns true it is possible that - * `next()` will return null. This will generally only occur on the very first call. - * - * @return a list of security advisories. - */ - @Override - public Collection next() { - try { - Map data = buildGraphQLData(); - if (firstCall) { - firstCall = false; - futureResponse = query(advistoriesTemplate.execute(data)); - } - SimpleHttpResponse response; - response = futureResponse.get(); - if (response.getCode() == 200) { - String body = response.getBodyText(); - if (body == null) { - body = new String(response.getBodyBytes(), StandardCharsets.UTF_8); - } - SecurityAdvisories results = objectMapper.readValue(body, SecurityAdvisories.class); - List list = results.getSecurityAdvisories(); - totalCount += list.size(); - totalAvailable = results.getTotalCount(); - if (results.getPageInfo().isHasNextPage() || totalCount < totalAvailable) { - data.put("after", results.getPageInfo().getEndCursor()); - futureResponse = query(advistoriesTemplate.execute(data)); - } else { - futureResponse = null; - } - - ensureSubPages(list); - - lastUpdated = findLastUpdated(lastUpdated, list); - - return list; - } else { - lastStatusCode = response.getCode(); - String error = new String(response.getBodyBytes(), StandardCharsets.UTF_8); - LOG.error(error); - throw new GitHubSecurityAdvisoryException("GitHub GraphQL Returned Status Code: " + lastStatusCode); - } - } catch (InterruptedException e) { - Thread.interrupted(); - LOG.debug("Interrupted", e); - throw new GitHubSecurityAdvisoryException(e); - } catch (ExecutionException | JsonProcessingException e) { - LOG.debug(e.getMessage(), e); - throw new GitHubSecurityAdvisoryException(e); - } - } - - private Map buildGraphQLData() { - Map data = new HashMap<>(); - if (classifications != null) { - data.put("classifications", classifications); - } - if (updatedSinceFilter != null) { - data.put("updatedSince", updatedSinceFilter); - } - if (publishedSinceFilter != null) { - data.put("publishedSince", publishedSinceFilter); - } - return data; - } - - /** - * Returns the latest updated date. - * - * @return the latest updated date - */ - public ZonedDateTime getLastUpdated() { - return lastUpdated; - } - - /** - * Retrieve the latest last updated date from the list of security advisories. - * - * @param lastUpdatedDate the last updated date. - * @param list the list of security advisories. - * @return the latest last updated date. - */ - private ZonedDateTime findLastUpdated(ZonedDateTime lastUpdatedDate, List list) { - ZonedDateTime current = lastUpdatedDate; - for (SecurityAdvisory adv : list) { - if (current == null || current.compareTo(adv.getUpdatedAt()) < 0) { - current = adv.getUpdatedAt(); - } - } - return current; - } - - /** - * Ensure that the CWE and Vulnerability lists have been completely fetched and requests any missing entries. - * - * @param list the list of security advisories to validate and if necessary add CWE or vulnerability data. - * @throws ExecutionException thrown if there is a problem. - * @throws InterruptedException thrown if interrupted. - */ - private void ensureSubPages(List list) throws ExecutionException, InterruptedException { - for (SecurityAdvisory sa : list) { - if (sa.getCwes().getPageInfo().isHasNextPage() || sa.getCwes().getTotalCount() > 50) { - LOG.debug("Retrieving additional CWEs for " + sa.getGhsaId()); - int count = 50; - int max = sa.getCwes().getTotalCount(); - String after = sa.getCwes().getPageInfo().getEndCursor(); - while (count < max) { - SecurityAdvisoryResponse results = fetch(cwesTemplate, sa.getGhsaId(), after); - CWEs cwes = results.getSecurityAdvisory().getCwes(); - count += cwes.getEdges().size(); - max = cwes.getTotalCount(); - after = cwes.getPageInfo().getEndCursor(); - sa.getCwes().addAllCwes(cwes.getEdges()); - } - } - if (sa.getVulnerabilities().getPageInfo().isHasNextPage() - || sa.getVulnerabilities().getTotalCount() > 100) { - LOG.debug("Retrieving additional Vulnerabilities for " + sa.getGhsaId()); - int count = 100; - int max = sa.getVulnerabilities().getTotalCount(); - String after = sa.getVulnerabilities().getPageInfo().getEndCursor(); - while (count < max) { - SecurityAdvisoryResponse results = fetch(vulnerabilitiesTemplate, sa.getGhsaId(), after); - Vulnerabilities vulnerability = results.getSecurityAdvisory().getVulnerabilities(); - count += vulnerability.getEdges().size(); - max = vulnerability.getTotalCount(); - after = vulnerability.getPageInfo().getEndCursor(); - sa.getVulnerabilities().addAllVulnerabilities(vulnerability.getEdges()); - } - } - } - } - - /** - * Fetches additional data from the GraphQL API. - * - * @param template the template to use for the request. - * @param ghsaId the advisory id used to filter the request. - * @param after the end cursor from the previous request. - * @return the requested data. - * @throws ExecutionException thrown if there is a problem. - * @throws InterruptedException thrown if interrupted. - */ - private SecurityAdvisoryResponse fetch(Template template, String ghsaId, String after) - throws InterruptedException, ExecutionException { - SecurityAdvisoryResponse results; - try { - Map data = new HashMap<>(); - data.put("ghsaId", ghsaId); - data.put("after", after); - Future future = query(template.execute(data)); - SimpleHttpResponse response = future.get(); - String body = response.getBodyText(); - if (body == null) { - body = new String(response.getBodyBytes(), StandardCharsets.UTF_8); - } - results = objectMapper.readValue(body, SecurityAdvisoryResponse.class); - } catch (JsonProcessingException e) { - LOG.debug("Deserialization Error", e); - throw new GitHubSecurityAdvisoryException(e); - } - return results; - } -} diff --git a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/GitHubSecurityAdvisoryClientBuilder.java b/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/GitHubSecurityAdvisoryClientBuilder.java deleted file mode 100644 index dd874b68..00000000 --- a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/GitHubSecurityAdvisoryClientBuilder.java +++ /dev/null @@ -1,182 +0,0 @@ -/* - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * Copyright (c) 2022-2025 Jeremy Long. All Rights Reserved. - */ -package io.github.jeremylong.openvulnerability.client.ghsa; - -import io.github.jeremylong.openvulnerability.client.HttpAsyncClientSupplier; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import java.time.ZonedDateTime; - -/** - * Used to build an GitHub SecurityAdvisory GraphQL API client. As the GitHubSecurityAdvisoryClient client is - * autocloseable the builder should be used in a try with resources: - * - * 
- * try (GitHubSecurityAdvisoryClient api = GitHubSecurityAdvisoryClientBuilder.aGitHubSecurityAdvisoryClient()
- *         .withApiKey(githubToken).build()) {
- *     while (api.hasNext()) {
- *         Collection<SecurityAdvisory> items = api.next();
- *     }
- * }
- *
- */ -public final class GitHubSecurityAdvisoryClientBuilder { - - /** - * Reference to the logger. - */ - private static final Logger LOG = LoggerFactory.getLogger(GitHubSecurityAdvisoryClientBuilder.class); - /** - * The GitHub SecurityAdvisory GraphQL API key. - */ - private String apiKey; - /** - * The endpoint for the GitHub GraphQL API. - */ - private String endpoint; - - /** - * The classification of the advisory ("GENERAL", "MALWARE") - */ - private String classifications; - /** - * The updatedSince filter. - */ - private ZonedDateTime updatedSince; - /** - * The publishedSince filter. - */ - private ZonedDateTime publishedSince; - private HttpAsyncClientSupplier httpClientSupplier; - /** - * The user agent to append to the default open-vulnerability-client's user-agent string - */ - private String userAgent; - - /** - * Private constructor for a builder. - */ - private GitHubSecurityAdvisoryClientBuilder() { - } - - /** - * Begin building the GitHub GraphQL for SecurityAdvisories Object. - * - * @return the builder - */ - public static GitHubSecurityAdvisoryClientBuilder aGitHubSecurityAdvisoryClient() { - return new GitHubSecurityAdvisoryClientBuilder(); - } - - /** - * Use an GitHub SecurityAdvisory GraphQL API key. - * - * @param apiKey the GitHub API key. - * @return the builder - */ - public GitHubSecurityAdvisoryClientBuilder withApiKey(String apiKey) { - this.apiKey = apiKey; - return this; - } - - /** - * Use an additional identifier as part of the User-Agent when making requests. - * - * @param userAgent the user agent string to append - * @return the builder - */ - public GitHubSecurityAdvisoryClientBuilder withAdditionalUserAgent(String userAgent) { - this.userAgent = userAgent; - return this; - } - - /** - * Use an alternative endpoint for the GitHub SecurityAdvisory GraphQL API. - * - * @param endpoint the endpoint for the GitHub SecurityAdvisory GraphQL API - * @return the builder - */ - public GitHubSecurityAdvisoryClientBuilder withEndpoint(String endpoint) { - this.endpoint = endpoint; - return this; - } - - /** - * The classification of the advisory ("GENERAL", "MALWARE") - * - * @param classifications the classification of the advisory - * @return the builder - */ - public GitHubSecurityAdvisoryClientBuilder withClassifications(String classifications) { - this.classifications = classifications; - return this; - } - - /** - * Filter for Security Advisories that have been updated since a specific date/time. - * - * @param utcUpdatedSince the UTC date time - * @return the builder - */ - public GitHubSecurityAdvisoryClientBuilder withUpdatedSinceFilter(ZonedDateTime utcUpdatedSince) { - updatedSince = utcUpdatedSince; - return this; - } - - /** - * Filter the results with a range of published since date/time. - * - * @param utcStartDate the UTC date time for the range start - * @return the builder - */ - public GitHubSecurityAdvisoryClientBuilder withPublishedSinceFilter(ZonedDateTime utcStartDate) { - publishedSince = utcStartDate; - return this; - } - - /** - * Provide a supplier for custom HTTP clients. - * - * @param httpClientSupplier supplier for custom HTTP clients; if {@code null} a default client will be used - * @return the builder - */ - public GitHubSecurityAdvisoryClientBuilder withHttpClientSupplier(HttpAsyncClientSupplier httpClientSupplier) { - this.httpClientSupplier = httpClientSupplier; - return this; - } - - /** - * Build the GitHub SecurityAdvisory GraphQL API client. - * - * @return the GitHub SecurityAdvisory GraphQL API client - */ - public GitHubSecurityAdvisoryClient build() { - GitHubSecurityAdvisoryClient client = new GitHubSecurityAdvisoryClient(apiKey, endpoint, httpClientSupplier, - userAgent); - if (classifications != null) { - client.setClassifications(classifications); - } - if (publishedSince != null) { - client.setPublishedSinceFilter(publishedSince); - } - if (updatedSince != null) { - client.setUpdatedSinceFilter(updatedSince); - } - return client; - } -} diff --git a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/GitHubSecurityAdvisoryException.java b/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/GitHubSecurityAdvisoryException.java deleted file mode 100644 index 0c6c484b..00000000 --- a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/GitHubSecurityAdvisoryException.java +++ /dev/null @@ -1,66 +0,0 @@ -/* - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * Copyright (c) 2022-2025 Jeremy Long. All Rights Reserved. - */ -package io.github.jeremylong.openvulnerability.client.ghsa; - -/** - * Exception thrown if there is a problem calling the GitHub GraphQL API for Security Advisories. - * - * @author Jeremy Long - */ -public class GitHubSecurityAdvisoryException extends RuntimeException { - /** - * Serialization version UID. - */ - private static final long serialVersionUID = -6615518803518244886L; - - /** - * Generate a new exception. - * - * @param message the message - */ - public GitHubSecurityAdvisoryException(String message) { - super(message); - } - - /** - * Generate a new exception. - * - * @param message the message - * @param cause the cause - */ - public GitHubSecurityAdvisoryException(String message, Throwable cause) { - super(message, cause); - } - - /** - * Generate a new exception. - * - * @param cause the cause - */ - public GitHubSecurityAdvisoryException(Throwable cause) { - super(cause); - } -} - -/* - * - * { securityAdvisory(nodeId: "MDU6U2VjdXJpdHlBZHZpc29yeTEyMzQ1Ng==") { id publishedAt updatedAt withdrawnAt severity - * severityReason reference permalink description origin vulnerableSoftware { package version } unsupportedPackages { - * name } identifiers { type value } advisories { nodes { id databaseId } } nonAffectingPackages { package } - * firstPatchedVersion { identifier } } } - * - */ \ No newline at end of file diff --git a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/Identifier.java b/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/Identifier.java deleted file mode 100644 index 218bcf59..00000000 --- a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/Identifier.java +++ /dev/null @@ -1,84 +0,0 @@ -/* - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * Copyright (c) 2023-2025 Jeremy Long. All Rights Reserved. - */ -package io.github.jeremylong.openvulnerability.client.ghsa; - -import com.fasterxml.jackson.annotation.JsonIgnoreProperties; -import com.fasterxml.jackson.annotation.JsonProperty; -import com.fasterxml.jackson.annotation.JsonPropertyOrder; - -import java.io.Serializable; -import java.util.Objects; - -/** - * A GitHub Security Advisory Identifier. - * - * 
- * type SecurityAdvisoryIdentifier
- *
- */ -@JsonIgnoreProperties(ignoreUnknown = true) -@JsonPropertyOrder({"type", "value"}) -public class Identifier implements Serializable { - - /** - * Serialization version UID. - */ - private static final long serialVersionUID = 2677992599612907844L; - @JsonProperty("type") - private String type; - - @JsonProperty("value") - private String value; - - /** - * The identifier type, e.g. GHSA, CVE. - * - * @return the identifier type. - */ - public String getType() { - return type; - } - - /** - * The identifier. - * - * @return the identifier. - */ - public String getValue() { - return value; - } - - @Override - public String toString() { - return "Identifier{" + "type='" + type + '\'' + ", value='" + value + '\'' + '}'; - } - - @Override - public boolean equals(Object o) { - if (this == o) - return true; - if (o == null || getClass() != o.getClass()) - return false; - Identifier that = (Identifier) o; - return Objects.equals(type, that.type) && Objects.equals(value, that.value); - } - - @Override - public int hashCode() { - return Objects.hash(type, value); - } -} diff --git a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/Package.java b/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/Package.java deleted file mode 100644 index 838a7333..00000000 --- a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/Package.java +++ /dev/null @@ -1,84 +0,0 @@ -/* - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * Copyright (c) 2023-2025 Jeremy Long. All Rights Reserved. - */ -package io.github.jeremylong.openvulnerability.client.ghsa; - -import com.fasterxml.jackson.annotation.JsonIgnoreProperties; -import com.fasterxml.jackson.annotation.JsonProperty; -import com.fasterxml.jackson.annotation.JsonPropertyOrder; - -import java.io.Serializable; -import java.util.Objects; - -/** - * An individual package. - * - * 
- * type SecurityAdvisoryPackage
- *
- */ -@JsonIgnoreProperties(ignoreUnknown = true) -@JsonPropertyOrder({"ecosystem", "name"}) -public class Package implements Serializable { - - /** - * Serialization version UID. - */ - private static final long serialVersionUID = -2621050823818486600L; - @JsonProperty("ecosystem") - private String ecosystem; - - @JsonProperty("name") - private String name; - - /** - * The ecosystem the package belongs to, e.g. RUBYGEMS, NPM. - * - * @return The ecosystem the package belongs. - */ - public String getEcosystem() { - return ecosystem; - } - - /** - * The package name. - * - * @return the package name. - */ - public String getName() { - return name; - } - - @Override - public String toString() { - return "Package{" + "ecosystem='" + ecosystem + '\'' + ", name='" + name + '\'' + '}'; - } - - @Override - public boolean equals(Object o) { - if (this == o) - return true; - if (o == null || getClass() != o.getClass()) - return false; - Package aPackage = (Package) o; - return Objects.equals(ecosystem, aPackage.ecosystem) && Objects.equals(name, aPackage.name); - } - - @Override - public int hashCode() { - return Objects.hash(ecosystem, name); - } -} diff --git a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/PackageVersion.java b/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/PackageVersion.java deleted file mode 100644 index 2545c340..00000000 --- a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/PackageVersion.java +++ /dev/null @@ -1,70 +0,0 @@ -/* - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * Copyright (c) 2023-2025 Jeremy Long. All Rights Reserved. - */ -package io.github.jeremylong.openvulnerability.client.ghsa; - -import com.fasterxml.jackson.annotation.JsonInclude; -import com.fasterxml.jackson.annotation.JsonInclude.Include; -import com.fasterxml.jackson.annotation.JsonProperty; - -import java.io.Serializable; -import java.util.Objects; - -/** - * An individual package version. - * - * 
- * type SecurityAdvisoryPackageVersion
- *
- */ -@JsonInclude(Include.NON_NULL) -public class PackageVersion implements Serializable { - - /** - * Serialization version UID. - */ - private static final long serialVersionUID = -4943323442084443993L; - @JsonProperty("identifier") - java.lang.String identifier; - - /** - * The package name or version - * @return the package name or version. - */ - public java.lang.String getIdentifier() { - return identifier; - } - - @Override - public String toString() { - return "PackageVersion{" + "identifier='" + identifier + '\'' + '}'; - } - - @Override - public boolean equals(Object o) { - if (this == o) - return true; - if (o == null || getClass() != o.getClass()) - return false; - PackageVersion that = (PackageVersion) o; - return Objects.equals(identifier, that.identifier); - } - - @Override - public int hashCode() { - return Objects.hash(identifier); - } -} diff --git a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/PageInfo.java b/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/PageInfo.java deleted file mode 100644 index d0fbc154..00000000 --- a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/PageInfo.java +++ /dev/null @@ -1,108 +0,0 @@ -/* - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * Copyright (c) 2023-2025 Jeremy Long. All Rights Reserved. - */ -package io.github.jeremylong.openvulnerability.client.ghsa; - -import com.fasterxml.jackson.annotation.JsonIgnoreProperties; -import com.fasterxml.jackson.annotation.JsonProperty; - -import java.io.Serializable; -import java.util.Objects; - -/** - * Information about pagination in a connection. - * - * 
- * type PageInfo
- *
- */ -@JsonIgnoreProperties(ignoreUnknown = true) -public class PageInfo implements Serializable { - - /** - * Serialization version UID. - */ - private static final long serialVersionUID = 3732350657963712960L; - @JsonProperty("edgeshasNextPage") - private boolean hasNextPage; - - @JsonProperty("hasPreviousPage") - private boolean hasPreviousPage; - - @JsonProperty("endCursor") - private String endCursor; - - @JsonProperty("startCursor") - private String startCursor; - - /** - * When paginating forwards, are there more items? - * - * @return true if more pages exist; otherwise false. - */ - public boolean isHasNextPage() { - return hasNextPage; - } - - /** - * When paginating backwards, are there more items? - * - * @return true if previous pages exist; otherwise false. - */ - public boolean isHasPreviousPage() { - return hasPreviousPage; - } - - /** - * When paginating forwards, the cursor to continue. - * - * @return the cursor. - */ - public String getEndCursor() { - return endCursor; - } - - /** - * When paginating backwards, the cursor to continue. - * - * @return the cursor. - */ - public String getStartCursor() { - return startCursor; - } - - @Override - public String toString() { - return "PageInfo{" + "hasNextPage=" + hasNextPage + ", hasPreviousPage=" + hasPreviousPage + ", endCursor='" - + endCursor + '\'' + ", startCursor='" + startCursor + '\'' + '}'; - } - - @Override - public boolean equals(Object o) { - if (this == o) - return true; - if (o == null || getClass() != o.getClass()) - return false; - PageInfo pageInfo = (PageInfo) o; - return hasNextPage == pageInfo.hasNextPage && hasPreviousPage == pageInfo.hasPreviousPage - && Objects.equals(endCursor, pageInfo.endCursor) && Objects.equals(startCursor, pageInfo.startCursor); - } - - @Override - public int hashCode() { - return Objects.hash(hasNextPage, hasPreviousPage, endCursor, startCursor); - } -} diff --git a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/RateLimit.java b/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/RateLimit.java deleted file mode 100644 index 9ac4dc35..00000000 --- a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/RateLimit.java +++ /dev/null @@ -1,111 +0,0 @@ -/* - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * Copyright (c) 2023-2025 Jeremy Long. All Rights Reserved. - */ -package io.github.jeremylong.openvulnerability.client.ghsa; - -import com.fasterxml.jackson.annotation.JsonFormat; -import com.fasterxml.jackson.annotation.JsonIgnoreProperties; -import com.fasterxml.jackson.annotation.JsonProperty; - -import java.io.Serializable; -import java.time.ZonedDateTime; -import java.util.Objects; - -/** - * Represents the client's rate limit. - * - * 
- * type RateLimit
- *
- */ -@JsonIgnoreProperties(ignoreUnknown = true) -public class RateLimit implements Serializable { - - /** - * Serialization version UID. - */ - private static final long serialVersionUID = 1073162886358976399L; - @JsonProperty("limit") - private int limit; - - @JsonProperty("cost") - private int cost; - - @JsonProperty("remaining") - private int remaining; - - @JsonProperty("resetAt") - @JsonFormat(pattern = "uuu-MM-dd'T'HH:mm:ssX", timezone = "UTC") - private ZonedDateTime resetAt;// : 2023-02-11T14:04:20Z - - /** - * The maximum number of points the client is permitted to consume in a 60-minute window. - * - * @return the limit. - */ - public int getLimit() { - return limit; - } - - /** - * The point cost for the current query counting against the rate limit. - * - * @return the cost. - */ - public int getCost() { - return cost; - } - - /** - * The number of points remaining in the current rate limit window. - * - * @return the remaining points. - */ - public int getRemaining() { - return remaining; - } - - /** - * The time at which the current rate limit window resets in UTC epoch seconds. - * - * @return the time the rate limit window will reset. - */ - public ZonedDateTime getResetAt() { - return resetAt; - } - - @Override - public String toString() { - return "RateLimit{" + "limit=" + limit + ", cost=" + cost + ", remaining=" + remaining + ", resetAt=" + resetAt - + '}'; - } - - @Override - public boolean equals(Object o) { - if (this == o) - return true; - if (o == null || getClass() != o.getClass()) - return false; - RateLimit rateLimit = (RateLimit) o; - return limit == rateLimit.limit && cost == rateLimit.cost && remaining == rateLimit.remaining - && Objects.equals(resetAt, rateLimit.resetAt); - } - - @Override - public int hashCode() { - return Objects.hash(limit, cost, remaining, resetAt); - } -} diff --git a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/Reference.java b/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/Reference.java deleted file mode 100644 index 551e3ba1..00000000 --- a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/Reference.java +++ /dev/null @@ -1,70 +0,0 @@ -/* - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * Copyright (c) 2023-2025 Jeremy Long. All Rights Reserved. - */ -package io.github.jeremylong.openvulnerability.client.ghsa; - -import com.fasterxml.jackson.annotation.JsonIgnoreProperties; -import com.fasterxml.jackson.annotation.JsonProperty; - -import java.io.Serializable; -import java.util.Objects; - -/** - * A GitHub Security Advisory Reference. - * - * 
- * type SecurityAdvisoryReference
- *
- */ -@JsonIgnoreProperties(ignoreUnknown = true) -public class Reference implements Serializable { - - /** - * Serialization version UID. - */ - private static final long serialVersionUID = 1985278256776999313L; - @JsonProperty("url") - private String url; - - /** - * Returns a publicly accessible reference. - * - * @return a publicly accessible reference. - */ - public String getUrl() { - return url; - } - - @Override - public String toString() { - return "Reference{" + "url='" + url + '\'' + '}'; - } - - @Override - public boolean equals(Object o) { - if (this == o) - return true; - if (o == null || getClass() != o.getClass()) - return false; - Reference reference = (Reference) o; - return Objects.equals(url, reference.url); - } - - @Override - public int hashCode() { - return Objects.hash(url); - } -} diff --git a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/SecurityAdvisories.java b/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/SecurityAdvisories.java deleted file mode 100644 index 8801f506..00000000 --- a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/SecurityAdvisories.java +++ /dev/null @@ -1,189 +0,0 @@ -/* - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * Copyright (c) 2023-2025 Jeremy Long. All Rights Reserved. - */ -package io.github.jeremylong.openvulnerability.client.ghsa; - -import com.fasterxml.jackson.annotation.JsonIgnore; -import com.fasterxml.jackson.annotation.JsonIgnoreProperties; -import com.fasterxml.jackson.annotation.JsonProperty; - -import java.io.Serializable; -import java.util.List; -import java.util.Objects; - -@JsonIgnoreProperties(ignoreUnknown = true) -public class SecurityAdvisories implements Serializable { - - /** - * Serialization version UID. - */ - private static final long serialVersionUID = -7829868528353680425L; - @JsonProperty(value = "data", access = JsonProperty.Access.WRITE_ONLY) - private Data data; - - /** - * Returns the current rate limit information. - * - * @return the rate limit. - */ - @JsonIgnore - RateLimit getRateLimit() { - if (data == null) { - return null; - } - return data.rateLimit; - } - - /** - * Returns the list of security advisories. - * - * @return the security advisories. - */ - public List getSecurityAdvisories() { - if (data == null || data.securityAdvisories == null) { - return null; - } - return data.securityAdvisories.nodes; - } - - void setSecurityAdvisories(List advisories) { - if (data == null) { - data = new Data(); - data.securityAdvisories = new Advisories(); - } - data.securityAdvisories.nodes = advisories; - } - - /** - * Returns the current page info. - * - * @return the page info. - */ - @JsonIgnore - PageInfo getPageInfo() { - if (data == null || data.securityAdvisories == null) { - return null; - } - return data.securityAdvisories.getPageInfo(); - } - - /** - * The total count of security advisories. - * - * @return the total count. - */ - @JsonIgnore - public int getTotalCount() { - if (data == null || data.securityAdvisories == null) { - return 0; - } - return data.securityAdvisories.getTotalCount(); - } - - @Override - public String toString() { - if (data == null) { - return ""; - } - return data.toString(); - } - - @Override - public boolean equals(Object o) { - if (this == o) - return true; - if (o == null || getClass() != o.getClass()) - return false; - SecurityAdvisories that = (SecurityAdvisories) o; - return Objects.equals(data, that.data); - } - - @Override - public int hashCode() { - return Objects.hash(data); - } - - /** - * Internal data object. - */ - @JsonIgnoreProperties(ignoreUnknown = true) - static class Data implements Serializable { - /** - * Serialization version UID. - */ - private static final long serialVersionUID = 4441909076655785290L; - @JsonProperty("rateLimit") - private RateLimit rateLimit; - @JsonProperty("securityAdvisories") - private Advisories securityAdvisories; - - @Override - public String toString() { - return "Data{" + "rateLimit=" + rateLimit + ", securityAdvisories=" + securityAdvisories + '}'; - } - - @Override - public boolean equals(Object o) { - if (this == o) - return true; - if (o == null || getClass() != o.getClass()) - return false; - Data data = (Data) o; - return Objects.equals(rateLimit, data.rateLimit) - && Objects.equals(securityAdvisories, data.securityAdvisories); - } - - @Override - public int hashCode() { - return Objects.hash(rateLimit, securityAdvisories); - } - } - - /** - * internal security advisories. - */ - @JsonIgnoreProperties(ignoreUnknown = true) - static class Advisories extends AbstractPageable implements Serializable { - - /** - * Serialization version UID. - */ - private static final long serialVersionUID = 9126577085167634044L; - @JsonProperty("nodes") - private List nodes; - - @Override - public String toString() { - return "SecurityAdvisories{" + "nodes=" + nodes + '}'; - } - - @Override - public boolean equals(Object o) { - if (this == o) - return true; - if (o == null || getClass() != o.getClass()) - return false; - Advisories that = (Advisories) o; - return Objects.equals(nodes, that.nodes); - } - - @Override - public int hashCode() { - return Objects.hash(nodes); - } - } - -} diff --git a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/SecurityAdvisory.java b/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/SecurityAdvisory.java deleted file mode 100644 index db694fe4..00000000 --- a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/SecurityAdvisory.java +++ /dev/null @@ -1,322 +0,0 @@ -/* - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * Copyright (c) 2023-2025 Jeremy Long. All Rights Reserved. - */ -package io.github.jeremylong.openvulnerability.client.ghsa; - -import com.fasterxml.jackson.annotation.JsonFormat; -import com.fasterxml.jackson.annotation.JsonIgnoreProperties; -import com.fasterxml.jackson.annotation.JsonProperty; -import com.fasterxml.jackson.annotation.JsonPropertyOrder; -import edu.umd.cs.findbugs.annotations.SuppressFBWarnings; - -import java.io.Serializable; -import java.time.ZonedDateTime; -import java.util.List; -import java.util.Objects; - -@JsonIgnoreProperties(ignoreUnknown = true) -@JsonPropertyOrder({"databaseId", "description", "ghsaId", "id", "identifiers", "notificationsPermalink", "origin", - "permalink", "publishedAt", "references", "severity", "summary", "updatedAt", "vulnerabilities", - "classification", "cvss", "cvssSeverities", "cwes", "withdrawnAt"}) -public class SecurityAdvisory implements Serializable { - - /** - * Serialization version UID. - */ - private static final long serialVersionUID = -2165773800065764867L; - - @JsonProperty("databaseId") - private int databaseId; - - @JsonProperty("description") - private String description; - - @JsonProperty("ghsaId") - private String ghsaId; - - @JsonProperty("id") - private String id; - - @JsonProperty("identifiers") - private List identifiers; - - @JsonProperty("notificationsPermalink") - private String notificationsPermalink; - - @JsonProperty("origin") - private String origin; - - @JsonProperty("permalink") - private String permalink; - - @JsonProperty("publishedAt") - @JsonFormat(pattern = "uuuu-MM-dd'T'HH:mm:ssX", timezone = "UTC") - private ZonedDateTime publishedAt; - - @JsonProperty("references") - private List references; - - @JsonProperty("severity") - private Severity severity; - - @JsonProperty("summary") - private String summary; - - @JsonProperty("updatedAt") - @JsonFormat(pattern = "uuuu-MM-dd'T'HH:mm:ssX", timezone = "UTC") - private ZonedDateTime updatedAt; - - @JsonProperty("withdrawnAt") - @JsonFormat(pattern = "uuuu-MM-dd'T'HH:mm:ssX", timezone = "UTC") - private ZonedDateTime withdrawnAt; - - @JsonProperty("classification") - private String classification; - - // https://docs.github.com/en/graphql/overview/breaking-changes#changes-scheduled-for-2025-10-01 - // cvss will be removed at 2025-10-01. - // New cvssSeverities field will now contain both cvssV3 and cvssV4 properties. - @Deprecated(forRemoval = true) - @JsonProperty("cvss") - private CVSS cvss; - - @JsonProperty("cvssSeverities") - private CVSSSeverities cvssSeverities; - - @JsonProperty(value = "cwes") - private CWEs cwes; - - @JsonProperty(value = "vulnerabilities") - private Vulnerabilities vulnerabilities; - - /** - * Identifies the primary key from the database. - * - * @return the primary key from the database. - */ - public int getDatabaseId() { - return databaseId; - } - - /** - * This is a long plaintext description of the advisory - * - * @return the description. - */ - public String getDescription() { - return description; - } - - /** - * The GitHub Security Advisory ID - * - * @return the GitHub Security Advisory ID. - */ - public String getGhsaId() { - return ghsaId; - } - - /** - * The id of the advisory. - * - * @return the id. - */ - public String getId() { - return id; - } - - /** - * A list of identifiers for this advisory. - * - * @return a list of identifiers for this advisory. - */ - @SuppressFBWarnings(value = {"EI_EXPOSE_REP", - "EI_EXPOSE_REP2"}, justification = "I prefer to suppress these FindBugs warnings") - public List getIdentifiers() { - return identifiers; - } - - /** - * The permalink for the advisory's dependabot alerts page. - * - * @return the permalink for the advisory's dependabot alerts page. - */ - public String getNotificationsPermalink() { - return notificationsPermalink; - } - - /** - * The organization that originated the advisory. - * - * @return the organization that originated the advisory. - */ - public String getOrigin() { - return origin; - } - - /** - * The permalink for the advisory. - * - * @return the permalink for the advisory. - */ - public String getPermalink() { - return permalink; - } - - /** - * When the advisory was published. - * - * @return when the advisory was published. - */ - public ZonedDateTime getPublishedAt() { - return publishedAt; - } - - /** - * A list of references for this advisory. - * - * @return a list of references for this advisory. - */ - @SuppressFBWarnings(value = {"EI_EXPOSE_REP", - "EI_EXPOSE_REP2"}, justification = "I prefer to suppress these FindBugs warnings") - public List getReferences() { - return references; - } - - /** - * The severity of the advisory. - * - * @return the severity of the advisory. - */ - public Severity getSeverity() { - return severity; - } - - /** - * A short plaintext summary of the advisory. - * - * @return a short plaintext summary of the advisory. - */ - public String getSummary() { - return summary; - } - - /** - * When the advisory was last updated. - * - * @return when the advisory was last updated - */ - public ZonedDateTime getUpdatedAt() { - return updatedAt; - } - - /** - * When the advisory was withdrawn, if it has been withdrawn. - * - * @return when the advisory was withdrawn, if it has been withdrawn - */ - public ZonedDateTime getWithdrawnAt() { - return withdrawnAt; - } - - /** - * The classification of the advisory. type, e.g. GENERAL, MALWARE. - * - * @return the classification of the advisory. - */ - public String getClassification() { - return classification; - } - - /** - * The CVSS associated with this advisory. - * - * @return the CVSS associated with this advisory. - */ - @Deprecated(forRemoval = true) - public CVSS getCvss() { - return cvss; - } - - /** - * The CVSS associated with this advisory. - * - * @return the CVSS associated with this advisory. - */ - public CVSSSeverities getCvssSeverities() { - return cvssSeverities; - } - - /** - * Returns CWE Page associated with this Advisory. - * - * @return CWEs associated with this Advisory. - */ - @SuppressFBWarnings(value = {"EI_EXPOSE_REP", - "EI_EXPOSE_REP2"}, justification = "I prefer to suppress these FindBugs warnings") - public CWEs getCwes() { - return cwes; - } - - /** - * The vulnerable packages associated with the advisory. - * - * @return the vulnerable packages associated with the advisory. - */ - @SuppressFBWarnings(value = {"EI_EXPOSE_REP", - "EI_EXPOSE_REP2"}, justification = "I prefer to suppress these FindBugs warnings") - public Vulnerabilities getVulnerabilities() { - return vulnerabilities; - } - - @Override - public String toString() { - return "SecurityAdvisory{" + "databaseId=" + databaseId + ", description='" + description + '\'' + ", ghsaId='" - + ghsaId + '\'' + ", id='" + id + '\'' + ", identifiers=" + identifiers + ", notificationsPermalink='" - + notificationsPermalink + '\'' + ", origin='" + origin + '\'' + ", permalink='" + permalink + '\'' - + ", publishedAt=" + publishedAt + ", references=" + references + ", severity=" + severity - + ", summary='" + summary + '\'' + ", updatedAt=" + updatedAt + ", withdrawnAt=" + withdrawnAt - + ", classification=" + classification + ", cvss=" + cvss + ", cvssSeverities=" + cvssSeverities - + ", cwes=" + cwes + ", vulnerabilities=" + vulnerabilities + '}'; - } - - @Override - public boolean equals(Object o) { - if (this == o) - return true; - if (o == null || getClass() != o.getClass()) - return false; - SecurityAdvisory that = (SecurityAdvisory) o; - return databaseId == that.databaseId && Objects.equals(description, that.description) - && Objects.equals(ghsaId, that.ghsaId) && Objects.equals(id, that.id) - && Objects.equals(identifiers, that.identifiers) - && Objects.equals(notificationsPermalink, that.notificationsPermalink) - && Objects.equals(origin, that.origin) && Objects.equals(permalink, that.permalink) - && Objects.equals(publishedAt, that.publishedAt) && Objects.equals(references, that.references) - && severity == that.severity && Objects.equals(summary, that.summary) - && Objects.equals(updatedAt, that.updatedAt) && Objects.equals(withdrawnAt, that.withdrawnAt) - && Objects.equals(classification, that.classification) && Objects.equals(cvss, that.cvss) - && Objects.equals(cvssSeverities, that.cvssSeverities) && Objects.equals(cwes, that.cwes) - && Objects.equals(vulnerabilities, that.vulnerabilities); - } - - @Override - public int hashCode() { - return Objects.hash(databaseId, description, ghsaId, id, identifiers, notificationsPermalink, origin, permalink, - publishedAt, references, severity, summary, updatedAt, withdrawnAt, classification, cvss, - cvssSeverities, cwes, vulnerabilities); - } -} diff --git a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/SecurityAdvisoryResponse.java b/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/SecurityAdvisoryResponse.java deleted file mode 100644 index 79239b75..00000000 --- a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/SecurityAdvisoryResponse.java +++ /dev/null @@ -1,160 +0,0 @@ -/* - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * Copyright (c) 2023-2025 Jeremy Long. All Rights Reserved. - */ -package io.github.jeremylong.openvulnerability.client.ghsa; - -import com.fasterxml.jackson.annotation.JsonIgnoreProperties; -import com.fasterxml.jackson.annotation.JsonProperty; - -import java.io.Serializable; -import java.util.List; -import java.util.Objects; - -/** - * Internal class used to gather additional vulnerabilities if a security advisory has more than 100 entries. - */ -@JsonIgnoreProperties(ignoreUnknown = true) -class SecurityAdvisoryResponse implements Serializable { - - /** - * Serialization version UID. - */ - private static final long serialVersionUID = 8674460088378561016L; - - @JsonProperty("data") - private Data data; - - /** - * Returns the current rate limit information. - * - * @return the rate limit. - */ - public RateLimit getRateLimit() { - return data.rateLimit; - } - - /** - * Returns the security advisory. - * - * @return the security advisory. - */ - public SecurityAdvisory getSecurityAdvisory() { - return data.securityAdvisory; - } - - @Override - public String toString() { - if (data == null) { - return ""; - } - return data.toString(); - } - - @Override - public boolean equals(Object o) { - if (this == o) - return true; - if (o == null || getClass() != o.getClass()) - return false; - SecurityAdvisoryResponse that = (SecurityAdvisoryResponse) o; - return Objects.equals(data, that.data); - } - - @Override - public int hashCode() { - return Objects.hash(data); - } - - /** - * Internal data object. - */ - @JsonIgnoreProperties(ignoreUnknown = true) - static class Data implements Serializable { - - /** - * Serialization version UID. - */ - private static final long serialVersionUID = 2397807130637898816L; - - @JsonProperty("rateLimit") - private RateLimit rateLimit; - @JsonProperty("securityAdvisory") - private SecurityAdvisory securityAdvisory; - - @Override - public String toString() { - return "Data{" + "rateLimit=" + rateLimit + ", securityAdvisory=" + securityAdvisory + '}'; - } - - @Override - public boolean equals(Object o) { - if (this == o) - return true; - if (o == null || getClass() != o.getClass()) - return false; - Data data = (Data) o; - return Objects.equals(rateLimit, data.rateLimit) && Objects.equals(securityAdvisory, data.securityAdvisory); - } - - @Override - public int hashCode() { - return Objects.hash(rateLimit, securityAdvisory); - } - } - - /** - * internal security advisories. - */ - @JsonIgnoreProperties(ignoreUnknown = true) - static class SecurityAdvisories implements Serializable { - - /** - * Serialization version UID. - */ - private static final long serialVersionUID = 8768713070922340781L; - - @JsonProperty("nodes") - private List nodes; - - @JsonProperty("totalCount") - private int totalCount; - - @JsonProperty("pageInfo") - private PageInfo pageInfo; - - @Override - public String toString() { - return "Advisories{" + "nodes=" + nodes + ", totalCount=" + totalCount + ", pageInfo=" + pageInfo + '}'; - } - - @Override - public boolean equals(Object o) { - if (this == o) - return true; - if (o == null || getClass() != o.getClass()) - return false; - SecurityAdvisories that = (SecurityAdvisories) o; - return totalCount == that.totalCount && Objects.equals(nodes, that.nodes) - && Objects.equals(pageInfo, that.pageInfo); - } - - @Override - public int hashCode() { - return Objects.hash(nodes, totalCount, pageInfo); - } - } - -} diff --git a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/Severity.java b/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/Severity.java deleted file mode 100644 index e482db9a..00000000 --- a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/Severity.java +++ /dev/null @@ -1,64 +0,0 @@ -/* - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * Copyright (c) 2023-2025 Jeremy Long. All Rights Reserved. - */ -package io.github.jeremylong.openvulnerability.client.ghsa; - -/** - * Severity of the vulnerability. - * - * 
- * enum SecurityAdvisorySeverity
- *
- */ -public enum Severity { - - CRITICAL("CRITICAL"), HIGH("HIGH"), LOW("LOW"), MODERATE("MODERATE"); - - private final String value; - - Severity(String graphQlValue) { - this.value = graphQlValue; - } - - /** - * Returns the enum constant of this type with the specified name. - * - * @param value the value. - * @return the enum constant with the specified name. - * @throws IllegalArgumentException if this enum type has no constant with the specified GraphQL name - */ - static public Severity fromValue(String value) { - if (value == null) { - return null; - } - for (Severity e : Severity.values()) { - if (e.value().equals(value)) { - return e; - } - } - throw new IllegalArgumentException("No Severity exists with '" + value + "' as a value"); - } - - /** - * Returns the value of this constant. - * - * @return the enum constant with the specified name. - */ - public String value() { - return value; - } - -} diff --git a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/SimpleFutureResponse.java b/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/SimpleFutureResponse.java deleted file mode 100644 index 7cc34c77..00000000 --- a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/SimpleFutureResponse.java +++ /dev/null @@ -1,46 +0,0 @@ -/* - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * Copyright (c) 2023-2025 Jeremy Long. All Rights Reserved. - */ -package io.github.jeremylong.openvulnerability.client.ghsa; - -import org.apache.hc.client5.http.async.methods.SimpleHttpResponse; -import org.apache.hc.core5.concurrent.FutureCallback; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -/** - * Future response. - */ -class SimpleFutureResponse implements FutureCallback { - /** - * Reference to the logger. - */ - private final Logger log = LoggerFactory.getLogger(SimpleFutureResponse.class); - - @Override - public void completed(SimpleHttpResponse result) { - } - - @Override - public void failed(Exception ex) { - log.debug("request failed", ex); - } - - @Override - public void cancelled() { - // do nothing - } -} diff --git a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/Vulnerabilities.java b/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/Vulnerabilities.java deleted file mode 100644 index 989e12ca..00000000 --- a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/Vulnerabilities.java +++ /dev/null @@ -1,70 +0,0 @@ -/* - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * Copyright (c) 2023-2025 Jeremy Long. All Rights Reserved. - */ -package io.github.jeremylong.openvulnerability.client.ghsa; - -import com.fasterxml.jackson.annotation.JsonIgnore; -import com.fasterxml.jackson.annotation.JsonIgnoreProperties; -import com.fasterxml.jackson.annotation.JsonProperty; -import edu.umd.cs.findbugs.annotations.SuppressFBWarnings; - -import java.io.Serializable; -import java.util.List; -import java.util.Objects; - -@JsonIgnoreProperties(ignoreUnknown = true) -public class Vulnerabilities extends AbstractPageable implements Serializable { - - /** - * Serialization version UID. - */ - private static final long serialVersionUID = 8316863821743858477L; - - @JsonProperty("edges") - private List vulnerabilities; - - @SuppressFBWarnings(value = {"EI_EXPOSE_REP", - "EI_EXPOSE_REP2"}, justification = "I prefer to suppress these FindBugs warnings") - @JsonIgnore - public List getEdges() { - return vulnerabilities; - } - - boolean addAllVulnerabilities(List v) { - return vulnerabilities.addAll(v); - } - - @Override - public String toString() { - return "Vulnerabilities{" + "vulnerabilities=" + vulnerabilities + '}'; - } - - @Override - public boolean equals(Object o) { - if (this == o) - return true; - if (o == null || getClass() != o.getClass()) - return false; - Vulnerabilities that = (Vulnerabilities) o; - return Objects.equals(vulnerabilities, that.vulnerabilities); - } - - @Override - public int hashCode() { - return Objects.hash(vulnerabilities); - } - -} diff --git a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/Vulnerability.java b/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/Vulnerability.java deleted file mode 100644 index f21bf0ec..00000000 --- a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/ghsa/Vulnerability.java +++ /dev/null @@ -1,257 +0,0 @@ -/* - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * Copyright (c) 2023-2025 Jeremy Long. All Rights Reserved. - */ -package io.github.jeremylong.openvulnerability.client.ghsa; - -import com.fasterxml.jackson.annotation.JsonIgnoreProperties; -import com.fasterxml.jackson.annotation.JsonProperty; -import com.fasterxml.jackson.annotation.JsonPropertyOrder; - -import java.io.Serializable; -import java.time.ZonedDateTime; -import java.util.Objects; - -/** - * A GitHub Security Advisory Identifier. - * - * 
- * type SecurityAdvisoryIdentifier
- *
- */ -@JsonIgnoreProperties(ignoreUnknown = true) -@JsonPropertyOrder({"severity", "updatedAt", "firstPatchedVersion", "vulnerableVersionRange", "package"}) -public class Vulnerability implements Serializable { - - /** - * Serialization version UID. - */ - private static final long serialVersionUID = -7379296334249178368L; - @JsonProperty(value = "node", access = JsonProperty.Access.WRITE_ONLY) - private VulnerabilityRecord node; - - /** - * The first version containing a fix for the vulnerability. - * - * @return the first version containing a fix for the vulnerability. - */ - @JsonProperty(value = "firstPatchedVersion") - public PackageVersion getFirstPatchedVersion() { - if (node == null) { - return null; - } - return node.firstPatchedVersion; - } - - /** - * Internal setter for deserialization. - * - * @param packageVersion the version. - */ - @JsonProperty(value = "firstPatchedVersion") - void setFirstPatchedVersion(PackageVersion packageVersion) { - if (node == null) { - node = new VulnerabilityRecord(); - } - node.firstPatchedVersion = packageVersion; - } - - /** - * A description of the vulnerable package. - * - * @return a description of the vulnerable package. - */ - @JsonProperty(value = "package") - public Package getPackage() { - if (node == null) { - return null; - } - return node.pkg; - } - - /** - * Internal setter for deserialization. - * - * @param pkg the package - */ - @JsonProperty(value = "package") - void setPackage(Package pkg) { - if (node == null) { - node = new VulnerabilityRecord(); - } - node.pkg = pkg; - } - - /** - * The severity of the vulnerability within this package. - * - * @return the severity of the vulnerability within this package. - */ - @JsonProperty(value = "severity") - public Severity getSeverity() { - if (node == null) { - return null; - } - return node.severity; - } - - /** - * Internal setter for deserialization. - * - * @param severity severity - */ - @JsonProperty(value = "severity") - void setSeverity(Severity severity) { - if (node == null) { - node = new VulnerabilityRecord(); - } - node.severity = severity; - } - - /** - * When the vulnerability was last updated. - * - * @return when the vulnerability was last updated. - */ - @JsonProperty(value = "updatedAt") - public ZonedDateTime getUpdatedAt() { - if (node == null) { - return null; - } - return node.updatedAt; - } - - /** - * Internal setter for deserialization. - * - * @param updatedAt updated date time - */ - @JsonProperty(value = "updatedAt") - void setUpdatedAt(ZonedDateTime updatedAt) { - if (node == null) { - node = new VulnerabilityRecord(); - } - node.updatedAt = updatedAt; - } - - /** - * A string that describes the vulnerable package versions. This string follows a basic syntax with a few forms. - * - * 
-     *   `= 0.2.0` denotes a single vulnerable version.
-     *   `>= 1.0.8` denotes a version range up to and including the specified version
-     *   `< 0.1.11` denotes a version range up to, but excluding, the specified version
-     *   `>= 4.3.0, < 4.3.5` denotes a version range with a known minimum and maximum version.
-     *   `>= 0.0.1` denotes a version range with a known minimum, but no known maximum
-     *
- * - * @return the range. - */ - @JsonProperty(value = "vulnerableVersionRange") - public String getVulnerableVersionRange() { - if (node == null) { - return null; - } - return node.vulnerableVersionRange; - } - - /** - * Internal setter for deserialization. - * - * @param range the range - */ - @JsonProperty(value = "vulnerableVersionRange") - void setVulnerableVersionRange(String range) { - if (node == null) { - node = new VulnerabilityRecord(); - } - node.vulnerableVersionRange = range; - } - - @Override - public String toString() { - return "Vulnerability[" + node + ']'; - } - - @Override - public boolean equals(Object o) { - if (this == o) - return true; - if (o == null || getClass() != o.getClass()) - return false; - Vulnerability that = (Vulnerability) o; - return Objects.equals(node, that.node); - } - - @Override - public int hashCode() { - return Objects.hash(node); - } - - /** - * An individual vulnerability within an Advisory. - * - * 
-     * type SecurityVulnerability
-     *
- */ - @JsonIgnoreProperties(ignoreUnknown = true) - static class VulnerabilityRecord implements Serializable { - - /** - * Serialization version UID. - */ - private static final long serialVersionUID = -3820979074950827855L; - - @JsonProperty("firstPatchedVersion") - private PackageVersion firstPatchedVersion; - - @JsonProperty("package") - private Package pkg; - - @JsonProperty("severity") - private Severity severity; - - @JsonProperty("updatedAt") - private ZonedDateTime updatedAt; - - @JsonProperty("vulnerableVersionRange") - private String vulnerableVersionRange; - - @Override - public String toString() { - return "VulnerabilityRecord{" + "firstPatchedVersion=" + firstPatchedVersion + ", pkg=" + pkg - + ", severity=" + severity + ", updatedAt=" + updatedAt + ", vulnerableVersionRange='" - + vulnerableVersionRange + '\'' + '}'; - } - - @Override - public boolean equals(Object o) { - if (this == o) - return true; - if (o == null || getClass() != o.getClass()) - return false; - VulnerabilityRecord that = (VulnerabilityRecord) o; - return Objects.equals(firstPatchedVersion, that.firstPatchedVersion) && Objects.equals(pkg, that.pkg) - && severity == that.severity && Objects.equals(updatedAt, that.updatedAt) - && Objects.equals(vulnerableVersionRange, that.vulnerableVersionRange); - } - - @Override - public int hashCode() { - return Objects.hash(firstPatchedVersion, pkg, severity, updatedAt, vulnerableVersionRange); - } - } -} diff --git a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/kev/KevCatalog.java b/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/kev/KevCatalog.java deleted file mode 100644 index 182babe2..00000000 --- a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/kev/KevCatalog.java +++ /dev/null @@ -1,71 +0,0 @@ -/* - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * Copyright (c) 2023-2025 Jeremy Long. All Rights Reserved. - */ -package io.github.jeremylong.openvulnerability.client.kev; - -import com.fasterxml.jackson.annotation.JsonFormat; -import com.fasterxml.jackson.annotation.JsonIgnoreProperties; -import com.fasterxml.jackson.annotation.JsonProperty; -import com.fasterxml.jackson.annotation.JsonPropertyOrder; -import edu.umd.cs.findbugs.annotations.SuppressFBWarnings; - -import java.io.Serializable; -import java.time.ZonedDateTime; -import java.util.List; - -@JsonIgnoreProperties(ignoreUnknown = true) -@JsonPropertyOrder({"cve", "epss", "percentile"}) -public class KevCatalog implements Serializable { - - /** - * Serialization version UID. - */ - private static final long serialVersionUID = 3682701556631237639L; - @JsonProperty("vulnerabilities") - List vulnerabilities; - @JsonProperty("title") - private String title; - @JsonProperty("catalogVersion") - private String catalogVersion; - @JsonFormat(pattern = "uuuu-MM-dd'T'HH:mm:ss[.[SSSSSSSSS][SSSSSSSS][SSSSSSS][SSSSSS][SSSSS][SSSS][SSS][SS][S]]X", timezone = "UTC") - @JsonProperty("dateReleased") - private ZonedDateTime dateReleased; - @JsonProperty("count") - private int count; - - @SuppressFBWarnings(value = {"EI_EXPOSE_REP", - "EI_EXPOSE_REP2"}, justification = "I prefer to suppress these FindBugs warnings") - public List getVulnerabilities() { - return vulnerabilities; - } - - public String getTitle() { - return title; - } - - public String getCatalogVersion() { - return catalogVersion; - } - - @JsonFormat(pattern = "uuuu-MM-dd'T'HH:mm:ssX", timezone = "UTC") - public ZonedDateTime getDateReleased() { - return dateReleased; - } - - public int getCount() { - return count; - } -} diff --git a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/kev/KevDataFeed.java b/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/kev/KevDataFeed.java deleted file mode 100644 index d75fdda4..00000000 --- a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/kev/KevDataFeed.java +++ /dev/null @@ -1,75 +0,0 @@ -/* - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * Copyright (c) 2023-2025 Jeremy Long. All Rights Reserved. - */ -package io.github.jeremylong.openvulnerability.client.kev; - -import com.fasterxml.jackson.core.JsonProcessingException; -import com.fasterxml.jackson.databind.ObjectMapper; -import com.fasterxml.jackson.datatype.jsr310.JavaTimeModule; -import io.github.jeremylong.openvulnerability.client.DataFeed; -import io.github.jeremylong.openvulnerability.client.HttpClientSupplier; -import org.apache.hc.client5.http.classic.methods.HttpGet; -import org.apache.hc.client5.http.impl.classic.BasicHttpClientResponseHandler; -import org.apache.hc.client5.http.impl.classic.CloseableHttpClient; - -import java.io.IOException; - -/** - * Data Feed for the CISA Known Exploited Vulnerabilities Catalog. - * - * @see https://www.cisa.gov/known-exploited-vulnerabilities-catalog - */ -public class KevDataFeed implements DataFeed { - private final static String DEFAULT_LOCATION = "https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json"; - /** - * Jackson object mapper. - */ - private final ObjectMapper objectMapper; - private final HttpClientSupplier httpClientSupplier; - private final String downloadUrl; - - public KevDataFeed() { - this(DEFAULT_LOCATION); - } - - public KevDataFeed(String downloadUrl) { - this(downloadUrl, null); - } - - public KevDataFeed(String downloadUrl, HttpClientSupplier httpClientSupplier) { - this.downloadUrl = downloadUrl; - this.httpClientSupplier = httpClientSupplier != null ? httpClientSupplier : HttpClientSupplier.getDefault(); - objectMapper = new ObjectMapper(); - objectMapper.registerModule(new JavaTimeModule()); - } - - @Override - public KevCatalog download() { - HttpGet request = new HttpGet(downloadUrl); - String json; - try (CloseableHttpClient client = httpClientSupplier.get()) { - json = client.execute(request, new BasicHttpClientResponseHandler()); - } catch (IOException e) { - throw new KevException("Unable to download the Known Exploitable Vulnerability Catalog", e); - } - try { - return objectMapper.readValue(json, KevCatalog.class); - } catch (JsonProcessingException e) { - throw new KevException("Failed to parse JSON starting with: \"" + json.substring(0, 100) + "\"", e); - } - } -} diff --git a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/kev/KevException.java b/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/kev/KevException.java deleted file mode 100644 index c97459a0..00000000 --- a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/kev/KevException.java +++ /dev/null @@ -1,67 +0,0 @@ -/* - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * Copyright (c) 2022-2025 Jeremy Long. All Rights Reserved. - */ -package io.github.jeremylong.openvulnerability.client.kev; - -/** - * Exception thrown if there is a problem with the EPSS Data Feed. - * - * @author Jeremy Long - */ -public class KevException extends RuntimeException { - - /** - * Serialization version UID. - */ - private static final long serialVersionUID = 154565603317514766L; - - /** - * Generate a new exception. - * - * @param message the message - */ - public KevException(String message) { - super(message); - } - - /** - * Generate a new exception. - * - * @param message the message - * @param cause the cause - */ - public KevException(String message, Throwable cause) { - super(message, cause); - } - - /** - * Generate a new exception. - * - * @param cause the cause - */ - public KevException(Throwable cause) { - super(cause); - } -} - -/* - * - * { securityAdvisory(nodeId: "MDU6U2VjdXJpdHlBZHZpc29yeTEyMzQ1Ng==") { id publishedAt updatedAt withdrawnAt severity - * severityReason reference permalink description origin vulnerableSoftware { package version } unsupportedPackages { - * name } identifiers { type value } advisories { nodes { id databaseId } } nonAffectingPackages { package } - * firstPatchedVersion { identifier } } } - * - */ \ No newline at end of file diff --git a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/kev/KevItem.java b/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/kev/KevItem.java deleted file mode 100644 index 7158d094..00000000 --- a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/kev/KevItem.java +++ /dev/null @@ -1,100 +0,0 @@ -/* - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * Copyright (c) 2023-2025 Jeremy Long. All Rights Reserved. - */ -package io.github.jeremylong.openvulnerability.client.kev; - -import com.fasterxml.jackson.annotation.JsonFormat; -import com.fasterxml.jackson.annotation.JsonIgnoreProperties; -import com.fasterxml.jackson.annotation.JsonProperty; -import com.fasterxml.jackson.annotation.JsonPropertyOrder; -import edu.umd.cs.findbugs.annotations.SuppressFBWarnings; - -import java.io.Serializable; -import java.util.Date; - -/** - * Known Exploited Vulnerability. - */ -@JsonIgnoreProperties(ignoreUnknown = true) -@JsonPropertyOrder({"cveID", "vendorProject", "product", "vulnerabilityName", "dateAdded", "shortDescription", - "requiredAction", "dueDate", "notes"}) -public class KevItem implements Serializable { - - /** - * Serialization version UID. - */ - private static final long serialVersionUID = -7179717694761725798L; - @JsonProperty("cveID") - private String cveID; - @JsonProperty("vendorProject") - private String vendorProject; - @JsonProperty("product") - private String product; - @JsonProperty("vulnerabilityName") - private String vulnerabilityName; - @JsonProperty("dateAdded") - @JsonFormat(pattern = "uuuu-MM-dd") - private Date dateAdded; - @JsonProperty("shortDescription") - private String shortDescription; - @JsonProperty("requiredAction") - private String requiredAction; - @JsonProperty("dueDate") - @JsonFormat(pattern = "uuuu-MM-dd") - private Date dueDate; - @JsonProperty("notes") - private String notes; - - public String getCveID() { - return cveID; - } - - public String getVendorProject() { - return vendorProject; - } - - public String getProduct() { - return product; - } - - public String getVulnerabilityName() { - return vulnerabilityName; - } - - @SuppressFBWarnings(value = {"EI_EXPOSE_REP", - "EI_EXPOSE_REP2"}, justification = "I prefer to suppress these FindBugs warnings") - public Date getDateAdded() { - return dateAdded; - } - - public String getShortDescription() { - return shortDescription; - } - - public String getRequiredAction() { - return requiredAction; - } - - @SuppressFBWarnings(value = {"EI_EXPOSE_REP", - "EI_EXPOSE_REP2"}, justification = "I prefer to suppress these FindBugs warnings") - public Date getDueDate() { - return dueDate; - } - - public String getNotes() { - return notes; - } -} diff --git a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/Config.java b/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/Config.java deleted file mode 100644 index cd884883..00000000 --- a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/Config.java +++ /dev/null @@ -1,152 +0,0 @@ -/* - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * Copyright (c) 2023-2025 Jeremy Long. All Rights Reserved. - */ -package io.github.jeremylong.openvulnerability.client.nvd; - -import com.fasterxml.jackson.annotation.JsonCreator; -import com.fasterxml.jackson.annotation.JsonIgnoreProperties; -import com.fasterxml.jackson.annotation.JsonInclude; -import com.fasterxml.jackson.annotation.JsonProperty; -import com.fasterxml.jackson.annotation.JsonPropertyOrder; -import com.fasterxml.jackson.annotation.JsonValue; -import edu.umd.cs.findbugs.annotations.SuppressFBWarnings; - -import java.io.Serializable; -import java.util.HashMap; -import java.util.List; -import java.util.Map; -import java.util.Objects; - -@JsonInclude(JsonInclude.Include.NON_NULL) -@JsonIgnoreProperties(ignoreUnknown = true) -@JsonPropertyOrder({"operator", "negate", "nodes"}) -public class Config implements Serializable { - - /** - * Serialization version UID. - */ - private static final long serialVersionUID = -6652299014788641511L; - @JsonProperty("operator") - private Operator operator; - @JsonProperty("negate") - private Boolean negate; - /** - * (Required) - */ - @JsonProperty("nodes") - private List nodes; - - public Config() { - } - - @SuppressFBWarnings(value = {"EI_EXPOSE_REP", - "EI_EXPOSE_REP2"}, justification = "I prefer to suppress these FindBugs warnings") - public Config(Operator operator, Boolean negate, List nodes) { - this.operator = operator; - this.negate = negate; - this.nodes = nodes; - } - - /** - * @return operator - */ - @JsonProperty("operator") - public Operator getOperator() { - return operator; - } - - /** - * @return negate - */ - @JsonProperty("negate") - public Boolean getNegate() { - return negate; - } - - /** - * (Required) - * - * @return nodes - */ - @JsonProperty("nodes") - @SuppressFBWarnings(value = {"EI_EXPOSE_REP", - "EI_EXPOSE_REP2"}, justification = "I prefer to suppress these FindBugs warnings") - public List getNodes() { - return nodes; - } - - @Override - public String toString() { - return "Config{" + "operator=" + operator + ", negate=" + negate + ", nodes=" + nodes + '}'; - } - - @Override - public boolean equals(Object o) { - if (this == o) - return true; - if (o == null || getClass() != o.getClass()) - return false; - Config config = (Config) o; - return operator == config.operator && Objects.equals(negate, config.negate) - && Objects.equals(nodes, config.nodes); - } - - @Override - public int hashCode() { - return Objects.hash(operator, negate, nodes); - } - - public enum Operator { - - AND("AND"), OR("OR"); - - private final static Map CONSTANTS = new HashMap<>(); - - static { - for (Operator c : values()) { - CONSTANTS.put(c.value, c); - } - } - - private final String value; - - Operator(String value) { - this.value = value; - } - - @JsonCreator - public static Operator fromValue(String value) { - Operator constant = CONSTANTS.get(value); - if (constant == null) { - throw new IllegalArgumentException(value); - } else { - return constant; - } - } - - @Override - public String toString() { - return this.value; - } - - @JsonValue - public String value() { - return this.value; - } - - } - -} diff --git a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/CpeMatch.java b/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/CpeMatch.java deleted file mode 100644 index f77e6ef3..00000000 --- a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/CpeMatch.java +++ /dev/null @@ -1,168 +0,0 @@ -/* - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * Copyright (c) 2023-2025 Jeremy Long. All Rights Reserved. - */ -package io.github.jeremylong.openvulnerability.client.nvd; - -import com.fasterxml.jackson.annotation.JsonIgnoreProperties; -import com.fasterxml.jackson.annotation.JsonInclude; -import com.fasterxml.jackson.annotation.JsonProperty; -import com.fasterxml.jackson.annotation.JsonPropertyOrder; - -import java.io.Serializable; -import java.util.Objects; - -/** - * CPE match string or range - */ -@JsonInclude(JsonInclude.Include.NON_NULL) -@JsonIgnoreProperties(ignoreUnknown = true) -@JsonPropertyOrder({"vulnerable", "criteria", "versionStartExcluding", "versionStartIncluding", "versionEndExcluding", - "versionEndIncluding", "matchCriteriaId"}) -public class CpeMatch implements Serializable { - - /** - * Serialization version UID. - */ - private static final long serialVersionUID = -7954886227420487016L; - /** - * (Required) - */ - @JsonProperty("vulnerable") - private Boolean vulnerable; - /** - * (Required) - */ - @JsonProperty("criteria") - private String criteria; - /** - * (Required) - */ - @JsonProperty("matchCriteriaId") - private String matchCriteriaId; - @JsonProperty("versionStartExcluding") - private String versionStartExcluding; - @JsonProperty("versionStartIncluding") - private String versionStartIncluding; - @JsonProperty("versionEndExcluding") - private String versionEndExcluding; - @JsonProperty("versionEndIncluding") - private String versionEndIncluding; - - public CpeMatch() { - } - - public CpeMatch(Boolean vulnerable, String criteria, String matchCriteriaId, String versionStartExcluding, - String versionStartIncluding, String versionEndExcluding, String versionEndIncluding) { - this.vulnerable = vulnerable; - this.criteria = criteria; - this.matchCriteriaId = matchCriteriaId; - this.versionStartExcluding = versionStartExcluding; - this.versionStartIncluding = versionStartIncluding; - this.versionEndExcluding = versionEndExcluding; - this.versionEndIncluding = versionEndIncluding; - } - - /** - * (Required) - * - * @return vulnerable - */ - @JsonProperty("vulnerable") - public Boolean getVulnerable() { - return vulnerable; - } - - /** - * (Required) - * - * @return criteria - */ - @JsonProperty("criteria") - public String getCriteria() { - return criteria; - } - - /** - * (Required) - * - * @return matchCriteriaId - */ - @JsonProperty("matchCriteriaId") - public String getMatchCriteriaId() { - return matchCriteriaId; - } - - /** - * @return versionStartExcluding - */ - @JsonProperty("versionStartExcluding") - public String getVersionStartExcluding() { - return versionStartExcluding; - } - - /** - * @return versionStartIncluding - */ - @JsonProperty("versionStartIncluding") - public String getVersionStartIncluding() { - return versionStartIncluding; - } - - /** - * @return versionStartIncluding - */ - @JsonProperty("versionEndExcluding") - public String getVersionEndExcluding() { - return versionEndExcluding; - } - - /** - * @return versionEndIncluding - */ - @JsonProperty("versionEndIncluding") - public String getVersionEndIncluding() { - return versionEndIncluding; - } - - @Override - public String toString() { - return "CpeMatch{" + "vulnerable=" + vulnerable + ", criteria='" + criteria + '\'' + ", matchCriteriaId=" - + matchCriteriaId + ", versionStartExcluding='" + versionStartExcluding + '\'' - + ", versionStartIncluding='" + versionStartIncluding + '\'' + ", versionEndExcluding='" - + versionEndExcluding + '\'' + ", versionEndIncluding='" + versionEndIncluding + '\'' + '}'; - } - - @Override - public boolean equals(Object o) { - if (this == o) - return true; - if (o == null || getClass() != o.getClass()) - return false; - CpeMatch cpeMatch = (CpeMatch) o; - return Objects.equals(vulnerable, cpeMatch.vulnerable) && Objects.equals(criteria, cpeMatch.criteria) - && Objects.equals(matchCriteriaId, cpeMatch.matchCriteriaId) - && Objects.equals(versionStartExcluding, cpeMatch.versionStartExcluding) - && Objects.equals(versionStartIncluding, cpeMatch.versionStartIncluding) - && Objects.equals(versionEndExcluding, cpeMatch.versionEndExcluding) - && Objects.equals(versionEndIncluding, cpeMatch.versionEndIncluding); - } - - @Override - public int hashCode() { - return Objects.hash(vulnerable, criteria, matchCriteriaId, versionStartExcluding, versionStartIncluding, - versionEndExcluding, versionEndIncluding); - } -} diff --git a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/CveApiJson20.java b/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/CveApiJson20.java deleted file mode 100644 index 78183e67..00000000 --- a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/CveApiJson20.java +++ /dev/null @@ -1,193 +0,0 @@ -/* - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * Copyright (c) 2023-2025 Jeremy Long. All Rights Reserved. - */ -package io.github.jeremylong.openvulnerability.client.nvd; - -import com.fasterxml.jackson.annotation.JsonFormat; -import com.fasterxml.jackson.annotation.JsonInclude; -import com.fasterxml.jackson.annotation.JsonProperty; -import com.fasterxml.jackson.annotation.JsonPropertyDescription; -import com.fasterxml.jackson.annotation.JsonPropertyOrder; -import edu.umd.cs.findbugs.annotations.SuppressFBWarnings; - -import java.io.Serializable; -import java.time.ZonedDateTime; -import java.util.List; -import java.util.Objects; - -/** - * JSON Schema for NVD Vulnerability Data API version 2.0 - */ -@JsonInclude(JsonInclude.Include.NON_NULL) -@JsonPropertyOrder({"resultsPerPage", "startIndex", "totalResults", "format", "version", "timestamp", - "vulnerabilities"}) -public class CveApiJson20 implements Serializable { - - /** - * Serialization version UID. - */ - private static final long serialVersionUID = -7123674591462255117L; - /** - * (Required) - */ - @JsonProperty("resultsPerPage") - private Integer resultsPerPage; - /** - * (Required) - */ - @JsonProperty("startIndex") - private Integer startIndex; - /** - * (Required) - */ - @JsonProperty("totalResults") - private Integer totalResults; - /** - * (Required) - */ - @JsonProperty("format") - private String format; - /** - * (Required) - */ - @JsonProperty("version") - private String version; - /** - * (Required) - */ - @JsonProperty("timestamp") - @JsonFormat(pattern = "uuuu-MM-dd'T'HH:mm:ss.SSS", timezone = "UTC") - private ZonedDateTime timestamp; - /** - * NVD feed array of CVE (Required) - */ - @JsonProperty("vulnerabilities") - @JsonPropertyDescription("NVD feed array of CVE") - private List vulnerabilities; - - public CveApiJson20() { - } - - @SuppressFBWarnings(value = {"EI_EXPOSE_REP", - "EI_EXPOSE_REP2"}, justification = "I prefer to suppress these FindBugs warnings") - public CveApiJson20(Integer resultsPerPage, Integer startIndex, Integer totalResults, String format, String version, - ZonedDateTime timestamp, List vulnerabilities) { - this.resultsPerPage = resultsPerPage; - this.startIndex = startIndex; - this.totalResults = totalResults; - this.format = format; - this.version = version; - this.timestamp = timestamp; - this.vulnerabilities = vulnerabilities; - } - - /** - * (Required) - * - * @return resultsPerPage - */ - @JsonProperty("resultsPerPage") - public Integer getResultsPerPage() { - return resultsPerPage; - } - - /** - * (Required) - * - * @return startIndex - */ - @JsonProperty("startIndex") - public Integer getStartIndex() { - return startIndex; - } - - /** - * (Required) - * - * @return totalResults - */ - @JsonProperty("totalResults") - public Integer getTotalResults() { - return totalResults; - } - - /** - * (Required) - * - * @return format - */ - @JsonProperty("format") - public String getFormat() { - return format; - } - - /** - * (Required) - * - * @return version - */ - @JsonProperty("version") - public String getVersion() { - return version; - } - - /** - * (Required) - * - * @return timestamp - */ - @JsonProperty("timestamp") - public ZonedDateTime getTimestamp() { - return timestamp; - } - - /** - * NVD feed array of CVE (Required) - * - * @return vulnerabilities - */ - @JsonProperty("vulnerabilities") - @SuppressFBWarnings(value = {"EI_EXPOSE_REP", - "EI_EXPOSE_REP2"}, justification = "I prefer to suppress these FindBugs warnings") - public List getVulnerabilities() { - return vulnerabilities; - } - - @Override - public String toString() { - return "CveApiJson20{" + "resultsPerPage=" + resultsPerPage + ", startIndex=" + startIndex + ", totalResults=" - + totalResults + ", format='" + format + '\'' + ", version='" + version + '\'' + ", timestamp=" - + timestamp + ", vulnerabilities=" + vulnerabilities + '}'; - } - - @Override - public boolean equals(Object o) { - if (this == o) - return true; - if (o == null || getClass() != o.getClass()) - return false; - CveApiJson20 that = (CveApiJson20) o; - return Objects.equals(resultsPerPage, that.resultsPerPage) && Objects.equals(startIndex, that.startIndex) - && Objects.equals(totalResults, that.totalResults) && Objects.equals(format, that.format) - && Objects.equals(version, that.version) && Objects.equals(timestamp, that.timestamp) - && Objects.equals(vulnerabilities, that.vulnerabilities); - } - - @Override - public int hashCode() { - return Objects.hash(resultsPerPage, startIndex, totalResults, format, version, timestamp, vulnerabilities); - } -} diff --git a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/CveItem.java b/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/CveItem.java deleted file mode 100644 index 1a2700e2..00000000 --- a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/CveItem.java +++ /dev/null @@ -1,351 +0,0 @@ -/* - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * Copyright (c) 2023-2025 Jeremy Long. All Rights Reserved. - */ -package io.github.jeremylong.openvulnerability.client.nvd; - -import com.fasterxml.jackson.annotation.JsonFormat; -import com.fasterxml.jackson.annotation.JsonInclude; -import com.fasterxml.jackson.annotation.JsonProperty; -import com.fasterxml.jackson.annotation.JsonIgnoreProperties; -import com.fasterxml.jackson.annotation.JsonPropertyDescription; -import com.fasterxml.jackson.annotation.JsonPropertyOrder; -import edu.umd.cs.findbugs.annotations.SuppressFBWarnings; - -import java.io.Serializable; -import java.time.LocalDate; -import java.time.ZonedDateTime; -import java.util.List; -import java.util.Objects; - -@JsonInclude(JsonInclude.Include.NON_NULL) -@JsonIgnoreProperties(ignoreUnknown = true) -@JsonPropertyOrder({"id", "sourceIdentifier", "published", "lastModified", "vulnStatus", "evaluatorComment", - "evaluatorSolution", "evaluatorImpact", "cisaExploitAdd", "cisaActionDue", "cisaRequiredAction", - "cisaVulnerabilityName", "cveTags", "descriptions", "vendorComments", "metrics", "weaknesses", "configurations", - "references"}) -public class CveItem implements Serializable { - - /** - * Serialization version UID. - */ - private static final long serialVersionUID = -3429894394769351686L; - /** - * (Required) - */ - @JsonProperty("id") - private String id; - @JsonProperty("sourceIdentifier") - private String sourceIdentifier; - @JsonProperty("vulnStatus") - private String vulnStatus; - /** - * (Required) - */ - @JsonProperty("published") - @JsonFormat(pattern = "uuuu-MM-dd'T'HH:mm:ss.SSS", timezone = "UTC") - private ZonedDateTime published; - /** - * (Required) - */ - @JsonProperty("lastModified") - @JsonFormat(pattern = "uuuu-MM-dd'T'HH:mm:ss.SSS", timezone = "UTC") - private ZonedDateTime lastModified; - @JsonProperty("evaluatorComment") - private String evaluatorComment; - @JsonProperty("evaluatorSolution") - private String evaluatorSolution; - @JsonProperty("evaluatorImpact") - private String evaluatorImpact; - @JsonProperty("cisaExploitAdd") - @JsonFormat(pattern = "yyyy-MM-dd") - private LocalDate cisaExploitAdd; - @JsonProperty("cisaActionDue") - @JsonFormat(pattern = "yyyy-MM-dd") - private LocalDate cisaActionDue; - @JsonProperty("cisaRequiredAction") - private String cisaRequiredAction; - @JsonProperty("cisaVulnerabilityName") - private String cisaVulnerabilityName; - @JsonProperty("cveTags") - private List cveTags; - /** - * (Required) - */ - @JsonProperty("descriptions") - private List descriptions; - /** - * (Required) - */ - @JsonProperty("references") - private List references; - /** - * Metric scores for a vulnerability as found on NVD. - */ - @JsonProperty("metrics") - @JsonPropertyDescription("Metric scores for a vulnerability as found on NVD.") - private Metrics metrics; - @JsonProperty("weaknesses") - private List weaknesses; - @JsonProperty("configurations") - private List configurations; - @JsonProperty("vendorComments") - private List vendorComments; - - @SuppressFBWarnings(value = {"EI_EXPOSE_REP", - "EI_EXPOSE_REP2"}, justification = "I prefer to suppress these FindBugs warnings") - public CveItem(String id, String sourceIdentifier, String vulnStatus, ZonedDateTime published, - ZonedDateTime lastModified, String evaluatorComment, String evaluatorSolution, String evaluatorImpact, - LocalDate cisaExploitAdd, LocalDate cisaActionDue, String cisaRequiredAction, String cisaVulnerabilityName, - List cveTags, List descriptions, List references, Metrics metrics, - List weaknesses, List configurations, List vendorComments) { - this.id = id; - this.sourceIdentifier = sourceIdentifier; - this.vulnStatus = vulnStatus; - this.published = published; - this.lastModified = lastModified; - this.evaluatorComment = evaluatorComment; - this.evaluatorSolution = evaluatorSolution; - this.evaluatorImpact = evaluatorImpact; - this.cisaExploitAdd = cisaExploitAdd; - this.cisaActionDue = cisaActionDue; - this.cisaRequiredAction = cisaRequiredAction; - this.cisaVulnerabilityName = cisaVulnerabilityName; - this.cveTags = cveTags; - this.descriptions = descriptions; - this.references = references; - this.metrics = metrics; - this.weaknesses = weaknesses; - this.configurations = configurations; - this.vendorComments = vendorComments; - } - - public CveItem() { - } - - /** - * @return id - */ - @JsonProperty("id") - public String getId() { - return id; - } - - /** - * @return sourceIdentifier - */ - @JsonProperty("sourceIdentifier") - public String getSourceIdentifier() { - return sourceIdentifier; - } - - /** - * @return vulnStatus - */ - @JsonProperty("vulnStatus") - public String getVulnStatus() { - return vulnStatus; - } - - /** - * @return published - */ - @JsonProperty("published") - public ZonedDateTime getPublished() { - return published; - } - - /** - * @return lastModified - */ - @JsonProperty("lastModified") - public ZonedDateTime getLastModified() { - return lastModified; - } - - /** - * @return evaluatorComment - */ - @JsonProperty("evaluatorComment") - public String getEvaluatorComment() { - return evaluatorComment; - } - - /** - * @return evaluatorSolution - */ - @JsonProperty("evaluatorSolution") - public String getEvaluatorSolution() { - return evaluatorSolution; - } - - /** - * @return evaluatorImpact - */ - @JsonProperty("evaluatorImpact") - public String getEvaluatorImpact() { - return evaluatorImpact; - } - - /** - * @return cisaExploitAdd - */ - @JsonProperty("cisaExploitAdd") - public LocalDate getCisaExploitAdd() { - return cisaExploitAdd; - } - - /** - * @return cisaActionDue - */ - @JsonProperty("cisaActionDue") - public LocalDate getCisaActionDue() { - return cisaActionDue; - } - - /** - * @return cisaRequiredAction - */ - @JsonProperty("cisaRequiredAction") - public String getCisaRequiredAction() { - return cisaRequiredAction; - } - - /** - * @return cisaVulnerabilityName - */ - @JsonProperty("cisaVulnerabilityName") - public String getCisaVulnerabilityName() { - return cisaVulnerabilityName; - } - - /** - * @return cveTags - */ - @JsonProperty("cveTags") - @SuppressFBWarnings(value = {"EI_EXPOSE_REP"}, justification = "I prefer to suppress these FindBugs warnings") - public List getCveTags() { - return cveTags; - } - - /** - * (Required) - * - * @return descriptions - */ - @JsonProperty("descriptions") - @SuppressFBWarnings(value = {"EI_EXPOSE_REP", - "EI_EXPOSE_REP2"}, justification = "I prefer to suppress these FindBugs warnings") - public List getDescriptions() { - return descriptions; - } - - /** - * (Required) - * - * @return references - */ - @JsonProperty("references") - @SuppressFBWarnings(value = {"EI_EXPOSE_REP", - "EI_EXPOSE_REP2"}, justification = "I prefer to suppress these FindBugs warnings") - public List getReferences() { - return references; - } - - /** - * Metric scores for a vulnerability as found on NVD. - * - * @return metrics - */ - @JsonProperty("metrics") - public Metrics getMetrics() { - return metrics; - } - - /** - * @return weaknesses - */ - @JsonProperty("weaknesses") - @SuppressFBWarnings(value = {"EI_EXPOSE_REP", - "EI_EXPOSE_REP2"}, justification = "I prefer to suppress these FindBugs warnings") - public List getWeaknesses() { - return weaknesses; - } - - /** - * @return configurations - */ - @JsonProperty("configurations") - @SuppressFBWarnings(value = {"EI_EXPOSE_REP", - "EI_EXPOSE_REP2"}, justification = "I prefer to suppress these FindBugs warnings") - public List getConfigurations() { - return configurations; - } - - /** - * @return vendorComments - */ - @JsonProperty("vendorComments") - @SuppressFBWarnings(value = {"EI_EXPOSE_REP", - "EI_EXPOSE_REP2"}, justification = "I prefer to suppress these FindBugs warnings") - public List getVendorComments() { - return vendorComments; - } - - @Override - public String toString() { - return "CveItem{" + "id='" + id + '\'' + ", sourceIdentifier='" + sourceIdentifier + '\'' + ", vulnStatus='" - + vulnStatus + '\'' + ", published=" + published + ", lastModified=" + lastModified - + ", evaluatorComment='" + evaluatorComment + '\'' + ", evaluatorSolution='" + evaluatorSolution + '\'' - + ", evaluatorImpact='" + evaluatorImpact + '\'' + ", cisaExploitAdd=" + cisaExploitAdd - + ", cisaActionDue=" + cisaActionDue + ", cisaRequiredAction='" + cisaRequiredAction + '\'' - + ", cisaVulnerabilityName='" + cisaVulnerabilityName + '\'' + ", cveTags=" + cveTags - + ", descriptions=" + descriptions + ", references=" + references + ", metrics=" + metrics - + ", weaknesses=" + weaknesses + ", configurations=" + configurations + ", vendorComments=" - + vendorComments + '}'; - } - - @Override - public boolean equals(Object o) { - if (this == o) - return true; - if (o == null || getClass() != o.getClass()) - return false; - CveItem cveItem = (CveItem) o; - return Objects.equals(id, cveItem.id) && Objects.equals(sourceIdentifier, cveItem.sourceIdentifier) - && Objects.equals(vulnStatus, cveItem.vulnStatus) && Objects.equals(published, cveItem.published) - && Objects.equals(lastModified, cveItem.lastModified) - && Objects.equals(evaluatorComment, cveItem.evaluatorComment) - && Objects.equals(evaluatorSolution, cveItem.evaluatorSolution) - && Objects.equals(evaluatorImpact, cveItem.evaluatorImpact) - && Objects.equals(cisaExploitAdd, cveItem.cisaExploitAdd) - && Objects.equals(cisaActionDue, cveItem.cisaActionDue) - && Objects.equals(cisaRequiredAction, cveItem.cisaRequiredAction) - && Objects.equals(cisaVulnerabilityName, cveItem.cisaVulnerabilityName) - && Objects.equals(cveTags, cveItem.cveTags) && Objects.equals(descriptions, cveItem.descriptions) - && Objects.equals(references, cveItem.references) && Objects.equals(metrics, cveItem.metrics) - && Objects.equals(weaknesses, cveItem.weaknesses) - && Objects.equals(configurations, cveItem.configurations) - && Objects.equals(vendorComments, cveItem.vendorComments); - } - - @Override - public int hashCode() { - return Objects.hash(id, sourceIdentifier, vulnStatus, published, lastModified, evaluatorComment, - evaluatorSolution, evaluatorImpact, cisaExploitAdd, cisaActionDue, cisaRequiredAction, - cisaVulnerabilityName, cveTags, descriptions, references, metrics, weaknesses, configurations, - vendorComments); - } -} diff --git a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/CveTag.java b/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/CveTag.java deleted file mode 100644 index 8fd8cc24..00000000 --- a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/CveTag.java +++ /dev/null @@ -1,131 +0,0 @@ -/* - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * Copyright (c) 2023-2025 Jeremy Long. All Rights Reserved. - */ -package io.github.jeremylong.openvulnerability.client.nvd; - -import com.fasterxml.jackson.annotation.JsonCreator; -import com.fasterxml.jackson.annotation.JsonInclude; -import com.fasterxml.jackson.annotation.JsonProperty; -import com.fasterxml.jackson.annotation.JsonPropertyOrder; -import com.fasterxml.jackson.annotation.JsonValue; -import edu.umd.cs.findbugs.annotations.SuppressFBWarnings; - -import java.io.Serializable; -import java.util.HashMap; -import java.util.List; -import java.util.Map; -import java.util.Objects; - -@JsonInclude(JsonInclude.Include.NON_NULL) -@JsonPropertyOrder({"sourceIdentifier", "tags"}) -public class CveTag implements Serializable { - private static final long serialVersionUID = 6119071096772721680L; - - /** - * The email address or UUID of the source that contributed the information - */ - @JsonProperty("sourceIdentifier") - private String sourceIdentifier; - - @JsonProperty("tags") - private List tags; - - public CveTag() { - } - - @SuppressFBWarnings(value = {"EI_EXPOSE_REP2"}, justification = "I prefer to suppress these FindBugs warnings") - public CveTag(String sourceIdentifier, List tags) { - this.sourceIdentifier = sourceIdentifier; - this.tags = tags; - } - - /** - * @return sourceIdentifier - */ - @JsonProperty("sourceIdentifier") - public String getSourceIdentifier() { - return sourceIdentifier; - } - - /** - * @return tags - */ - @JsonProperty("tags") - @SuppressFBWarnings(value = {"EI_EXPOSE_REP"}, justification = "I prefer to suppress these FindBugs warnings") - public List getTags() { - return tags; - } - - @Override - public String toString() { - return "CveTag{" + "sourceIdentifier='" + sourceIdentifier + '\'' + ", tags=" + tags + '}'; - } - - @Override - public boolean equals(Object o) { - if (this == o) - return true; - if (o == null || getClass() != o.getClass()) - return false; - - CveTag cveTag = (CveTag) o; - return Objects.equals(sourceIdentifier, cveTag.sourceIdentifier) && Objects.equals(tags, cveTag.tags); - } - - @Override - public int hashCode() { - return Objects.hash(sourceIdentifier, tags); - } - - public enum TagType { - UNSUPPORTED_WHEN_ASSIGNED("unsupported-when-assigned"), EXCLUSIVELY_HOSTED_SERVICE( - "exclusively-hosted-service"), DISPUTED("disputed"); - - private final static Map CONSTANTS = new HashMap<>(); - - static { - for (TagType c : values()) { - CONSTANTS.put(c.value, c); - } - } - - private final String value; - - TagType(String value) { - this.value = value; - } - - @JsonCreator - public static TagType fromValue(String value) { - TagType constant = CONSTANTS.get(value); - if (constant == null) { - throw new IllegalArgumentException(value); - } else { - return constant; - } - } - - @Override - public String toString() { - return this.value; - } - - @JsonValue - public String value() { - return this.value; - } - } -} diff --git a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/CvssV2.java b/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/CvssV2.java deleted file mode 100644 index c4be92ab..00000000 --- a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/CvssV2.java +++ /dev/null @@ -1,285 +0,0 @@ -/* - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * Copyright (c) 2023-2025 Jeremy Long. All Rights Reserved. - */ -package io.github.jeremylong.openvulnerability.client.nvd; - -import com.fasterxml.jackson.annotation.JsonCreator; -import com.fasterxml.jackson.annotation.JsonInclude; -import com.fasterxml.jackson.annotation.JsonProperty; -import com.fasterxml.jackson.annotation.JsonPropertyDescription; -import com.fasterxml.jackson.annotation.JsonPropertyOrder; -import com.fasterxml.jackson.annotation.JsonValue; - -import java.io.Serializable; -import java.util.HashMap; -import java.util.Map; -import java.util.Objects; - -@JsonInclude(JsonInclude.Include.NON_NULL) -@JsonPropertyOrder({"source", "type", "cvssData", "baseSeverity", "exploitabilityScore", "impactScore", "acInsufInfo", - "obtainAllPrivilege", "obtainUserPrivilege", "obtainOtherPrivilege", "userInteractionRequired"}) -public class CvssV2 implements Serializable { - - /** - * Serialization version UID. - */ - private static final long serialVersionUID = 7595837336051753457L; - - public CvssV2() { - } - - public CvssV2(String source, Type type, CvssV2Data cvssData, String baseSeverity, Double exploitabilityScore, - Double impactScore, Boolean acInsufInfo, Boolean obtainAllPrivilege, Boolean obtainUserPrivilege, - Boolean obtainOtherPrivilege, Boolean userInteractionRequired) { - this.source = source; - this.type = type; - this.cvssData = cvssData; - this.baseSeverity = baseSeverity; - this.exploitabilityScore = exploitabilityScore; - this.impactScore = impactScore; - this.acInsufInfo = acInsufInfo; - this.obtainAllPrivilege = obtainAllPrivilege; - this.obtainUserPrivilege = obtainUserPrivilege; - this.obtainOtherPrivilege = obtainOtherPrivilege; - this.userInteractionRequired = userInteractionRequired; - } - - /** - * (Required) - */ - @JsonProperty("source") - private String source; - /** - * (Required) - */ - @JsonProperty("type") - private Type type; - /** - * JSON Schema for Common Vulnerability Scoring System version 2.0 - *

- * (Required) - */ - @JsonProperty("cvssData") - private CvssV2Data cvssData; - /** - * The base severity - appears to be a mistake in the schema as this is duplicated in the CvssV2Data data and this - * field is never populated by the NVD API. - */ - @JsonProperty("baseSeverity") - private String baseSeverity; - /** - * CVSS subscore. - */ - @JsonProperty("exploitabilityScore") - @JsonPropertyDescription("CVSS subscore.") - private Double exploitabilityScore; - /** - * CVSS subscore. - */ - @JsonProperty("impactScore") - @JsonPropertyDescription("CVSS subscore.") - private Double impactScore; - @JsonProperty("acInsufInfo") - private Boolean acInsufInfo; - @JsonProperty("obtainAllPrivilege") - private Boolean obtainAllPrivilege; - @JsonProperty("obtainUserPrivilege") - private Boolean obtainUserPrivilege; - @JsonProperty("obtainOtherPrivilege") - private Boolean obtainOtherPrivilege; - @JsonProperty("userInteractionRequired") - private Boolean userInteractionRequired; - - /** - * (Required) - * - * @return source - */ - @JsonProperty("source") - public String getSource() { - return source; - } - - /** - * (Required) - * - * @return type - */ - @JsonProperty("type") - public Type getType() { - return type; - } - - /** - * JSON Schema for Common Vulnerability Scoring System version 2.0 - *

- * (Required) - * - * @return cvssData - */ - @JsonProperty("cvssData") - public CvssV2Data getCvssData() { - return cvssData; - } - - /** - * @return baseSeverity - */ - @JsonProperty("baseSeverity") - public String getBaseSeverity() { - return baseSeverity; - } - - /** - * CVSS subscore. - * - * @return exploitabilityScore - */ - @JsonProperty("exploitabilityScore") - public Double getExploitabilityScore() { - return exploitabilityScore; - } - - /** - * CVSS subscore. - * - * @return impactScore - */ - @JsonProperty("impactScore") - public Double getImpactScore() { - return impactScore; - } - - /** - * @return acInsufInfo - */ - @JsonProperty("acInsufInfo") - public Boolean getAcInsufInfo() { - return acInsufInfo; - } - - /** - * @return obtainAllPrivilege - */ - @JsonProperty("obtainAllPrivilege") - public Boolean getObtainAllPrivilege() { - return obtainAllPrivilege; - } - - /** - * @return obtainUserPrivilege - */ - @JsonProperty("obtainUserPrivilege") - public Boolean getObtainUserPrivilege() { - return obtainUserPrivilege; - } - - /** - * @return obtainOtherPrivilege - */ - @JsonProperty("obtainOtherPrivilege") - public Boolean getObtainOtherPrivilege() { - return obtainOtherPrivilege; - } - - /** - * @return userInteractionRequired - */ - @JsonProperty("userInteractionRequired") - public Boolean getUserInteractionRequired() { - return userInteractionRequired; - } - - @Override - public String toString() { - if (cvssData.getVectorString() != null) { - return cvssData.getVectorString(); - } - return String.format("/AV:%s/AC:%s/Au:%s/C:%s/I:%s/A:%s", - cvssData.getAccessVector() == null ? "" : this.cvssData.getAccessVector().value().substring(0, 1), - cvssData.getAccessComplexity() == null ? "" : cvssData.getAccessComplexity().value().substring(0, 1), - cvssData.getAuthentication() == null ? "" : cvssData.getAuthentication().value().substring(0, 1), - cvssData.getConfidentialityImpact() == null ? "" - : cvssData.getConfidentialityImpact().value().substring(0, 1), - cvssData.getIntegrityImpact() == null ? "" : cvssData.getIntegrityImpact().value().substring(0, 1), - cvssData.getAvailabilityImpact() == null ? "" - : cvssData.getAvailabilityImpact().value().substring(0, 1)); - } - - @Override - public boolean equals(Object o) { - if (this == o) - return true; - if (o == null || getClass() != o.getClass()) - return false; - CvssV2 cvssV2 = (CvssV2) o; - return Objects.equals(source, cvssV2.source) && type == cvssV2.type && Objects.equals(cvssData, cvssV2.cvssData) - && Objects.equals(baseSeverity, cvssV2.baseSeverity) - && Objects.equals(exploitabilityScore, cvssV2.exploitabilityScore) - && Objects.equals(impactScore, cvssV2.impactScore) && Objects.equals(acInsufInfo, cvssV2.acInsufInfo) - && Objects.equals(obtainAllPrivilege, cvssV2.obtainAllPrivilege) - && Objects.equals(obtainUserPrivilege, cvssV2.obtainUserPrivilege) - && Objects.equals(obtainOtherPrivilege, cvssV2.obtainOtherPrivilege) - && Objects.equals(userInteractionRequired, cvssV2.userInteractionRequired); - } - - @Override - public int hashCode() { - return Objects.hash(source, type, cvssData, baseSeverity, exploitabilityScore, impactScore, acInsufInfo, - obtainAllPrivilege, obtainUserPrivilege, obtainOtherPrivilege, userInteractionRequired); - } - - public enum Type { - - PRIMARY("Primary"), SECONDARY("Secondary"); - - private final static Map CONSTANTS = new HashMap<>(); - - static { - for (Type c : values()) { - CONSTANTS.put(c.value, c); - } - } - - private final String value; - - Type(String value) { - this.value = value; - } - - @JsonCreator - public static Type fromValue(String value) { - Type constant = CONSTANTS.get(value); - if (constant == null) { - throw new IllegalArgumentException(value); - } else { - return constant; - } - } - - @Override - public String toString() { - return this.value; - } - - @JsonValue - public String value() { - return this.value; - } - - } - -} diff --git a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/CvssV2Data.java b/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/CvssV2Data.java deleted file mode 100644 index 1cc023f3..00000000 --- a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/CvssV2Data.java +++ /dev/null @@ -1,879 +0,0 @@ -/* - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * Copyright (c) 2023-2025 Jeremy Long. All Rights Reserved. - */ -package io.github.jeremylong.openvulnerability.client.nvd; - -import com.fasterxml.jackson.annotation.JsonCreator; -import com.fasterxml.jackson.annotation.JsonIgnoreProperties; -import com.fasterxml.jackson.annotation.JsonInclude; -import com.fasterxml.jackson.annotation.JsonProperty; -import com.fasterxml.jackson.annotation.JsonPropertyDescription; -import com.fasterxml.jackson.annotation.JsonPropertyOrder; -import com.fasterxml.jackson.annotation.JsonValue; - -import java.io.Serializable; -import java.util.HashMap; -import java.util.Map; -import java.util.Objects; - -/** - * JSON Schema for Common Vulnerability Scoring System version 2.0 - */ -@JsonInclude(JsonInclude.Include.NON_NULL) -@JsonIgnoreProperties(ignoreUnknown = true) -@JsonPropertyOrder({"version", "vectorString", "accessVector", "accessComplexity", "authentication", - "confidentialityImpact", "integrityImpact", "availabilityImpact", "baseScore", "exploitability", - "remediationLevel", "reportConfidence", "temporalScore", "collateralDamagePotential", "targetDistribution", - "confidentialityRequirement", "integrityRequirement", "availabilityRequirement", "environmentalScore"}) -public class CvssV2Data implements Serializable { - - /** - * Serialization version UID. - */ - private static final long serialVersionUID = -3488320581980953116L; - - public CvssV2Data() { - } - - public CvssV2Data(String version, String vectorString, AccessVectorType accessVector, - AccessComplexityType accessComplexity, AuthenticationType authentication, CiaType confidentialityImpact, - CiaType integrityImpact, CiaType availabilityImpact, Double baseScore, String baseSeverity, - ExploitabilityType exploitability, RemediationLevelType remediationLevel, - ReportConfidenceType reportConfidence, Double temporalScore, - CollateralDamagePotentialType collateralDamagePotential, TargetDistributionType targetDistribution, - CiaRequirementType confidentialityRequirement, CiaRequirementType integrityRequirement, - CiaRequirementType availabilityRequirement, Double environmentalScore) { - this.version = Version.fromValue(version); - this.vectorString = vectorString; - this.accessVector = accessVector; - this.accessComplexity = accessComplexity; - this.authentication = authentication; - this.confidentialityImpact = confidentialityImpact; - this.integrityImpact = integrityImpact; - this.availabilityImpact = availabilityImpact; - this.baseScore = baseScore; - this.baseSeverity = baseSeverity; - this.exploitability = exploitability; - this.remediationLevel = remediationLevel; - this.reportConfidence = reportConfidence; - this.temporalScore = temporalScore; - this.collateralDamagePotential = collateralDamagePotential; - this.targetDistribution = targetDistribution; - this.confidentialityRequirement = confidentialityRequirement; - this.integrityRequirement = integrityRequirement; - this.availabilityRequirement = availabilityRequirement; - this.environmentalScore = environmentalScore; - } - - /** - * CVSS Version (Required) - */ - @JsonProperty("version") - @JsonPropertyDescription("CVSS Version") - private Version version; - /** - * (Required) - */ - @JsonProperty("vectorString") - private String vectorString; - @JsonProperty("accessVector") - private AccessVectorType accessVector; - @JsonProperty("accessComplexity") - private AccessComplexityType accessComplexity; - @JsonProperty("authentication") - private AuthenticationType authentication; - @JsonProperty("confidentialityImpact") - private CiaType confidentialityImpact; - @JsonProperty("integrityImpact") - private CiaType integrityImpact; - @JsonProperty("availabilityImpact") - private CiaType availabilityImpact; - /** - * (Required) - */ - @JsonProperty("baseScore") - private Double baseScore; - @JsonProperty("baseSeverity") - private String baseSeverity; - @JsonProperty("exploitability") - private ExploitabilityType exploitability; - @JsonProperty("remediationLevel") - private RemediationLevelType remediationLevel; - @JsonProperty("reportConfidence") - private ReportConfidenceType reportConfidence; - @JsonProperty("temporalScore") - private Double temporalScore; - @JsonProperty("collateralDamagePotential") - private CollateralDamagePotentialType collateralDamagePotential; - @JsonProperty("targetDistribution") - private TargetDistributionType targetDistribution; - @JsonProperty("confidentialityRequirement") - private CiaRequirementType confidentialityRequirement; - @JsonProperty("integrityRequirement") - private CiaRequirementType integrityRequirement; - @JsonProperty("availabilityRequirement") - private CiaRequirementType availabilityRequirement; - @JsonProperty("environmentalScore") - private Double environmentalScore; - - /** - * CVSS Version (Required) - * - * @return version - */ - @JsonProperty("version") - public Version getVersion() { - return version; - } - - /** - * (Required) - * - * @return vectorString - */ - @JsonProperty("vectorString") - public String getVectorString() { - return vectorString; - } - - /** - * @return accessVector - */ - @JsonProperty("accessVector") - public AccessVectorType getAccessVector() { - return accessVector; - } - - /** - * @return accessComplexity - */ - @JsonProperty("accessComplexity") - public AccessComplexityType getAccessComplexity() { - return accessComplexity; - } - - /** - * @return authentication - */ - @JsonProperty("authentication") - public AuthenticationType getAuthentication() { - return authentication; - } - - /** - * @return confidentialityImpact - */ - @JsonProperty("confidentialityImpact") - public CiaType getConfidentialityImpact() { - return confidentialityImpact; - } - - /** - * @return integrityImpact - */ - @JsonProperty("integrityImpact") - public CiaType getIntegrityImpact() { - return integrityImpact; - } - - /** - * @return availabilityImpact - */ - @JsonProperty("availabilityImpact") - public CiaType getAvailabilityImpact() { - return availabilityImpact; - } - - /** - * (Required) - * - * @return baseScore - */ - @JsonProperty("baseScore") - public Double getBaseScore() { - return baseScore; - } - - /** - * @return baseSeverity - */ - @JsonProperty("baseSeverity") - public String getBaseSeverity() { - return baseSeverity; - } - - /** - * @return exploitability - */ - @JsonProperty("exploitability") - public ExploitabilityType getExploitability() { - return exploitability; - } - - /** - * @return remediationLevel - */ - @JsonProperty("remediationLevel") - public RemediationLevelType getRemediationLevel() { - return remediationLevel; - } - - /** - * @return reportConfidence - */ - @JsonProperty("reportConfidence") - public ReportConfidenceType getReportConfidence() { - return reportConfidence; - } - - /** - * @return temporalScore - */ - @JsonProperty("temporalScore") - public Double getTemporalScore() { - return temporalScore; - } - - /** - * @return collateralDamagePotential - */ - @JsonProperty("collateralDamagePotential") - public CollateralDamagePotentialType getCollateralDamagePotential() { - return collateralDamagePotential; - } - - /** - * @return targetDistribution - */ - @JsonProperty("targetDistribution") - public TargetDistributionType getTargetDistribution() { - return targetDistribution; - } - - /** - * @return confidentialityRequirement - */ - @JsonProperty("confidentialityRequirement") - public CiaRequirementType getConfidentialityRequirement() { - return confidentialityRequirement; - } - - /** - * @return integrityRequirement - */ - @JsonProperty("integrityRequirement") - public CiaRequirementType getIntegrityRequirement() { - return integrityRequirement; - } - - /** - * @return availabilityRequirement - */ - @JsonProperty("availabilityRequirement") - public CiaRequirementType getAvailabilityRequirement() { - return availabilityRequirement; - } - - /** - * @return environmentalScore - */ - @JsonProperty("environmentalScore") - public Double getEnvironmentalScore() { - return environmentalScore; - } - - @Override - public String toString() { - return "CvssV2Data{" + "version=" + version + ", vectorString='" + vectorString + '\'' + ", accessVector=" - + accessVector + ", accessComplexity=" + accessComplexity + ", authentication=" + authentication - + ", confidentialityImpact=" + confidentialityImpact + ", integrityImpact=" + integrityImpact - + ", availabilityImpact=" + availabilityImpact + ", baseScore=" + baseScore + ", exploitability=" - + exploitability + ", remediationLevel=" + remediationLevel + ", reportConfidence=" + reportConfidence - + ", temporalScore=" + temporalScore + ", collateralDamagePotential=" + collateralDamagePotential - + ", targetDistribution=" + targetDistribution + ", confidentialityRequirement=" - + confidentialityRequirement + ", integrityRequirement=" + integrityRequirement - + ", availabilityRequirement=" + availabilityRequirement + ", environmentalScore=" + environmentalScore - + '}'; - } - - @Override - public boolean equals(Object o) { - if (this == o) - return true; - if (o == null || getClass() != o.getClass()) - return false; - CvssV2Data cvssV2Data = (CvssV2Data) o; - return version == cvssV2Data.version && Objects.equals(vectorString, cvssV2Data.vectorString) - && accessVector == cvssV2Data.accessVector && accessComplexity == cvssV2Data.accessComplexity - && authentication == cvssV2Data.authentication - && confidentialityImpact == cvssV2Data.confidentialityImpact - && integrityImpact == cvssV2Data.integrityImpact && availabilityImpact == cvssV2Data.availabilityImpact - && Objects.equals(baseScore, cvssV2Data.baseScore) && exploitability == cvssV2Data.exploitability - && remediationLevel == cvssV2Data.remediationLevel && reportConfidence == cvssV2Data.reportConfidence - && Objects.equals(temporalScore, cvssV2Data.temporalScore) - && collateralDamagePotential == cvssV2Data.collateralDamagePotential - && targetDistribution == cvssV2Data.targetDistribution - && confidentialityRequirement == cvssV2Data.confidentialityRequirement - && integrityRequirement == cvssV2Data.integrityRequirement - && availabilityRequirement == cvssV2Data.availabilityRequirement - && Objects.equals(environmentalScore, cvssV2Data.environmentalScore); - } - - @Override - public int hashCode() { - return Objects.hash(version, vectorString, accessVector, accessComplexity, authentication, - confidentialityImpact, integrityImpact, availabilityImpact, baseScore, exploitability, remediationLevel, - reportConfidence, temporalScore, collateralDamagePotential, targetDistribution, - confidentialityRequirement, integrityRequirement, availabilityRequirement, environmentalScore); - } - - public enum AccessComplexityType { - - HIGH("HIGH"), MEDIUM("MEDIUM"), LOW("LOW"); - - private final static Map CONSTANTS = new HashMap<>(); - - static { - for (AccessComplexityType c : values()) { - CONSTANTS.put(c.value, c); - } - } - - private final String value; - - AccessComplexityType(String value) { - this.value = value; - } - - @JsonCreator - public static AccessComplexityType fromValue(String value) { - // allow conversion from vector string - if (value != null && value.length() == 1) { - for (CvssV2Data.AccessComplexityType t : values()) { - if (t.value.startsWith(value)) { - return t; - } - } - } - AccessComplexityType constant = CONSTANTS.get(value); - if (constant == null) { - throw new IllegalArgumentException(value); - } else { - return constant; - } - } - - @Override - public String toString() { - return this.value; - } - - @JsonValue - public String value() { - return this.value; - } - - } - - public enum AccessVectorType { - - NETWORK("NETWORK"), ADJACENT_NETWORK("ADJACENT_NETWORK"), LOCAL("LOCAL"); - - private final static Map CONSTANTS = new HashMap<>(); - - static { - for (AccessVectorType c : values()) { - CONSTANTS.put(c.value, c); - } - } - - private final String value; - - AccessVectorType(String value) { - this.value = value; - } - - @JsonCreator - public static AccessVectorType fromValue(String value) { - // allow conversion from vector string - if (value != null && value.length() == 1) { - for (CvssV2Data.AccessVectorType t : values()) { - if (t.value.startsWith(value)) { - return t; - } - } - } - AccessVectorType constant = CONSTANTS.get(value); - if (constant == null) { - throw new IllegalArgumentException(value); - } else { - return constant; - } - } - - @Override - public String toString() { - return this.value; - } - - @JsonValue - public String value() { - return this.value; - } - - } - - public enum AuthenticationType { - - MULTIPLE("MULTIPLE"), SINGLE("SINGLE"), NONE("NONE"); - - private final static Map CONSTANTS = new HashMap<>(); - - static { - for (AuthenticationType c : values()) { - CONSTANTS.put(c.value, c); - } - } - - private final String value; - - AuthenticationType(String value) { - this.value = value; - } - - @JsonCreator - public static AuthenticationType fromValue(String value) { - // allow conversion from vector string - if (value != null && value.length() == 1) { - for (CvssV2Data.AuthenticationType t : values()) { - if (t.value.startsWith(value)) { - return t; - } - } - } - AuthenticationType constant = CONSTANTS.get(value); - if (constant == null) { - throw new IllegalArgumentException(value); - } else { - return constant; - } - } - - @Override - public String toString() { - return this.value; - } - - @JsonValue - public String value() { - return this.value; - } - - } - - public enum CiaRequirementType { - - LOW("LOW"), MEDIUM("MEDIUM"), HIGH("HIGH"), NOT_DEFINED("NOT_DEFINED"); - - private final static Map CONSTANTS = new HashMap<>(); - - static { - for (CiaRequirementType c : values()) { - CONSTANTS.put(c.value, c); - } - } - - private final String value; - - CiaRequirementType(String value) { - this.value = value; - } - - @JsonCreator - public static CiaRequirementType fromValue(String value) { - // allow conversion from vector string - if (value != null && value.length() == 1) { - if ("x".equalsIgnoreCase(value)) { - return NOT_DEFINED; - } - for (CvssV2Data.CiaRequirementType t : values()) { - if (t.value.startsWith(value)) { - return t; - } - } - } - CiaRequirementType constant = CONSTANTS.get(value); - if (constant == null) { - throw new IllegalArgumentException(value); - } else { - return constant; - } - } - - @Override - public String toString() { - return this.value; - } - - @JsonValue - public String value() { - return this.value; - } - - } - - public enum CiaType { - - NONE("NONE"), PARTIAL("PARTIAL"), COMPLETE("COMPLETE"); - - private final static Map CONSTANTS = new HashMap<>(); - - static { - for (CiaType c : values()) { - CONSTANTS.put(c.value, c); - } - } - - private final String value; - - CiaType(String value) { - this.value = value; - } - - @JsonCreator - public static CiaType fromValue(String value) { - // allow conversion from vector string - if (value != null && value.length() == 1) { - for (CvssV2Data.CiaType t : values()) { - if (t.value.startsWith(value)) { - return t; - } - } - } - CiaType constant = CONSTANTS.get(value); - if (constant == null) { - throw new IllegalArgumentException(value); - } else { - return constant; - } - } - - @Override - public String toString() { - return this.value; - } - - @JsonValue - public String value() { - return this.value; - } - - } - - public enum CollateralDamagePotentialType { - - NONE("NONE"), LOW("LOW"), LOW_MEDIUM("LOW_MEDIUM"), MEDIUM_HIGH("MEDIUM_HIGH"), HIGH("HIGH"), NOT_DEFINED( - "NOT_DEFINED"); - - private final static Map CONSTANTS = new HashMap<>(); - - static { - for (CollateralDamagePotentialType c : values()) { - CONSTANTS.put(c.value, c); - } - } - - private final String value; - - CollateralDamagePotentialType(String value) { - this.value = value; - } - - @JsonCreator - public static CollateralDamagePotentialType fromValue(String value) { - // allow conversion from vector string - if (value != null && value.length() == 1) { - for (CvssV2Data.CollateralDamagePotentialType t : values()) { - if (t.value.startsWith(value)) { - return t; - } - } - } - CollateralDamagePotentialType constant = CONSTANTS.get(value); - if (constant == null) { - throw new IllegalArgumentException(value); - } else { - return constant; - } - } - - @Override - public String toString() { - return this.value; - } - - @JsonValue - public String value() { - return this.value; - } - - } - - public enum ExploitabilityType { - - UNPROVEN("UNPROVEN"), PROOF_OF_CONCEPT("PROOF_OF_CONCEPT"), FUNCTIONAL("FUNCTIONAL"), HIGH("HIGH"), NOT_DEFINED( - "NOT_DEFINED"); - - private final static Map CONSTANTS = new HashMap<>(); - - static { - for (ExploitabilityType c : values()) { - CONSTANTS.put(c.value, c); - } - } - - private final String value; - - ExploitabilityType(String value) { - this.value = value; - } - - @JsonCreator - public static ExploitabilityType fromValue(String value) { - // allow conversion from vector string - if (value != null && value.length() == 1) { - for (CvssV2Data.ExploitabilityType t : values()) { - if (t.value.startsWith(value)) { - return t; - } - } - } - ExploitabilityType constant = CONSTANTS.get(value); - if (constant == null) { - throw new IllegalArgumentException(value); - } else { - return constant; - } - } - - @Override - public String toString() { - return this.value; - } - - @JsonValue - public String value() { - return this.value; - } - - } - - public enum RemediationLevelType { - - OFFICIAL_FIX("OFFICIAL_FIX"), TEMPORARY_FIX("TEMPORARY_FIX"), WORKAROUND("WORKAROUND"), UNAVAILABLE( - "UNAVAILABLE"), NOT_DEFINED("NOT_DEFINED"); - - private final static Map CONSTANTS = new HashMap<>(); - - static { - for (RemediationLevelType c : values()) { - CONSTANTS.put(c.value, c); - } - } - - private final String value; - - RemediationLevelType(String value) { - this.value = value; - } - - @JsonCreator - public static RemediationLevelType fromValue(String value) { - // allow conversion from vector string - if (value != null && value.length() == 1) { - if ("x".equalsIgnoreCase(value)) { - return NOT_DEFINED; - } - for (CvssV2Data.RemediationLevelType t : values()) { - if (t.value.startsWith(value)) { - return t; - } - } - } - RemediationLevelType constant = CONSTANTS.get(value); - if (constant == null) { - throw new IllegalArgumentException(value); - } else { - return constant; - } - } - - @Override - public String toString() { - return this.value; - } - - @JsonValue - public String value() { - return this.value; - } - - } - - public enum ReportConfidenceType { - - UNCONFIRMED("UNCONFIRMED"), UNCORROBORATED("UNCORROBORATED"), CONFIRMED("CONFIRMED"), NOT_DEFINED( - "NOT_DEFINED"); - - private final static Map CONSTANTS = new HashMap<>(); - - static { - for (ReportConfidenceType c : values()) { - CONSTANTS.put(c.value, c); - } - } - - private final String value; - - ReportConfidenceType(String value) { - this.value = value; - } - - @JsonCreator - public static ReportConfidenceType fromValue(String value) { - // allow conversion from vector string - if (value != null && value.length() == 1) { - for (CvssV2Data.ReportConfidenceType t : values()) { - if (t.value.startsWith(value)) { - return t; - } - } - } - ReportConfidenceType constant = CONSTANTS.get(value); - if (constant == null) { - throw new IllegalArgumentException(value); - } else { - return constant; - } - } - - @Override - public String toString() { - return this.value; - } - - @JsonValue - public String value() { - return this.value; - } - - } - - public enum TargetDistributionType { - - NONE("NONE"), LOW("LOW"), MEDIUM("MEDIUM"), HIGH("HIGH"), NOT_DEFINED("NOT_DEFINED"); - - private final static Map CONSTANTS = new HashMap<>(); - - static { - for (TargetDistributionType c : values()) { - CONSTANTS.put(c.value, c); - } - } - - private final String value; - - TargetDistributionType(String value) { - this.value = value; - } - - @JsonCreator - public static TargetDistributionType fromValue(String value) { - // allow conversion from vector string - if (value != null && value.length() == 1) { - if ("x".equalsIgnoreCase(value)) { - return NOT_DEFINED; - } - for (CvssV2Data.TargetDistributionType t : values()) { - if (t.value.startsWith(value)) { - return t; - } - } - } - TargetDistributionType constant = CONSTANTS.get(value); - if (constant == null) { - throw new IllegalArgumentException(value); - } else { - return constant; - } - } - - @Override - public String toString() { - return this.value; - } - - @JsonValue - public String value() { - return this.value; - } - - } - - /** - * CVSS Version - */ - public enum Version { - - _2_0("2.0"); - - private final static Map CONSTANTS = new HashMap<>(); - - static { - for (Version c : values()) { - CONSTANTS.put(c.value, c); - } - } - - private final String value; - - Version(String value) { - this.value = value; - } - - @JsonCreator - public static Version fromValue(String value) { - Version constant = CONSTANTS.get(value); - if (constant == null) { - throw new IllegalArgumentException(value); - } else { - return constant; - } - } - - @Override - public String toString() { - return this.value; - } - - @JsonValue - public String value() { - return this.value; - } - - } - -} diff --git a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/CvssV3.java b/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/CvssV3.java deleted file mode 100644 index 11d6840e..00000000 --- a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/CvssV3.java +++ /dev/null @@ -1,271 +0,0 @@ -/* - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * Copyright (c) 2023-2025 Jeremy Long. All Rights Reserved. - */ -package io.github.jeremylong.openvulnerability.client.nvd; - -import com.fasterxml.jackson.annotation.JsonCreator; -import com.fasterxml.jackson.annotation.JsonInclude; -import com.fasterxml.jackson.annotation.JsonProperty; -import com.fasterxml.jackson.annotation.JsonPropertyDescription; -import com.fasterxml.jackson.annotation.JsonPropertyOrder; -import com.fasterxml.jackson.annotation.JsonValue; - -import java.io.Serializable; -import java.util.HashMap; -import java.util.Map; -import java.util.Objects; - -@JsonInclude(JsonInclude.Include.NON_NULL) -@JsonPropertyOrder({"source", "type", "cvssData", "exploitabilityScore", "impactScore"}) -public class CvssV3 implements Serializable { - - /** - * Serialization version UID. - */ - private static final long serialVersionUID = 3239377501678853019L; - - public CvssV3() { - } - - public CvssV3(String source, Type type, CvssV3Data cvssData, Double exploitabilityScore, Double impactScore) { - this.source = source; - this.type = type; - this.cvssData = cvssData; - this.exploitabilityScore = exploitabilityScore; - this.impactScore = impactScore; - } - - /** - * (Required) - */ - @JsonProperty("source") - private String source; - /** - * (Required) - */ - @JsonProperty("type") - private Type type; - /** - * JSON Schema for Common Vulnerability Scoring System version 3.0 - *

- * (Required) - */ - @JsonProperty("cvssData") - private CvssV3Data cvssData; - /** - * CVSS subscore. - */ - @JsonProperty("exploitabilityScore") - @JsonPropertyDescription("CVSS subscore.") - private Double exploitabilityScore; - /** - * CVSS subscore. - */ - @JsonProperty("impactScore") - @JsonPropertyDescription("CVSS subscore.") - private Double impactScore; - - /** - * (Required) - * - * @return source - */ - @JsonProperty("source") - public String getSource() { - return source; - } - - /** - * (Required) - * - * @return type - */ - @JsonProperty("type") - public Type getType() { - return type; - } - - /** - * JSON Schema for Common Vulnerability Scoring System version 3.0 - *

- * (Required) - * - * @return cvssData - */ - @JsonProperty("cvssData") - public CvssV3Data getCvssData() { - return cvssData; - } - - /** - * CVSS subscore. - * - * @return exploitabilityScore - */ - @JsonProperty("exploitabilityScore") - public Double getExploitabilityScore() { - return exploitabilityScore; - } - - /** - * CVSS subscore. - * - * @return impactScore - */ - @JsonProperty("impactScore") - public Double getImpactScore() { - return impactScore; - } - - @Override - public String toString() { - StringBuilder sb = new StringBuilder("CVSS:"); - sb.append(cvssData.getVersion() == null ? "" : cvssData.getVersion()).append("/AV:") - .append(cvssData.getAttackVector() == null ? "" : cvssData.getAttackVector().value().substring(0, 1)) - .append("/AC:") - .append(cvssData.getAttackComplexity() == null ? "" - : cvssData.getAttackComplexity().value().substring(0, 1)) - .append("/PR:") - .append(cvssData.getPrivilegesRequired() == null ? "" - : cvssData.getPrivilegesRequired().value().substring(0, 1)) - .append("/UI:") - .append(cvssData.getUserInteraction() == null ? "" - : cvssData.getUserInteraction().value().substring(0, 1)) - .append("/S:").append(cvssData.getScope() == null ? "" : cvssData.getScope().value().substring(0, 1)) - .append("/C:") - .append(cvssData.getConfidentialityImpact() == null ? "" - : cvssData.getConfidentialityImpact().value().substring(0, 1)) - .append("/I:") - .append(cvssData.getIntegrityImpact() == null ? "" - : cvssData.getIntegrityImpact().value().substring(0, 1)) - .append("/A:").append(cvssData.getAvailabilityImpact() == null ? "" - : cvssData.getAvailabilityImpact().value().substring(0, 1)); - if (exploitabilityScore != null) { - sb.append("/E:").append(exploitabilityScore); - } - if (cvssData.getRemediationLevel() != null - && cvssData.getRemediationLevel() != CvssV3Data.RemediationLevelType.NOT_DEFINED) { - sb.append("/RL:").append(cvssData.getRemediationLevel().value().charAt(0)); - } - if (cvssData.getReportConfidence() != null - && cvssData.getReportConfidence() != CvssV3Data.ConfidenceType.NOT_DEFINED) { - sb.append("/RC:").append(cvssData.getReportConfidence().value().charAt(0)); - } - if (cvssData.getConfidentialityRequirement() != null - && cvssData.getConfidentialityRequirement() != CvssV3Data.CiaRequirementType.NOT_DEFINED) { - sb.append("/CR:").append(cvssData.getConfidentialityRequirement().value().charAt(0)); - } - if (cvssData.getIntegrityRequirement() != null - && cvssData.getIntegrityRequirement() != CvssV3Data.CiaRequirementType.NOT_DEFINED) { - sb.append("/IR:").append(cvssData.getIntegrityRequirement().value().charAt(0)); - } - if (cvssData.getAvailabilityRequirement() != null - && cvssData.getAvailabilityRequirement() != CvssV3Data.CiaRequirementType.NOT_DEFINED) { - sb.append("/AR:").append(cvssData.getAvailabilityRequirement().value().charAt(0)); - } - if (cvssData.getModifiedAttackVector() != null - && cvssData.getModifiedAttackVector() != CvssV3Data.ModifiedAttackVectorType.NOT_DEFINED) { - sb.append("/MAV:").append(cvssData.getModifiedAttackVector().value().charAt(0)); - } - if (cvssData.getModifiedAttackComplexity() != null - && cvssData.getModifiedAttackComplexity() != CvssV3Data.ModifiedAttackComplexityType.NOT_DEFINED) { - sb.append("/MAC:").append(cvssData.getModifiedAttackComplexity().value().charAt(0)); - } - if (cvssData.getModifiedPrivilegesRequired() != null - && cvssData.getModifiedPrivilegesRequired() != CvssV3Data.ModifiedPrivilegesRequiredType.NOT_DEFINED) { - sb.append("/MPR:").append(cvssData.getModifiedPrivilegesRequired().value().charAt(0)); - } - if (cvssData.getModifiedUserInteraction() != null - && cvssData.getModifiedUserInteraction() != CvssV3Data.ModifiedUserInteractionType.NOT_DEFINED) { - sb.append("/MUI:").append(cvssData.getModifiedUserInteraction().value().charAt(0)); - } - if (cvssData.getModifiedScope() != null - && cvssData.getModifiedScope() != CvssV3Data.ModifiedScopeType.NOT_DEFINED) { - sb.append("/MS:").append(cvssData.getModifiedScope().value().charAt(0)); - } - if (cvssData.getModifiedConfidentialityImpact() != null - && cvssData.getModifiedConfidentialityImpact() != CvssV3Data.ModifiedCiaType.NOT_DEFINED) { - sb.append("/MC:").append(cvssData.getModifiedConfidentialityImpact().value().charAt(0)); - } - if (cvssData.getModifiedIntegrityImpact() != null - && cvssData.getModifiedIntegrityImpact() != CvssV3Data.ModifiedCiaType.NOT_DEFINED) { - sb.append("/MI:").append(cvssData.getModifiedIntegrityImpact().value().charAt(0)); - } - if (cvssData.getModifiedAvailabilityImpact() != null - && cvssData.getModifiedAvailabilityImpact() != CvssV3Data.ModifiedCiaType.NOT_DEFINED) { - sb.append("/MA:").append(cvssData.getModifiedAvailabilityImpact().value().charAt(0)); - } - return sb.toString(); - } - - @Override - public boolean equals(Object o) { - if (this == o) - return true; - if (o == null || getClass() != o.getClass()) - return false; - CvssV3 cvssV3 = (CvssV3) o; - return Objects.equals(source, cvssV3.source) && type == cvssV3.type && Objects.equals(cvssData, cvssV3.cvssData) - && Objects.equals(exploitabilityScore, cvssV3.exploitabilityScore) - && Objects.equals(impactScore, cvssV3.impactScore); - } - - @Override - public int hashCode() { - return Objects.hash(source, type, cvssData, exploitabilityScore, impactScore); - } - - public enum Type { - - PRIMARY("Primary"), SECONDARY("Secondary"); - - private final static Map CONSTANTS = new HashMap<>(); - - static { - for (Type c : values()) { - CONSTANTS.put(c.value, c); - } - } - - private final String value; - - Type(String value) { - this.value = value; - } - - @JsonCreator - public static Type fromValue(String value) { - Type constant = CONSTANTS.get(value); - if (constant == null) { - throw new IllegalArgumentException(value); - } else { - return constant; - } - } - - @Override - public String toString() { - return this.value; - } - - @JsonValue - public String value() { - return this.value; - } - - } - -} diff --git a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/CvssV3Data.java b/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/CvssV3Data.java deleted file mode 100644 index 93626c4a..00000000 --- a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/CvssV3Data.java +++ /dev/null @@ -1,1367 +0,0 @@ -/* - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * Copyright (c) 2023-2025 Jeremy Long. All Rights Reserved. - */ -package io.github.jeremylong.openvulnerability.client.nvd; - -import com.fasterxml.jackson.annotation.JsonCreator; -import com.fasterxml.jackson.annotation.JsonIgnoreProperties; -import com.fasterxml.jackson.annotation.JsonInclude; -import com.fasterxml.jackson.annotation.JsonProperty; -import com.fasterxml.jackson.annotation.JsonPropertyDescription; -import com.fasterxml.jackson.annotation.JsonPropertyOrder; -import com.fasterxml.jackson.annotation.JsonValue; - -import java.io.Serializable; -import java.util.HashMap; -import java.util.Map; -import java.util.Objects; - -/** - * JSON Schema for Common Vulnerability Scoring System version 3.0 - */ -@JsonInclude(JsonInclude.Include.NON_NULL) -@JsonIgnoreProperties(ignoreUnknown = true) -@JsonPropertyOrder({"version", "vectorString", "attackVector", "attackComplexity", "privilegesRequired", - "userInteraction", "scope", "confidentialityImpact", "integrityImpact", "availabilityImpact", "baseScore", - "baseSeverity", "exploitCodeMaturity", "remediationLevel", "reportConfidence", "temporalScore", - "temporalSeverity", "confidentialityRequirement", "integrityRequirement", "availabilityRequirement", - "modifiedAttackVector", "modifiedAttackComplexity", "modifiedPrivilegesRequired", "modifiedUserInteraction", - "modifiedScope", "modifiedConfidentialityImpact", "modifiedIntegrityImpact", "modifiedAvailabilityImpact", - "environmentalScore", "environmentalSeverity"}) -public class CvssV3Data implements Serializable { - - /** - * Serialization version UID. - */ - private static final long serialVersionUID = 8537782209754450697L; - - public CvssV3Data() { - } - - public CvssV3Data(Version version, String vectorString, AttackVectorType attackVector, - AttackComplexityType attackComplexity, PrivilegesRequiredType privilegesRequired, - UserInteractionType userInteraction, ScopeType scope, CiaType confidentialityImpact, - CiaType integrityImpact, CiaType availabilityImpact, Double baseScore, SeverityType baseSeverity, - ExploitCodeMaturityType exploitCodeMaturity, RemediationLevelType remediationLevel, - ConfidenceType reportConfidence, Double temporalScore, SeverityType temporalSeverity, - CiaRequirementType confidentialityRequirement, CiaRequirementType integrityRequirement, - CiaRequirementType availabilityRequirement, ModifiedAttackVectorType modifiedAttackVector, - ModifiedAttackComplexityType modifiedAttackComplexity, - ModifiedPrivilegesRequiredType modifiedPrivilegesRequired, - ModifiedUserInteractionType modifiedUserInteraction, ModifiedScopeType modifiedScope, - ModifiedCiaType modifiedConfidentialityImpact, ModifiedCiaType modifiedIntegrityImpact, - ModifiedCiaType modifiedAvailabilityImpact, Double environmentalScore, SeverityType environmentalSeverity) { - this.version = version; - this.vectorString = vectorString; - this.attackVector = attackVector; - this.attackComplexity = attackComplexity; - this.privilegesRequired = privilegesRequired; - this.userInteraction = userInteraction; - this.scope = scope; - this.confidentialityImpact = confidentialityImpact; - this.integrityImpact = integrityImpact; - this.availabilityImpact = availabilityImpact; - this.baseScore = baseScore; - this.baseSeverity = baseSeverity; - this.exploitCodeMaturity = exploitCodeMaturity; - this.remediationLevel = remediationLevel; - this.reportConfidence = reportConfidence; - this.temporalScore = temporalScore; - this.temporalSeverity = temporalSeverity; - this.confidentialityRequirement = confidentialityRequirement; - this.integrityRequirement = integrityRequirement; - this.availabilityRequirement = availabilityRequirement; - this.modifiedAttackVector = modifiedAttackVector; - this.modifiedAttackComplexity = modifiedAttackComplexity; - this.modifiedPrivilegesRequired = modifiedPrivilegesRequired; - this.modifiedUserInteraction = modifiedUserInteraction; - this.modifiedScope = modifiedScope; - this.modifiedConfidentialityImpact = modifiedConfidentialityImpact; - this.modifiedIntegrityImpact = modifiedIntegrityImpact; - this.modifiedAvailabilityImpact = modifiedAvailabilityImpact; - this.environmentalScore = environmentalScore; - this.environmentalSeverity = environmentalSeverity; - } - - /** - * CVSS Version (Required) - */ - @JsonProperty("version") - @JsonPropertyDescription("CVSS Version") - private Version version; - /** - * (Required) - */ - @JsonProperty("vectorString") - private String vectorString; - @JsonProperty("attackVector") - private AttackVectorType attackVector; - @JsonProperty("attackComplexity") - private AttackComplexityType attackComplexity; - @JsonProperty("privilegesRequired") - private PrivilegesRequiredType privilegesRequired; - @JsonProperty("userInteraction") - private UserInteractionType userInteraction; - @JsonProperty("scope") - private ScopeType scope; - @JsonProperty("confidentialityImpact") - private CiaType confidentialityImpact; - @JsonProperty("integrityImpact") - private CiaType integrityImpact; - @JsonProperty("availabilityImpact") - private CiaType availabilityImpact; - /** - * (Required) - */ - @JsonProperty("baseScore") - private Double baseScore; - /** - * (Required) - */ - @JsonProperty("baseSeverity") - private SeverityType baseSeverity; - @JsonProperty("exploitCodeMaturity") - private ExploitCodeMaturityType exploitCodeMaturity; - @JsonProperty("remediationLevel") - private RemediationLevelType remediationLevel; - @JsonProperty("reportConfidence") - private ConfidenceType reportConfidence; - @JsonProperty("temporalScore") - private Double temporalScore; - @JsonProperty("temporalSeverity") - private SeverityType temporalSeverity; - @JsonProperty("confidentialityRequirement") - private CiaRequirementType confidentialityRequirement; - @JsonProperty("integrityRequirement") - private CiaRequirementType integrityRequirement; - @JsonProperty("availabilityRequirement") - private CiaRequirementType availabilityRequirement; - @JsonProperty("modifiedAttackVector") - private ModifiedAttackVectorType modifiedAttackVector; - @JsonProperty("modifiedAttackComplexity") - private ModifiedAttackComplexityType modifiedAttackComplexity; - @JsonProperty("modifiedPrivilegesRequired") - private ModifiedPrivilegesRequiredType modifiedPrivilegesRequired; - @JsonProperty("modifiedUserInteraction") - private ModifiedUserInteractionType modifiedUserInteraction; - @JsonProperty("modifiedScope") - private ModifiedScopeType modifiedScope; - @JsonProperty("modifiedConfidentialityImpact") - private ModifiedCiaType modifiedConfidentialityImpact; - @JsonProperty("modifiedIntegrityImpact") - private ModifiedCiaType modifiedIntegrityImpact; - @JsonProperty("modifiedAvailabilityImpact") - private ModifiedCiaType modifiedAvailabilityImpact; - @JsonProperty("environmentalScore") - private Double environmentalScore; - @JsonProperty("environmentalSeverity") - private SeverityType environmentalSeverity; - - /** - * CVSS Version (Required) - * - * @return version - */ - @JsonProperty("version") - public Version getVersion() { - return version; - } - - /** - * (Required) - * - * @return vectorString - */ - @JsonProperty("vectorString") - public String getVectorString() { - return vectorString; - } - - /** - * @return attackVector - */ - @JsonProperty("attackVector") - public AttackVectorType getAttackVector() { - return attackVector; - } - - /** - * @return attackComplexity - */ - @JsonProperty("attackComplexity") - public AttackComplexityType getAttackComplexity() { - return attackComplexity; - } - - /** - * @return privilegesRequired - */ - @JsonProperty("privilegesRequired") - public PrivilegesRequiredType getPrivilegesRequired() { - return privilegesRequired; - } - - /** - * @return userInteraction - */ - @JsonProperty("userInteraction") - public UserInteractionType getUserInteraction() { - return userInteraction; - } - - /** - * @return scope - */ - @JsonProperty("scope") - public ScopeType getScope() { - return scope; - } - - /** - * @return confidentialityImpact - */ - @JsonProperty("confidentialityImpact") - public CiaType getConfidentialityImpact() { - return confidentialityImpact; - } - - /** - * @return integrityImpact - */ - @JsonProperty("integrityImpact") - public CiaType getIntegrityImpact() { - return integrityImpact; - } - - /** - * @return availabilityImpact - */ - @JsonProperty("availabilityImpact") - public CiaType getAvailabilityImpact() { - return availabilityImpact; - } - - /** - * (Required) - * - * @return baseScore - */ - @JsonProperty("baseScore") - public Double getBaseScore() { - return baseScore; - } - - /** - * (Required) - * - * @return baseSeverity - */ - @JsonProperty("baseSeverity") - public SeverityType getBaseSeverity() { - return baseSeverity; - } - - /** - * @return exploitCodeMaturity - */ - @JsonProperty("exploitCodeMaturity") - public ExploitCodeMaturityType getExploitCodeMaturity() { - return exploitCodeMaturity; - } - - /** - * @return remediationLevel - */ - @JsonProperty("remediationLevel") - public RemediationLevelType getRemediationLevel() { - return remediationLevel; - } - - /** - * @return reportConfidence - */ - @JsonProperty("reportConfidence") - public ConfidenceType getReportConfidence() { - return reportConfidence; - } - - /** - * @return temporalScore - */ - @JsonProperty("temporalScore") - public Double getTemporalScore() { - return temporalScore; - } - - /** - * @return temporalSeverity - */ - @JsonProperty("temporalSeverity") - public SeverityType getTemporalSeverity() { - return temporalSeverity; - } - - /** - * @return confidentialityRequirement - */ - @JsonProperty("confidentialityRequirement") - public CiaRequirementType getConfidentialityRequirement() { - return confidentialityRequirement; - } - - /** - * @return integrityRequirement - */ - @JsonProperty("integrityRequirement") - public CiaRequirementType getIntegrityRequirement() { - return integrityRequirement; - } - - /** - * @return availabilityRequirement - */ - @JsonProperty("availabilityRequirement") - public CiaRequirementType getAvailabilityRequirement() { - return availabilityRequirement; - } - - /** - * @return modifiedAttackVector - */ - @JsonProperty("modifiedAttackVector") - public ModifiedAttackVectorType getModifiedAttackVector() { - return modifiedAttackVector; - } - - /** - * @return modifiedAttackComplexity - */ - @JsonProperty("modifiedAttackComplexity") - public ModifiedAttackComplexityType getModifiedAttackComplexity() { - return modifiedAttackComplexity; - } - - /** - * @return modifiedPrivilegesRequired - */ - @JsonProperty("modifiedPrivilegesRequired") - public ModifiedPrivilegesRequiredType getModifiedPrivilegesRequired() { - return modifiedPrivilegesRequired; - } - - /** - * @return modifiedUserInteraction - */ - @JsonProperty("modifiedUserInteraction") - public ModifiedUserInteractionType getModifiedUserInteraction() { - return modifiedUserInteraction; - } - - /** - * @return modifiedScope - */ - @JsonProperty("modifiedScope") - public ModifiedScopeType getModifiedScope() { - return modifiedScope; - } - - /** - * @return modifiedConfidentialityImpact - */ - @JsonProperty("modifiedConfidentialityImpact") - public ModifiedCiaType getModifiedConfidentialityImpact() { - return modifiedConfidentialityImpact; - } - - /** - * @return modifiedIntegrityImpact - */ - @JsonProperty("modifiedIntegrityImpact") - public ModifiedCiaType getModifiedIntegrityImpact() { - return modifiedIntegrityImpact; - } - - /** - * @return modifiedAvailabilityImpact - */ - @JsonProperty("modifiedAvailabilityImpact") - public ModifiedCiaType getModifiedAvailabilityImpact() { - return modifiedAvailabilityImpact; - } - - /** - * @return environmentalScore - */ - @JsonProperty("environmentalScore") - public Double getEnvironmentalScore() { - return environmentalScore; - } - - /** - * @return environmentalSeverity - */ - @JsonProperty("environmentalSeverity") - public SeverityType getEnvironmentalSeverity() { - return environmentalSeverity; - } - - @Override - public String toString() { - return String.format("CVSS:%s/AV:%s/AC:%s/PR:%s/UI:%s/S:%s/C:%s/I:%s/A:%s", version == null ? "" : version, - attackVector == null ? "" : attackVector.value().substring(0, 1), - attackComplexity == null ? "" : attackComplexity.value().substring(0, 1), - privilegesRequired == null ? "" : privilegesRequired.value().substring(0, 1), - userInteraction == null ? "" : userInteraction.value().substring(0, 1), - scope == null ? "" : scope.value().substring(0, 1), - confidentialityImpact == null ? "" : confidentialityImpact.value().substring(0, 1), - integrityImpact == null ? "" : integrityImpact.value().substring(0, 1), - availabilityImpact == null ? "" : availabilityImpact.value().substring(0, 1)); - } - - @Override - public boolean equals(Object o) { - if (this == o) - return true; - if (o == null || getClass() != o.getClass()) - return false; - CvssV3Data that = (CvssV3Data) o; - return version == that.version && Objects.equals(vectorString, that.vectorString) - && attackVector == that.attackVector && attackComplexity == that.attackComplexity - && privilegesRequired == that.privilegesRequired && userInteraction == that.userInteraction - && scope == that.scope && confidentialityImpact == that.confidentialityImpact - && integrityImpact == that.integrityImpact && availabilityImpact == that.availabilityImpact - && Objects.equals(baseScore, that.baseScore) && baseSeverity == that.baseSeverity - && exploitCodeMaturity == that.exploitCodeMaturity && remediationLevel == that.remediationLevel - && reportConfidence == that.reportConfidence && Objects.equals(temporalScore, that.temporalScore) - && temporalSeverity == that.temporalSeverity - && confidentialityRequirement == that.confidentialityRequirement - && integrityRequirement == that.integrityRequirement - && availabilityRequirement == that.availabilityRequirement - && modifiedAttackVector == that.modifiedAttackVector - && modifiedAttackComplexity == that.modifiedAttackComplexity - && modifiedPrivilegesRequired == that.modifiedPrivilegesRequired - && modifiedUserInteraction == that.modifiedUserInteraction && modifiedScope == that.modifiedScope - && modifiedConfidentialityImpact == that.modifiedConfidentialityImpact - && modifiedIntegrityImpact == that.modifiedIntegrityImpact - && modifiedAvailabilityImpact == that.modifiedAvailabilityImpact - && Objects.equals(environmentalScore, that.environmentalScore) - && environmentalSeverity == that.environmentalSeverity; - } - - @Override - public int hashCode() { - return Objects.hash(version, vectorString, attackVector, attackComplexity, privilegesRequired, userInteraction, - scope, confidentialityImpact, integrityImpact, availabilityImpact, baseScore, baseSeverity, - exploitCodeMaturity, remediationLevel, reportConfidence, temporalScore, temporalSeverity, - confidentialityRequirement, integrityRequirement, availabilityRequirement, modifiedAttackVector, - modifiedAttackComplexity, modifiedPrivilegesRequired, modifiedUserInteraction, modifiedScope, - modifiedConfidentialityImpact, modifiedIntegrityImpact, modifiedAvailabilityImpact, environmentalScore, - environmentalSeverity); - } - - public enum AttackComplexityType { - - HIGH("HIGH"), LOW("LOW"); - - private final static Map CONSTANTS = new HashMap<>(); - - static { - for (AttackComplexityType c : values()) { - CONSTANTS.put(c.value, c); - } - } - - private final String value; - - AttackComplexityType(String value) { - this.value = value; - } - - @JsonCreator - public static AttackComplexityType fromValue(String value) { - // allow conversion from vector string - if (value != null && value.length() == 1) { - for (AttackComplexityType t : values()) { - if (t.value.startsWith(value)) { - return t; - } - } - } - AttackComplexityType constant = CONSTANTS.get(value); - if (constant == null) { - throw new IllegalArgumentException(value); - } else { - return constant; - } - } - - @Override - public String toString() { - return this.value; - } - - @JsonValue - public String value() { - return this.value; - } - - } - - public enum AttackVectorType { - - NETWORK("NETWORK"), ADJACENT_NETWORK("ADJACENT_NETWORK"), LOCAL("LOCAL"), PHYSICAL("PHYSICAL"); - - private final static Map CONSTANTS = new HashMap<>(); - - static { - for (AttackVectorType c : values()) { - CONSTANTS.put(c.value, c); - } - } - - private final String value; - - AttackVectorType(String value) { - this.value = value; - } - - @JsonCreator - public static AttackVectorType fromValue(String value) { - // allow conversion from vector string - if (value != null && value.length() == 1) { - for (AttackVectorType t : values()) { - if (t.value.startsWith(value)) { - return t; - } - } - } - AttackVectorType constant = CONSTANTS.get(value); - if (constant == null) { - throw new IllegalArgumentException(value); - } else { - return constant; - } - } - - @Override - public String toString() { - return this.value; - } - - @JsonValue - public String value() { - return this.value; - } - - } - - public enum CiaRequirementType { - - LOW("LOW"), MEDIUM("MEDIUM"), HIGH("HIGH"), NOT_DEFINED("NOT_DEFINED"); - - private final static Map CONSTANTS = new HashMap<>(); - - static { - for (CiaRequirementType c : values()) { - CONSTANTS.put(c.value, c); - } - } - - private final String value; - - CiaRequirementType(String value) { - this.value = value; - } - - @JsonCreator - public static CiaRequirementType fromValue(String value) { - // allow conversion from vector string - if (value != null && value.length() == 1) { - if ("x".equalsIgnoreCase(value)) { - return NOT_DEFINED; - } - for (CiaRequirementType t : values()) { - if (t.value.startsWith(value)) { - return t; - } - } - } - CiaRequirementType constant = CONSTANTS.get(value); - if (constant == null) { - throw new IllegalArgumentException(value); - } else { - return constant; - } - } - - @Override - public String toString() { - return this.value; - } - - @JsonValue - public String value() { - return this.value; - } - - } - - public enum CiaType { - - NONE("NONE"), LOW("LOW"), HIGH("HIGH"); - - private final static Map CONSTANTS = new HashMap<>(); - - static { - for (CiaType c : values()) { - CONSTANTS.put(c.value, c); - } - } - - private final String value; - - CiaType(String value) { - this.value = value; - } - - @JsonCreator - public static CiaType fromValue(String value) { - // allow conversion from vector string - if (value != null && value.length() == 1) { - for (CiaType t : values()) { - if (t.value.startsWith(value)) { - return t; - } - } - } - CiaType constant = CONSTANTS.get(value); - if (constant == null) { - throw new IllegalArgumentException(value); - } else { - return constant; - } - } - - @Override - public String toString() { - return this.value; - } - - @JsonValue - public String value() { - return this.value; - } - - } - - public enum ConfidenceType { - - UNKNOWN("UNKNOWN"), REASONABLE("REASONABLE"), CONFIRMED("CONFIRMED"), NOT_DEFINED("NOT_DEFINED"); - - private final static Map CONSTANTS = new HashMap<>(); - - static { - for (ConfidenceType c : values()) { - CONSTANTS.put(c.value, c); - } - } - - private final String value; - - ConfidenceType(String value) { - this.value = value; - } - - @JsonCreator - public static ConfidenceType fromValue(String value) { - // allow conversion from vector string - if (value != null && value.length() == 1) { - if ("x".equalsIgnoreCase(value)) { - return NOT_DEFINED; - } - for (ConfidenceType t : values()) { - if (t.value.startsWith(value)) { - return t; - } - } - } - ConfidenceType constant = CONSTANTS.get(value); - if (constant == null) { - throw new IllegalArgumentException(value); - } else { - return constant; - } - } - - @Override - public String toString() { - return this.value; - } - - @JsonValue - public String value() { - return this.value; - } - - } - - public enum ExploitCodeMaturityType { - - UNPROVEN("UNPROVEN"), PROOF_OF_CONCEPT("PROOF_OF_CONCEPT"), FUNCTIONAL("FUNCTIONAL"), HIGH("HIGH"), NOT_DEFINED( - "NOT_DEFINED"); - - private final static Map CONSTANTS = new HashMap<>(); - - static { - for (ExploitCodeMaturityType c : values()) { - CONSTANTS.put(c.value, c); - } - } - - private final String value; - - ExploitCodeMaturityType(String value) { - this.value = value; - } - - @JsonCreator - public static ExploitCodeMaturityType fromValue(String value) { - // allow conversion from vector string - if (value != null && value.length() == 1) { - if ("x".equalsIgnoreCase(value)) { - return NOT_DEFINED; - } - for (ExploitCodeMaturityType t : values()) { - if (t.value.startsWith(value)) { - return t; - } - } - } - ExploitCodeMaturityType constant = CONSTANTS.get(value); - if (constant == null) { - throw new IllegalArgumentException(value); - } else { - return constant; - } - } - - @Override - public String toString() { - return this.value; - } - - @JsonValue - public String value() { - return this.value; - } - - } - - public enum ModifiedAttackComplexityType { - - HIGH("HIGH"), LOW("LOW"), NOT_DEFINED("NOT_DEFINED"); - - private final static Map CONSTANTS = new HashMap<>(); - - static { - for (ModifiedAttackComplexityType c : values()) { - CONSTANTS.put(c.value, c); - } - } - - private final String value; - - ModifiedAttackComplexityType(String value) { - this.value = value; - } - - @JsonCreator - public static ModifiedAttackComplexityType fromValue(String value) { - // allow conversion from vector string - if (value != null && value.length() == 1) { - if ("x".equalsIgnoreCase(value)) { - return NOT_DEFINED; - } - for (ModifiedAttackComplexityType t : values()) { - if (t.value.startsWith(value)) { - return t; - } - } - } - ModifiedAttackComplexityType constant = CONSTANTS.get(value); - if (constant == null) { - throw new IllegalArgumentException(value); - } else { - return constant; - } - } - - @Override - public String toString() { - return this.value; - } - - @JsonValue - public String value() { - return this.value; - } - - } - - public enum ModifiedAttackVectorType { - - NETWORK("NETWORK"), ADJACENT_NETWORK("ADJACENT_NETWORK"), LOCAL("LOCAL"), PHYSICAL("PHYSICAL"), NOT_DEFINED( - "NOT_DEFINED"); - - private final static Map CONSTANTS = new HashMap<>(); - - static { - for (ModifiedAttackVectorType c : values()) { - CONSTANTS.put(c.value, c); - } - } - - private final String value; - - ModifiedAttackVectorType(String value) { - this.value = value; - } - - @JsonCreator - public static ModifiedAttackVectorType fromValue(String value) { - // allow conversion from vector string - if (value != null && value.length() == 1) { - if ("x".equalsIgnoreCase(value)) { - return NOT_DEFINED; - } - for (ModifiedAttackVectorType t : values()) { - if (t.value.startsWith(value)) { - return t; - } - } - } - ModifiedAttackVectorType constant = CONSTANTS.get(value); - if (constant == null) { - throw new IllegalArgumentException(value); - } else { - return constant; - } - } - - @Override - public String toString() { - return this.value; - } - - @JsonValue - public String value() { - return this.value; - } - - } - - public enum ModifiedCiaType { - - NONE("NONE"), LOW("LOW"), HIGH("HIGH"), NOT_DEFINED("NOT_DEFINED"); - - private final static Map CONSTANTS = new HashMap<>(); - - static { - for (ModifiedCiaType c : values()) { - CONSTANTS.put(c.value, c); - } - } - - private final String value; - - ModifiedCiaType(String value) { - this.value = value; - } - - @JsonCreator - public static ModifiedCiaType fromValue(String value) { - // allow conversion from vector string - if (value != null && value.length() == 1) { - if ("x".equalsIgnoreCase(value)) { - return NOT_DEFINED; - } - for (ModifiedCiaType t : values()) { - if (t.value.startsWith(value)) { - return t; - } - } - } - ModifiedCiaType constant = CONSTANTS.get(value); - if (constant == null) { - throw new IllegalArgumentException(value); - } else { - return constant; - } - } - - @Override - public String toString() { - return this.value; - } - - @JsonValue - public String value() { - return this.value; - } - - } - - public enum ModifiedPrivilegesRequiredType { - - HIGH("HIGH"), LOW("LOW"), NONE("NONE"), NOT_DEFINED("NOT_DEFINED"); - - private final static Map CONSTANTS = new HashMap<>(); - - static { - for (ModifiedPrivilegesRequiredType c : values()) { - CONSTANTS.put(c.value, c); - } - } - - private final String value; - - ModifiedPrivilegesRequiredType(String value) { - this.value = value; - } - - @JsonCreator - public static ModifiedPrivilegesRequiredType fromValue(String value) { - // allow conversion from vector string - if (value != null && value.length() == 1) { - if ("x".equalsIgnoreCase(value)) { - return NOT_DEFINED; - } - for (ModifiedPrivilegesRequiredType t : values()) { - if (t.value.startsWith(value)) { - return t; - } - } - } - ModifiedPrivilegesRequiredType constant = CONSTANTS.get(value); - if (constant == null) { - throw new IllegalArgumentException(value); - } else { - return constant; - } - } - - @Override - public String toString() { - return this.value; - } - - @JsonValue - public String value() { - return this.value; - } - - } - - public enum ModifiedScopeType { - - UNCHANGED("UNCHANGED"), CHANGED("CHANGED"), NOT_DEFINED("NOT_DEFINED"); - - private final static Map CONSTANTS = new HashMap<>(); - - static { - for (ModifiedScopeType c : values()) { - CONSTANTS.put(c.value, c); - } - } - - private final String value; - - ModifiedScopeType(String value) { - this.value = value; - } - - @JsonCreator - public static ModifiedScopeType fromValue(String value) { - // allow conversion from vector string - if (value != null && value.length() == 1) { - if ("x".equalsIgnoreCase(value)) { - return NOT_DEFINED; - } - for (ModifiedScopeType t : values()) { - if (t.value.startsWith(value)) { - return t; - } - } - } - ModifiedScopeType constant = CONSTANTS.get(value); - if (constant == null) { - throw new IllegalArgumentException(value); - } else { - return constant; - } - } - - @Override - public String toString() { - return this.value; - } - - @JsonValue - public String value() { - return this.value; - } - - } - - public enum ModifiedUserInteractionType { - - NONE("NONE"), REQUIRED("REQUIRED"), NOT_DEFINED("NOT_DEFINED"); - - private final static Map CONSTANTS = new HashMap<>(); - - static { - for (ModifiedUserInteractionType c : values()) { - CONSTANTS.put(c.value, c); - } - } - - private final String value; - - ModifiedUserInteractionType(String value) { - this.value = value; - } - - @JsonCreator - public static ModifiedUserInteractionType fromValue(String value) { - // allow conversion from vector string - if (value != null && value.length() == 1) { - if ("x".equalsIgnoreCase(value)) { - return NOT_DEFINED; - } - for (ModifiedUserInteractionType t : values()) { - if (t.value.startsWith(value)) { - return t; - } - } - } - ModifiedUserInteractionType constant = CONSTANTS.get(value); - if (constant == null) { - throw new IllegalArgumentException(value); - } else { - return constant; - } - } - - @Override - public String toString() { - return this.value; - } - - @JsonValue - public String value() { - return this.value; - } - - } - - public enum PrivilegesRequiredType { - - HIGH("HIGH"), LOW("LOW"), NONE("NONE"); - - private final static Map CONSTANTS = new HashMap<>(); - - static { - for (PrivilegesRequiredType c : values()) { - CONSTANTS.put(c.value, c); - } - } - - private final String value; - - PrivilegesRequiredType(String value) { - this.value = value; - } - - @JsonCreator - public static PrivilegesRequiredType fromValue(String value) { - // allow conversion from vector string - if (value != null && value.length() == 1) { - for (PrivilegesRequiredType t : values()) { - if (t.value.startsWith(value)) { - return t; - } - } - } - PrivilegesRequiredType constant = CONSTANTS.get(value); - if (constant == null) { - throw new IllegalArgumentException(value); - } else { - return constant; - } - } - - @Override - public String toString() { - return this.value; - } - - @JsonValue - public String value() { - return this.value; - } - - } - - public enum RemediationLevelType { - - OFFICIAL_FIX("OFFICIAL_FIX"), TEMPORARY_FIX("TEMPORARY_FIX"), WORKAROUND("WORKAROUND"), UNAVAILABLE( - "UNAVAILABLE"), NOT_DEFINED("NOT_DEFINED"); - - private final static Map CONSTANTS = new HashMap<>(); - - static { - for (RemediationLevelType c : values()) { - CONSTANTS.put(c.value, c); - } - } - - private final String value; - - RemediationLevelType(String value) { - this.value = value; - } - - @JsonCreator - public static RemediationLevelType fromValue(String value) { - // allow conversion from vector string - if (value != null && value.length() == 1) { - if ("x".equalsIgnoreCase(value)) { - return NOT_DEFINED; - } - for (RemediationLevelType t : values()) { - if (t.value.startsWith(value)) { - return t; - } - } - } - RemediationLevelType constant = CONSTANTS.get(value); - if (constant == null) { - throw new IllegalArgumentException(value); - } else { - return constant; - } - } - - @Override - public String toString() { - return this.value; - } - - @JsonValue - public String value() { - return this.value; - } - - } - - public enum ScopeType { - - UNCHANGED("UNCHANGED"), CHANGED("CHANGED"); - - private final static Map CONSTANTS = new HashMap<>(); - - static { - for (ScopeType c : values()) { - CONSTANTS.put(c.value, c); - } - } - - private final String value; - - ScopeType(String value) { - this.value = value; - } - - @JsonCreator - public static ScopeType fromValue(String value) { - // allow conversion from vector string - if (value != null && value.length() == 1) { - for (ScopeType t : values()) { - if (t.value.startsWith(value)) { - return t; - } - } - } - ScopeType constant = CONSTANTS.get(value); - if (constant == null) { - throw new IllegalArgumentException(value); - } else { - return constant; - } - } - - @Override - public String toString() { - return this.value; - } - - @JsonValue - public String value() { - return this.value; - } - - } - - public enum SeverityType { - - NONE("NONE"), LOW("LOW"), MEDIUM("MEDIUM"), HIGH("HIGH"), CRITICAL("CRITICAL"); - - private final static Map CONSTANTS = new HashMap<>(); - - static { - for (SeverityType c : values()) { - CONSTANTS.put(c.value, c); - } - } - - private final String value; - - SeverityType(String value) { - this.value = value; - } - - @JsonCreator - public static SeverityType fromValue(String value) { - // allow conversion from vector string - if (value != null && value.length() == 1) { - for (SeverityType t : values()) { - if (t.value.startsWith(value)) { - return t; - } - } - } - SeverityType constant = CONSTANTS.get(value); - if (constant == null) { - throw new IllegalArgumentException(value); - } else { - return constant; - } - } - - @Override - public String toString() { - return this.value; - } - - @JsonValue - public String value() { - return this.value; - } - - } - - public enum UserInteractionType { - - NONE("NONE"), REQUIRED("REQUIRED"); - - private final static Map CONSTANTS = new HashMap<>(); - - static { - for (UserInteractionType c : values()) { - CONSTANTS.put(c.value, c); - } - } - - private final String value; - - UserInteractionType(String value) { - this.value = value; - } - - @JsonCreator - public static UserInteractionType fromValue(String value) { - // allow conversion from vector string - if (value != null && value.length() == 1) { - for (UserInteractionType t : values()) { - if (t.value.startsWith(value)) { - return t; - } - } - } - UserInteractionType constant = CONSTANTS.get(value); - if (constant == null) { - throw new IllegalArgumentException(value); - } else { - return constant; - } - } - - @Override - public String toString() { - return this.value; - } - - @JsonValue - public String value() { - return this.value; - } - - } - - /** - * CVSS Version - */ - public enum Version { - - _3_0("3.0"), _3_1("3.1"); - - private final static Map CONSTANTS = new HashMap<>(); - - static { - for (Version c : values()) { - CONSTANTS.put(c.value, c); - } - } - - private final String value; - - Version(String value) { - this.value = value; - } - - @JsonCreator - public static Version fromValue(String value) { - Version constant = CONSTANTS.get(value); - if (constant == null) { - throw new IllegalArgumentException(value); - } else { - return constant; - } - } - - @Override - public String toString() { - return this.value; - } - - @JsonValue - public String value() { - return this.value; - } - - } - -} diff --git a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/CvssV4.java b/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/CvssV4.java deleted file mode 100644 index 923f5f04..00000000 --- a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/CvssV4.java +++ /dev/null @@ -1,159 +0,0 @@ -/* - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * Copyright (c) 2023-2025 Jeremy Long. All Rights Reserved. - */ -package io.github.jeremylong.openvulnerability.client.nvd; - -import com.fasterxml.jackson.annotation.JsonCreator; -import com.fasterxml.jackson.annotation.JsonInclude; -import com.fasterxml.jackson.annotation.JsonProperty; -import com.fasterxml.jackson.annotation.JsonPropertyOrder; -import com.fasterxml.jackson.annotation.JsonValue; - -import java.io.Serializable; -import java.util.HashMap; -import java.util.Map; -import java.util.Objects; - -@JsonInclude(JsonInclude.Include.NON_NULL) -@JsonPropertyOrder({"source", "type", "cvssData"}) -public class CvssV4 implements Serializable { - - /** - * Serialization version UID. - */ - private static final long serialVersionUID = 4239377501678853019L; - - public CvssV4() { - } - - public CvssV4(String source, Type type, CvssV4Data cvssData) { - this.source = source; - this.type = type; - this.cvssData = cvssData; - } - - /** - * (Required) - */ - @JsonProperty("source") - private String source; - /** - * (Required) - */ - @JsonProperty("type") - private Type type; - /** - * JSON Schema for Common Vulnerability Scoring System version 4.0 - *

- * (Required) - */ - @JsonProperty("cvssData") - private CvssV4Data cvssData; - - /** - * (Required) - * - * @return source - */ - @JsonProperty("source") - public String getSource() { - return source; - } - - /** - * (Required) - * - * @return type - */ - @JsonProperty("type") - public Type getType() { - return type; - } - - /** - * JSON Schema for Common Vulnerability Scoring System version 4.0 - *

- * (Required) - * - * @return cvssData - */ - @JsonProperty("cvssData") - public CvssV4Data getCvssData() { - return cvssData; - } - - @Override - public String toString() { - return cvssData.toString(); - } - - @Override - public boolean equals(Object o) { - if (this == o) - return true; - if (o == null || getClass() != o.getClass()) - return false; - CvssV4 cvssV3 = (CvssV4) o; - return Objects.equals(source, cvssV3.source) && type == cvssV3.type - && Objects.equals(cvssData, cvssV3.cvssData); - } - - @Override - public int hashCode() { - return Objects.hash(source, type, cvssData); - } - - public enum Type { - - PRIMARY("Primary"), SECONDARY("Secondary"); - - private final static Map CONSTANTS = new HashMap<>(); - - static { - for (Type c : values()) { - CONSTANTS.put(c.value, c); - } - } - - private final String value; - - Type(String value) { - this.value = value; - } - - @JsonCreator - public static Type fromValue(String value) { - Type constant = CONSTANTS.get(value); - if (constant == null) { - throw new IllegalArgumentException(value); - } else { - return constant; - } - } - - @Override - public String toString() { - return this.value; - } - - @JsonValue - public String value() { - return this.value; - } - - } - -} diff --git a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/CvssV4Data.java b/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/CvssV4Data.java deleted file mode 100644 index aab08f77..00000000 --- a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/CvssV4Data.java +++ /dev/null @@ -1,2034 +0,0 @@ -/* - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * Copyright (c) 2023-2025 Jeremy Long. All Rights Reserved. - */ -package io.github.jeremylong.openvulnerability.client.nvd; - -import com.fasterxml.jackson.annotation.JsonAlias; -import com.fasterxml.jackson.annotation.JsonCreator; -import com.fasterxml.jackson.annotation.JsonIgnoreProperties; -import com.fasterxml.jackson.annotation.JsonInclude; -import com.fasterxml.jackson.annotation.JsonProperty; -import com.fasterxml.jackson.annotation.JsonPropertyDescription; -import com.fasterxml.jackson.annotation.JsonPropertyOrder; -import com.fasterxml.jackson.annotation.JsonSetter; -import com.fasterxml.jackson.annotation.JsonValue; -import com.fasterxml.jackson.annotation.Nulls; - -import java.io.Serializable; -import java.util.HashMap; -import java.util.Map; -import java.util.Objects; - -/** - * JSON Schema for Common Vulnerability Scoring System version 3.0 - */ -@JsonInclude(JsonInclude.Include.NON_NULL) -@JsonIgnoreProperties(ignoreUnknown = true) -// TODO fix the order - added entries that aren't here -@JsonPropertyOrder({"version", "vectorString", "attackVector", "attackComplexity", "attackRequirements", - "privilegesRequired", "userInteraction", "vulnerableSystemConfidentiality", "vulnerableSystemIntegrity", - "vulnerableSystemAvailability", "subsequentSystemConfidentiality", "subsequentSystemIntegrity", - "subsequentSystemAvailability", "exploitMaturity", "confidentialityRequirements", "integrityRequirements", - "availabilityRequirements", "modifiedAttackVector", "modifiedAttackComplexity", "modifiedAttackRequirements", - "modifiedPrivilegesRequired", "modifiedUserInteraction", "modifiedVulnerableSystemConfidentiality", - "modifiedVulnerableSystemIntegrity", "modifiedVulnerableSystemAvailability", - "modifiedSubsequentSystemConfidentiality", "modifiedSubsequentSystemIntegrity", - "modifiedSubsequentSystemAvailability", "safety", "automatable", "recovery", "valueDensity", - "vulnerabilityResponseEffort", "providerUrgency", "baseScore", "baseSeverity", "threatScore", "threatSeverity", - "environmentalScore", "environmentalSeverity"}) -public class CvssV4Data implements Serializable { - - /** - * Serialization version UID. - */ - private static final long serialVersionUID = 8537782209754450697L; - - public CvssV4Data() { - } - - public CvssV4Data(Version version, String vectorString, AttackVectorType attackVector, - AttackComplexityType attackComplexity, AttackRequirementsType attackRequirements, - PrivilegesRequiredType privilegesRequired, UserInteractionType userInteraction, - CiaType vulnConfidentialityImpact, CiaType vulnIntegrityImpact, CiaType vulnAvailabilityImpact, - CiaType subConfidentialityImpact, CiaType subIntegrityImpact, CiaType subAvailabilityImpact, - ExploitMaturityType exploitMaturity, CiaRequirementType confidentialityRequirement, - CiaRequirementType integrityRequirement, CiaRequirementType availabilityRequirement, - ModifiedAttackVectorType modifiedAttackVector, ModifiedAttackComplexityType modifiedAttackComplexity, - ModifiedAttackRequirementsType modifiedAttackRequirements, - ModifiedPrivilegesRequiredType modifiedPrivilegesRequired, - ModifiedUserInteractionType modifiedUserInteraction, ModifiedCiaType modifiedVulnConfidentialityImpact, - ModifiedCiaType modifiedVulnIntegrityImpact, ModifiedCiaType modifiedVulnAvailabilityImpact, - ModifiedSubCType modifiedSubConfidentialityImpact, ModifiedSubIaType modifiedSubIntegrityImpact, - ModifiedSubIaType modifiedSubAvailabilityImpact, SafetyType safety, AutomatableType automatable, - RecoveryType recovery, ValueDensityType valueDensity, - VulnerabilityResponseEffortType vulnerabilityResponseEffort, ProviderUrgencyType providerUrgency, - Double baseScore, SeverityType baseSeverity, Double threatScore, SeverityType threatSeverity, - Double environmentalScore, SeverityType environmentalSeverity) { - this.version = version; - this.vectorString = vectorString; - this.attackVector = attackVector; - this.attackComplexity = attackComplexity; - this.attackRequirements = attackRequirements; - this.privilegesRequired = privilegesRequired; - this.userInteraction = userInteraction; - this.vulnConfidentialityImpact = vulnConfidentialityImpact; - this.vulnIntegrityImpact = vulnIntegrityImpact; - this.vulnAvailabilityImpact = vulnAvailabilityImpact; - this.subConfidentialityImpact = subConfidentialityImpact; - this.subIntegrityImpact = subIntegrityImpact; - this.subAvailabilityImpact = subAvailabilityImpact; - this.exploitMaturity = exploitMaturity; - this.confidentialityRequirement = confidentialityRequirement; - this.integrityRequirement = integrityRequirement; - this.availabilityRequirement = availabilityRequirement; - this.modifiedAttackVector = modifiedAttackVector; - this.modifiedAttackComplexity = modifiedAttackComplexity; - this.modifiedAttackRequirements = modifiedAttackRequirements; - this.modifiedPrivilegesRequired = modifiedPrivilegesRequired; - this.modifiedUserInteraction = modifiedUserInteraction; - this.modifiedVulnConfidentialityImpact = modifiedVulnConfidentialityImpact; - this.modifiedVulnIntegrityImpact = modifiedVulnIntegrityImpact; - this.modifiedVulnAvailabilityImpact = modifiedVulnAvailabilityImpact; - this.modifiedSubConfidentialityImpact = modifiedSubConfidentialityImpact; - this.modifiedSubIntegrityImpact = modifiedSubIntegrityImpact; - this.modifiedSubAvailabilityImpact = modifiedSubAvailabilityImpact; - this.safety = safety; - this.automatable = automatable; - this.recovery = recovery; - this.valueDensity = valueDensity; - this.vulnerabilityResponseEffort = vulnerabilityResponseEffort; - this.providerUrgency = providerUrgency; - this.baseScore = baseScore; - this.baseSeverity = baseSeverity; - this.threatScore = threatScore; - this.threatSeverity = threatSeverity; - this.environmentalScore = environmentalScore; - this.environmentalSeverity = environmentalSeverity; - } - - /** - * CVSS Version (Required) - */ - @JsonProperty("version") - @JsonPropertyDescription("CVSS Version") - private Version version; - /** - * (Required) - */ - @JsonProperty("vectorString") - private String vectorString; - @JsonProperty("attackVector") - private AttackVectorType attackVector; - @JsonProperty("attackComplexity") - private AttackComplexityType attackComplexity; - @JsonProperty("attackRequirements") - private AttackRequirementsType attackRequirements; - @JsonProperty("privilegesRequired") - private PrivilegesRequiredType privilegesRequired; - @JsonProperty("userInteraction") - private UserInteractionType userInteraction; - @JsonProperty("vulnerableSystemConfidentiality") - @JsonAlias("vulnConfidentialityImpact") - private CiaType vulnConfidentialityImpact; - @JsonProperty("vulnerableSystemIntegrity") - @JsonAlias("vulnIntegrityImpact") - private CiaType vulnIntegrityImpact; - @JsonProperty("vulnerableSystemAvailability") - @JsonAlias("vulnAvailabilityImpact") - private CiaType vulnAvailabilityImpact; - @JsonProperty("subsequentSystemConfidentiality") - @JsonAlias("subConfidentialityImpact") - private CiaType subConfidentialityImpact; - @JsonProperty("subsequentSystemIntegrity") - @JsonAlias("subIntegrityImpact") - private CiaType subIntegrityImpact; - @JsonProperty("subsequentSystemAvailability") - @JsonAlias("subAvailabilityImpact") - private CiaType subAvailabilityImpact; - @JsonProperty("exploitMaturity") - @JsonSetter(nulls = Nulls.SKIP) - private ExploitMaturityType exploitMaturity = ExploitMaturityType.NOT_DEFINED; - @JsonProperty("confidentialityRequirements") - @JsonAlias("confidentialityRequirement") - private CiaRequirementType confidentialityRequirement; - @JsonProperty("integrityRequirements") - @JsonAlias("integrityRequirement") - private CiaRequirementType integrityRequirement; - @JsonProperty("availabilityRequirements") - @JsonAlias("availabilityRequirement") - private CiaRequirementType availabilityRequirement; - @JsonProperty("modifiedAttackVector") - @JsonSetter(nulls = Nulls.SKIP) - private ModifiedAttackVectorType modifiedAttackVector = ModifiedAttackVectorType.NOT_DEFINED; - @JsonProperty("modifiedAttackComplexity") - @JsonSetter(nulls = Nulls.SKIP) - private ModifiedAttackComplexityType modifiedAttackComplexity = ModifiedAttackComplexityType.NOT_DEFINED; - @JsonProperty("modifiedAttackRequirements") - @JsonSetter(nulls = Nulls.SKIP) - private ModifiedAttackRequirementsType modifiedAttackRequirements = ModifiedAttackRequirementsType.NOT_DEFINED; - @JsonProperty("modifiedPrivilegesRequired") - @JsonSetter(nulls = Nulls.SKIP) - private ModifiedPrivilegesRequiredType modifiedPrivilegesRequired = ModifiedPrivilegesRequiredType.NOT_DEFINED; - @JsonProperty("modifiedUserInteraction") - @JsonSetter(nulls = Nulls.SKIP) - private ModifiedUserInteractionType modifiedUserInteraction = ModifiedUserInteractionType.NOT_DEFINED; - @JsonProperty("modifiedVulnerableSystemConfidentiality") - @JsonAlias("modifiedVulnConfidentialityImpact") - @JsonSetter(nulls = Nulls.SKIP) - private ModifiedCiaType modifiedVulnConfidentialityImpact = ModifiedCiaType.NOT_DEFINED; - @JsonProperty("modifiedVulnerableSystemIntegrity") - @JsonAlias("modifiedVulnIntegrityImpact") - @JsonSetter(nulls = Nulls.SKIP) - private ModifiedCiaType modifiedVulnIntegrityImpact = ModifiedCiaType.NOT_DEFINED; - @JsonProperty("modifiedVulnerableSystemAvailability") - @JsonAlias("modifiedVulnAvailabilityImpact") - @JsonSetter(nulls = Nulls.SKIP) - private ModifiedCiaType modifiedVulnAvailabilityImpact = ModifiedCiaType.NOT_DEFINED; - @JsonProperty("modifiedSubsequentSystemConfidentiality") - @JsonAlias("modifiedSubConfidentialityImpact") - @JsonSetter(nulls = Nulls.SKIP) - private ModifiedSubCType modifiedSubConfidentialityImpact = ModifiedSubCType.NOT_DEFINED; - @JsonProperty("modifiedSubsequentSystemIntegrity") - @JsonAlias("modifiedSubIntegrityImpact") - @JsonSetter(nulls = Nulls.SKIP) - private ModifiedSubIaType modifiedSubIntegrityImpact = ModifiedSubIaType.NOT_DEFINED; - @JsonProperty("modifiedSubsequentSystemAvailability") - @JsonAlias("modifiedSubAvailabilityImpact") - @JsonSetter(nulls = Nulls.SKIP) - private ModifiedSubIaType modifiedSubAvailabilityImpact = ModifiedSubIaType.NOT_DEFINED; - @JsonProperty("safety") - @JsonAlias("Safety") - @JsonSetter(nulls = Nulls.SKIP) - private SafetyType safety = SafetyType.NOT_DEFINED; - @JsonProperty("automatable") - @JsonAlias("Automatable") - @JsonSetter(nulls = Nulls.SKIP) - private AutomatableType automatable = AutomatableType.NOT_DEFINED; - @JsonProperty("recovery") - @JsonAlias("Recovery") - @JsonSetter(nulls = Nulls.SKIP) - private RecoveryType recovery = RecoveryType.NOT_DEFINED; - @JsonProperty("valueDensity") - @JsonSetter(nulls = Nulls.SKIP) - private ValueDensityType valueDensity = ValueDensityType.NOT_DEFINED; - @JsonProperty("vulnerabilityResponseEffort") - @JsonSetter(nulls = Nulls.SKIP) - private VulnerabilityResponseEffortType vulnerabilityResponseEffort = VulnerabilityResponseEffortType.NOT_DEFINED; - @JsonProperty("providerUrgency") - @JsonSetter(nulls = Nulls.SKIP) - private ProviderUrgencyType providerUrgency = ProviderUrgencyType.NOT_DEFINED; - /** - * (Required) - */ - @JsonProperty("baseScore") - private Double baseScore; - /** - * (Required) - */ - @JsonProperty("baseSeverity") - private SeverityType baseSeverity; - @JsonProperty("threatScore") - private Double threatScore; - @JsonProperty("threatSeverity") - private SeverityType threatSeverity; - @JsonProperty("environmentalScore") - private Double environmentalScore; - @JsonProperty("environmentalSeverity") - private SeverityType environmentalSeverity; - - /** - * CVSS Version (Required) - * - * @return version - */ - @JsonProperty("version") - public Version getVersion() { - return version; - } - - /** - * (Required) - * - * @return vectorString - */ - @JsonProperty("vectorString") - public String getVectorString() { - return vectorString; - } - - /** - * @return attackVector - */ - @JsonProperty("attackVector") - public AttackVectorType getAttackVector() { - return attackVector; - } - - /** - * @return attackComplexity - */ - @JsonProperty("attackComplexity") - public AttackComplexityType getAttackComplexity() { - return attackComplexity; - } - - /** - * @return attackRequirements - */ - @JsonProperty("attackRequirements") - public AttackRequirementsType getAttackRequirements() { - return attackRequirements; - } - - /** - * @return privilegesRequired - */ - @JsonProperty("privilegesRequired") - public PrivilegesRequiredType getPrivilegesRequired() { - return privilegesRequired; - } - - /** - * @return userInteraction - */ - @JsonProperty("userInteraction") - public UserInteractionType getUserInteraction() { - return userInteraction; - } - - /** - * @return vulnConfidentialityImpact - */ - @JsonProperty("vulnConfidentialityImpact") - public CiaType getVulnConfidentialityImpact() { - return vulnConfidentialityImpact; - } - - /** - * @return vulnIntegrityImpact - */ - @JsonProperty("vulnIntegrityImpact") - public CiaType getVulnIntegrityImpact() { - return vulnIntegrityImpact; - } - - /** - * @return vulnAvailabilityImpact - */ - @JsonProperty("vulnAvailabilityImpact") - public CiaType getVulnAvailabilityImpact() { - return vulnAvailabilityImpact; - } - - /** - * @return subConfidentialityImpact - */ - @JsonProperty("subConfidentialityImpact") - public CiaType getSubConfidentialityImpact() { - return subConfidentialityImpact; - } - - /** - * @return subIntegrityImpact - */ - @JsonProperty("subIntegrityImpact") - public CiaType getSubIntegrityImpact() { - return subIntegrityImpact; - } - - /** - * @return subAvailabilityImpact - */ - @JsonProperty("subAvailabilityImpact") - public CiaType getSubAvailabilityImpact() { - return subAvailabilityImpact; - } - - /** - * @return exploitMaturity - */ - @JsonProperty("exploitMaturity") - public ExploitMaturityType getExploitMaturity() { - return exploitMaturity; - } - - /** - * (Required) - * - * @return baseScore - */ - @JsonProperty("baseScore") - public Double getBaseScore() { - return baseScore; - } - - /** - * (Required) - * - * @return baseSeverity - */ - @JsonProperty("baseSeverity") - public SeverityType getBaseSeverity() { - return baseSeverity; - } - - /** - * @return confidentialityRequirement - */ - @JsonProperty("confidentialityRequirement") - public CiaRequirementType getConfidentialityRequirement() { - return confidentialityRequirement; - } - - /** - * @return integrityRequirement - */ - @JsonProperty("integrityRequirement") - public CiaRequirementType getIntegrityRequirement() { - return integrityRequirement; - } - - /** - * @return availabilityRequirement - */ - @JsonProperty("availabilityRequirement") - public CiaRequirementType getAvailabilityRequirement() { - return availabilityRequirement; - } - - /** - * @return modifiedAttackVector - */ - @JsonProperty("modifiedAttackVector") - public ModifiedAttackVectorType getModifiedAttackVector() { - return modifiedAttackVector; - } - - /** - * @return modifiedAttackComplexity - */ - @JsonProperty("modifiedAttackComplexity") - public ModifiedAttackComplexityType getModifiedAttackComplexity() { - return modifiedAttackComplexity; - } - - /** - * @return modifiedAttackRequirements - */ - @JsonProperty("modifiedAttackRequirements") - public ModifiedAttackRequirementsType getModifiedAttackRequirements() { - return modifiedAttackRequirements; - } - - /** - * @return modifiedPrivilegesRequired - */ - @JsonProperty("modifiedPrivilegesRequired") - public ModifiedPrivilegesRequiredType getModifiedPrivilegesRequired() { - return modifiedPrivilegesRequired; - } - - /** - * @return modifiedUserInteraction - */ - @JsonProperty("modifiedUserInteraction") - public ModifiedUserInteractionType getModifiedUserInteraction() { - return modifiedUserInteraction; - } - - /** - * @return modifiedVulnConfidentialityImpact - */ - @JsonProperty("modifiedVulnConfidentialityImpact") - public ModifiedCiaType getModifiedVulnConfidentialityImpact() { - return modifiedVulnConfidentialityImpact; - } - - /** - * @return modifiedVulnIntegrityImpact - */ - @JsonProperty("modifiedVulnIntegrityImpact") - public ModifiedCiaType getModifiedVulnIntegrityImpact() { - return modifiedVulnIntegrityImpact; - } - - /** - * @return modifiedVulnAvailabilityImpact - */ - @JsonProperty("modifiedVulnAvailabilityImpact") - public ModifiedCiaType getModifiedVulnAvailabilityImpact() { - return modifiedVulnAvailabilityImpact; - } - - /** - * @return modifiedSubConfidentialityImpact - */ - @JsonProperty("modifiedSubConfidentialityImpact") - public ModifiedSubCType getModifiedSubConfidentialityImpact() { - return modifiedSubConfidentialityImpact; - } - - /** - * @return modifiedSubIntegrityImpact - */ - @JsonProperty("modifiedSubIntegrityImpact") - public ModifiedSubIaType getModifiedSubIntegrityImpact() { - return modifiedSubIntegrityImpact; - } - - /** - * @return modifiedSubAvailabilityImpact - */ - @JsonProperty("modifiedSubAvailabilityImpact") - public ModifiedSubIaType getModifiedSubAvailabilityImpact() { - return modifiedSubAvailabilityImpact; - } - - /** - * @return safety - */ - @JsonProperty("Safety") - @JsonAlias("safety") - public SafetyType getSafety() { - return safety; - } - - /** - * @return automatable - */ - @JsonProperty("Automatable") - @JsonAlias("automatable") - public AutomatableType getAutomatable() { - return automatable; - } - - /** - * @return recovery - */ - @JsonProperty("Recovery") - @JsonAlias("recovery") - public RecoveryType getRecovery() { - return recovery; - } - - /** - * @return valueDensity - */ - @JsonProperty("valueDensity") - public ValueDensityType getValueDensity() { - return valueDensity; - } - - /** - * @return vulnerabilityResponseEffort - */ - @JsonProperty("vulnerabilityResponseEffort") - public VulnerabilityResponseEffortType getVulnerabilityResponseEffort() { - return vulnerabilityResponseEffort; - } - - /** - * @return providerUrgency - */ - @JsonProperty("providerUrgency") - public ProviderUrgencyType getProviderUrgency() { - return providerUrgency; - } - - /** - * @return threatScore - */ - @JsonProperty("threatScore") - public Double getThreatScore() { - return threatScore; - } - - /** - * @return threatSeverity - */ - @JsonProperty("threatSeverity") - public SeverityType getThreatSeverity() { - return threatSeverity; - } - - /** - * @return environmentalScore - */ - @JsonProperty("environmentalScore") - public Double getEnvironmentalScore() { - return environmentalScore; - } - - /** - * @return environmentalSeverity - */ - @JsonProperty("environmentalSeverity") - public SeverityType getEnvironmentalSeverity() { - return environmentalSeverity; - } - - @Override - public String toString() { - // "pattern": - // "^CVSS:4[.]0\/AV:[NALP]\/AC:[LH]\/AT:[NP]\/PR:[NLH]\/UI:[NPA]\/VC:[HLN]\/VI:[HLN]\/VA:[HLN]\/SC:[HLN]\/SI:[HLN]\/SA:[HLN] - // TODO fix the string format - StringBuilder v = new StringBuilder("CVSS:").append(version == null ? "" : version).append("/AV:") - .append(attackVector == null ? "" : attackVector.value().charAt(0)).append("/AC:") - .append(attackComplexity == null ? "" : attackComplexity.value().charAt(0)).append("/AT:") - .append(attackRequirements == null ? "" : attackRequirements.value().charAt(0)).append("/PR:") - .append(privilegesRequired == null ? "" : privilegesRequired.value().charAt(0)).append("/UI:") - .append(userInteraction == null ? "" : userInteraction.value().charAt(0)).append("/VC:") - .append(vulnConfidentialityImpact == null ? "" : vulnConfidentialityImpact.value().charAt(0)) - .append("/VI:").append(vulnIntegrityImpact == null ? "" : vulnIntegrityImpact.value().charAt(0)) - .append("/VA:").append(vulnAvailabilityImpact == null ? "" : vulnAvailabilityImpact.value().charAt(0)) - .append("/SC:") - .append(subConfidentialityImpact == null ? "" : subConfidentialityImpact.value().charAt(0)) - .append("/SI:").append(subIntegrityImpact == null ? "" : subIntegrityImpact.value().charAt(0)) - .append("/SA:").append(subAvailabilityImpact == null ? "" : subAvailabilityImpact.value().charAt(0)); - // (\/E:[XAPU])?(\/CR:[XHML])?(\/IR:[XHML])?(\/AR:[XHML])? - if (exploitMaturity != null) { - v.append("/E:").append( - exploitMaturity == ExploitMaturityType.NOT_DEFINED ? "X" : exploitMaturity.value().charAt(0)); - } - if (confidentialityRequirement != null) { - v.append("/CR:").append(confidentialityRequirement == CiaRequirementType.NOT_DEFINED ? "X" - : confidentialityRequirement.value().charAt(0)); - } - if (integrityRequirement != null) { - v.append("/IR:").append(integrityRequirement == CiaRequirementType.NOT_DEFINED ? "X" - : integrityRequirement.value().charAt(0)); - } - if (availabilityRequirement != null) { - v.append("/AR:").append(availabilityRequirement == CiaRequirementType.NOT_DEFINED ? "X" - : availabilityRequirement.value().charAt(0)); - } - // (\/MAV:[XNALP])?(\/MAC:[XLH])?(\/MAT:[XNP])?(\/MPR:[XNLH])?(\/MUI:[XNPA])?(\/MVC:[XNLH])?(\/MVI:[XNLH])?(\/MVA:[XNLH])? - if (modifiedAttackVector != null) { - v.append("/MAV:").append(modifiedAttackVector == ModifiedAttackVectorType.NOT_DEFINED ? "X" - : modifiedAttackVector.value().charAt(0)); - } - if (modifiedAttackComplexity != null) { - v.append("/MAC:").append(modifiedAttackComplexity == ModifiedAttackComplexityType.NOT_DEFINED ? "X" - : modifiedAttackComplexity.value().charAt(0)); - } - if (modifiedAttackRequirements != null) { - v.append("/MAT:").append(modifiedAttackRequirements == ModifiedAttackRequirementsType.NOT_DEFINED ? "X" - : modifiedAttackRequirements.value().charAt(0)); - } - if (modifiedPrivilegesRequired != null) { - v.append("/MPR:").append(modifiedPrivilegesRequired == ModifiedPrivilegesRequiredType.NOT_DEFINED ? "X" - : modifiedPrivilegesRequired.value().charAt(0)); - } - if (modifiedUserInteraction != null) { - v.append("/MUI:").append(modifiedUserInteraction == ModifiedUserInteractionType.NOT_DEFINED ? "X" - : modifiedUserInteraction.value().charAt(0)); - } - if (modifiedVulnConfidentialityImpact != null) { - v.append("/MVC:").append(modifiedVulnConfidentialityImpact == ModifiedCiaType.NOT_DEFINED ? "X" - : modifiedVulnConfidentialityImpact.value().charAt(0)); - } - if (modifiedVulnIntegrityImpact != null) { - v.append("/MVI:").append(modifiedVulnIntegrityImpact == ModifiedCiaType.NOT_DEFINED ? "X" - : modifiedVulnIntegrityImpact.value().charAt(0)); - } - if (modifiedVulnAvailabilityImpact != null) { - v.append("/MVA:").append(modifiedVulnAvailabilityImpact == ModifiedCiaType.NOT_DEFINED ? "X" - : modifiedVulnAvailabilityImpact.value().charAt(0)); - } - // (\/MSC:[XNLH])?(\/MSI:[XNLHS])?(\/MSA:[XNLHS])?(\/S:[XNP])?(\/AU:[XNY])?(\/R:[XAUI])? - if (modifiedSubConfidentialityImpact != null) { - v.append("/MSC:").append(modifiedSubConfidentialityImpact == ModifiedSubCType.NOT_DEFINED ? "X" - : modifiedSubConfidentialityImpact.value().charAt(0)); - } - if (modifiedSubIntegrityImpact != null) { - v.append("/MSI:").append(modifiedSubIntegrityImpact == ModifiedSubIaType.NOT_DEFINED ? "X" - : modifiedSubIntegrityImpact.value().charAt(0)); - } - if (modifiedSubAvailabilityImpact != null) { - v.append("/MSA:").append(modifiedSubAvailabilityImpact == ModifiedSubIaType.NOT_DEFINED ? "X" - : modifiedSubAvailabilityImpact.value().charAt(0)); - } - if (safety != null) { - v.append("/S:").append(safety == SafetyType.NOT_DEFINED ? "X" : safety.value().charAt(0)); - } - if (automatable != null) { - v.append("/AU:").append(automatable == AutomatableType.NOT_DEFINED ? "X" : automatable.value().charAt(0)); - } - if (recovery != null) { - v.append("/R:").append(recovery.value().charAt(0)); - } - // (\/V:[XDC])?(\/RE:[XLMH])?(\/U:(X|Clear|Green|Amber|Red))?$" - if (valueDensity != null) { - v.append("/V:").append(valueDensity == ValueDensityType.NOT_DEFINED ? "X" : valueDensity.value().charAt(0)); - } - if (vulnerabilityResponseEffort != null) { - v.append("/RE:").append(vulnerabilityResponseEffort == VulnerabilityResponseEffortType.NOT_DEFINED ? "X" - : vulnerabilityResponseEffort.value().charAt(0)); - } - if (providerUrgency != null) { - v.append("/U:"); - if (providerUrgency == ProviderUrgencyType.NOT_DEFINED) { - v.append("X"); - } else { - v.append(providerUrgency.value().charAt(0)).append(providerUrgency.value().substring(1).toLowerCase()); - } - } - return v.toString(); - } - - @Override - public boolean equals(Object o) { - if (this == o) - return true; - if (!(o instanceof CvssV4Data)) - return false; - CvssV4Data that = (CvssV4Data) o; - return version == that.version && Objects.equals(vectorString, that.vectorString) - && attackVector == that.attackVector && attackComplexity == that.attackComplexity - && attackRequirements == that.attackRequirements && privilegesRequired == that.privilegesRequired - && userInteraction == that.userInteraction - && vulnConfidentialityImpact == that.vulnConfidentialityImpact - && vulnIntegrityImpact == that.vulnIntegrityImpact - && vulnAvailabilityImpact == that.vulnAvailabilityImpact - && subConfidentialityImpact == that.subConfidentialityImpact - && subIntegrityImpact == that.subIntegrityImpact && subAvailabilityImpact == that.subAvailabilityImpact - && exploitMaturity == that.exploitMaturity - && confidentialityRequirement == that.confidentialityRequirement - && integrityRequirement == that.integrityRequirement - && availabilityRequirement == that.availabilityRequirement - && modifiedAttackVector == that.modifiedAttackVector - && modifiedAttackComplexity == that.modifiedAttackComplexity - && modifiedAttackRequirements == that.modifiedAttackRequirements - && modifiedPrivilegesRequired == that.modifiedPrivilegesRequired - && modifiedUserInteraction == that.modifiedUserInteraction - && modifiedVulnConfidentialityImpact == that.modifiedVulnConfidentialityImpact - && modifiedVulnIntegrityImpact == that.modifiedVulnIntegrityImpact - && modifiedVulnAvailabilityImpact == that.modifiedVulnAvailabilityImpact - && modifiedSubConfidentialityImpact == that.modifiedSubConfidentialityImpact - && modifiedSubIntegrityImpact == that.modifiedSubIntegrityImpact - && modifiedSubAvailabilityImpact == that.modifiedSubAvailabilityImpact && safety == that.safety - && automatable == that.automatable && recovery == that.recovery && valueDensity == that.valueDensity - && vulnerabilityResponseEffort == that.vulnerabilityResponseEffort - && providerUrgency == that.providerUrgency && Objects.equals(baseScore, that.baseScore) - && baseSeverity == that.baseSeverity && Objects.equals(threatScore, that.threatScore) - && threatSeverity == that.threatSeverity && Objects.equals(environmentalScore, that.environmentalScore) - && environmentalSeverity == that.environmentalSeverity; - } - - @Override - public int hashCode() { - return Objects.hash(version, vectorString, attackVector, attackComplexity, attackRequirements, - privilegesRequired, userInteraction, vulnConfidentialityImpact, vulnIntegrityImpact, - vulnAvailabilityImpact, subConfidentialityImpact, subIntegrityImpact, subAvailabilityImpact, - exploitMaturity, confidentialityRequirement, integrityRequirement, availabilityRequirement, - modifiedAttackVector, modifiedAttackComplexity, modifiedAttackRequirements, modifiedPrivilegesRequired, - modifiedUserInteraction, modifiedVulnConfidentialityImpact, modifiedVulnIntegrityImpact, - modifiedVulnAvailabilityImpact, modifiedSubConfidentialityImpact, modifiedSubIntegrityImpact, - modifiedSubAvailabilityImpact, safety, automatable, recovery, valueDensity, vulnerabilityResponseEffort, - providerUrgency, baseScore, baseSeverity, threatScore, threatSeverity, environmentalScore, - environmentalSeverity); - } - - public enum AttackComplexityType { - - HIGH("HIGH"), LOW("LOW"); - - private final static Map CONSTANTS = new HashMap<>(); - - static { - for (AttackComplexityType c : values()) { - CONSTANTS.put(c.value, c); - } - } - - private final String value; - - AttackComplexityType(String value) { - this.value = value; - } - - @JsonCreator - public static AttackComplexityType fromValue(String value) { - // allow conversion from vector string - if (value != null && value.length() == 1) { - for (AttackComplexityType t : values()) { - if (t.value.startsWith(value.toUpperCase())) { - return t; - } - } - } - AttackComplexityType constant = CONSTANTS.get(value); - if (constant == null) { - throw new IllegalArgumentException(value); - } else { - return constant; - } - } - - @Override - public String toString() { - return this.value; - } - - @JsonValue - public String value() { - return this.value; - } - - } - - public enum AttackVectorType { - - NETWORK("NETWORK"), ADJACENT("ADJACENT"), LOCAL("LOCAL"), PHYSICAL("PHYSICAL"); - - private final static Map CONSTANTS = new HashMap<>(); - - static { - for (AttackVectorType c : values()) { - CONSTANTS.put(c.value, c); - } - } - - private final String value; - - AttackVectorType(String value) { - this.value = value; - } - - @JsonCreator - public static AttackVectorType fromValue(String value) { - // allow conversion from vector string - if (value != null && value.length() == 1) { - for (AttackVectorType t : values()) { - if (t.value.startsWith(value.toUpperCase())) { - return t; - } - } - } - AttackVectorType constant = CONSTANTS.get(value); - if (constant == null) { - throw new IllegalArgumentException(value); - } else { - return constant; - } - } - - @Override - public String toString() { - return this.value; - } - - @JsonValue - public String value() { - return this.value; - } - - } - - public enum CiaRequirementType { - - LOW("LOW"), MEDIUM("MEDIUM"), HIGH("HIGH"), NOT_DEFINED("NOT_DEFINED"); - - private final static Map CONSTANTS = new HashMap<>(); - - static { - for (CiaRequirementType c : values()) { - CONSTANTS.put(c.value, c); - } - } - - private final String value; - - CiaRequirementType(String value) { - this.value = value; - } - - @JsonCreator - public static CiaRequirementType fromValue(String value) { - // allow conversion from vector string - if (value != null && value.length() == 1) { - if ("x".equalsIgnoreCase(value)) { - return NOT_DEFINED; - } - for (CiaRequirementType t : values()) { - if (t.value.startsWith(value.toUpperCase())) { - return t; - } - } - } - CiaRequirementType constant = CONSTANTS.get(value); - if (constant == null) { - throw new IllegalArgumentException(value); - } else { - return constant; - } - } - - @Override - public String toString() { - return this.value; - } - - @JsonValue - public String value() { - return this.value; - } - - } - - public enum CiaType { - - NONE("NONE"), LOW("LOW"), HIGH("HIGH"); - - private final static Map CONSTANTS = new HashMap<>(); - - static { - for (CiaType c : values()) { - CONSTANTS.put(c.value, c); - } - } - - private final String value; - - CiaType(String value) { - this.value = value; - } - - @JsonCreator - public static CiaType fromValue(String value) { - // allow conversion from vector string - if (value != null && value.length() == 1) { - for (CiaType t : values()) { - if (t.value.startsWith(value.toUpperCase())) { - return t; - } - } - } - CiaType constant = CONSTANTS.get(value); - if (constant == null) { - throw new IllegalArgumentException(value); - } else { - return constant; - } - } - - @Override - public String toString() { - return this.value; - } - - @JsonValue - public String value() { - return this.value; - } - - } - - public enum ExploitMaturityType { - - UNREPORTED("UNREPORTED"), PROOF_OF_CONCEPT("PROOF_OF_CONCEPT"), ATTACKED("ATTACKED"), NOT_DEFINED( - "NOT_DEFINED"); - - private final static Map CONSTANTS = new HashMap<>(); - - static { - for (ExploitMaturityType c : values()) { - CONSTANTS.put(c.value, c); - } - } - - private final String value; - - ExploitMaturityType(String value) { - this.value = value; - } - - @JsonCreator - public static ExploitMaturityType fromValue(String value) { - // allow conversion from vector string - if (value != null && value.length() == 1) { - if ("x".equalsIgnoreCase(value)) { - return NOT_DEFINED; - } - for (ExploitMaturityType t : values()) { - if (t.value.startsWith(value.toUpperCase())) { - return t; - } - } - } - ExploitMaturityType constant = CONSTANTS.get(value); - if (constant == null) { - throw new IllegalArgumentException(value); - } else { - return constant; - } - } - - @Override - public String toString() { - return this.value; - } - - @JsonValue - public String value() { - return this.value; - } - - } - - public enum ModifiedAttackComplexityType { - - HIGH("HIGH"), LOW("LOW"), NOT_DEFINED("NOT_DEFINED"); - - private final static Map CONSTANTS = new HashMap<>(); - - static { - for (ModifiedAttackComplexityType c : values()) { - CONSTANTS.put(c.value, c); - } - } - - private final String value; - - ModifiedAttackComplexityType(String value) { - this.value = value; - } - - @JsonCreator - public static ModifiedAttackComplexityType fromValue(String value) { - // allow conversion from vector string - if (value != null && value.length() == 1) { - if ("x".equalsIgnoreCase(value)) { - return NOT_DEFINED; - } - for (ModifiedAttackComplexityType t : values()) { - if (t.value.startsWith(value.toUpperCase())) { - return t; - } - } - } - ModifiedAttackComplexityType constant = CONSTANTS.get(value); - if (constant == null) { - throw new IllegalArgumentException(value); - } else { - return constant; - } - } - - @Override - public String toString() { - return this.value; - } - - @JsonValue - public String value() { - return this.value; - } - - } - - public enum AttackRequirementsType { - - NONE("NONE"), PRESENT("PRESENT"); - - private final static Map CONSTANTS = new HashMap<>(); - - static { - for (AttackRequirementsType c : values()) { - CONSTANTS.put(c.value, c); - } - } - - private final String value; - - AttackRequirementsType(String value) { - this.value = value; - } - - @JsonCreator - public static AttackRequirementsType fromValue(String value) { - // allow conversion from vector string - if (value != null && value.length() == 1) { - for (AttackRequirementsType t : values()) { - if (t.value.startsWith(value.toUpperCase())) { - return t; - } - } - } - AttackRequirementsType constant = CONSTANTS.get(value); - if (constant == null) { - throw new IllegalArgumentException(value); - } else { - return constant; - } - } - - @Override - public String toString() { - return this.value; - } - - @JsonValue - public String value() { - return this.value; - } - } - - public enum ModifiedAttackRequirementsType { - - NONE("NONE"), PRESENT("PRESENT"), NOT_DEFINED("NOT_DEFINED"); - - private final static Map CONSTANTS = new HashMap<>(); - - static { - for (ModifiedAttackRequirementsType c : values()) { - CONSTANTS.put(c.value, c); - } - } - - private final String value; - - ModifiedAttackRequirementsType(String value) { - this.value = value; - } - - @JsonCreator - public static ModifiedAttackRequirementsType fromValue(String value) { - // allow conversion from vector string - if (value != null && value.length() == 1) { - if ("x".equalsIgnoreCase(value)) { - return NOT_DEFINED; - } - for (ModifiedAttackRequirementsType t : values()) { - if (t.value.startsWith(value.toUpperCase())) { - return t; - } - } - } - ModifiedAttackRequirementsType constant = CONSTANTS.get(value); - if (constant == null) { - throw new IllegalArgumentException(value); - } else { - return constant; - } - } - - @Override - public String toString() { - return this.value; - } - - @JsonValue - public String value() { - return this.value; - } - } - - public enum ModifiedAttackVectorType { - - NETWORK("NETWORK"), ADJACENT("ADJACENT"), LOCAL("LOCAL"), PHYSICAL("PHYSICAL"), NOT_DEFINED("NOT_DEFINED"); - - private final static Map CONSTANTS = new HashMap<>(); - - static { - for (ModifiedAttackVectorType c : values()) { - CONSTANTS.put(c.value, c); - } - } - - private final String value; - - ModifiedAttackVectorType(String value) { - this.value = value; - } - - @JsonCreator - public static ModifiedAttackVectorType fromValue(String value) { - // allow conversion from vector string - if (value != null && value.length() == 1) { - if ("x".equalsIgnoreCase(value)) { - return NOT_DEFINED; - } - for (ModifiedAttackVectorType t : values()) { - if (t.value.startsWith(value.toUpperCase())) { - return t; - } - } - } - ModifiedAttackVectorType constant = CONSTANTS.get(value); - if (constant == null) { - throw new IllegalArgumentException(value); - } else { - return constant; - } - } - - @Override - public String toString() { - return this.value; - } - - @JsonValue - public String value() { - return this.value; - } - - } - - public enum ModifiedCiaType { - - NONE("NONE"), LOW("LOW"), HIGH("HIGH"), NOT_DEFINED("NOT_DEFINED"); - - private final static Map CONSTANTS = new HashMap<>(); - - static { - for (ModifiedCiaType c : values()) { - CONSTANTS.put(c.value, c); - } - } - - private final String value; - - ModifiedCiaType(String value) { - this.value = value; - } - - @JsonCreator - public static ModifiedCiaType fromValue(String value) { - // allow conversion from vector string - if (value != null && value.length() == 1) { - if ("x".equalsIgnoreCase(value)) { - return NOT_DEFINED; - } - for (ModifiedCiaType t : values()) { - if (t.value.startsWith(value.toUpperCase())) { - return t; - } - } - } - ModifiedCiaType constant = CONSTANTS.get(value); - if (constant == null) { - throw new IllegalArgumentException(value); - } else { - return constant; - } - } - - @Override - public String toString() { - return this.value; - } - - @JsonValue - public String value() { - return this.value; - } - - } - - public enum ModifiedSubCType { - - NEGLIGIBLE("NEGLIGIBLE"), LOW("LOW"), HIGH("HIGH"), NOT_DEFINED("NOT_DEFINED"); - - private final static Map CONSTANTS = new HashMap<>(); - - static { - for (ModifiedSubCType c : values()) { - CONSTANTS.put(c.value, c); - } - } - - private final String value; - - ModifiedSubCType(String value) { - this.value = value; - } - - @JsonCreator - public static ModifiedSubCType fromValue(String value) { - // allow conversion from vector string - if (value != null && value.length() == 1) { - if ("x".equalsIgnoreCase(value)) { - return NOT_DEFINED; - } - for (ModifiedSubCType t : values()) { - if (t.value.startsWith(value.toUpperCase())) { - return t; - } - } - } - ModifiedSubCType constant = CONSTANTS.get(value); - if (constant == null) { - throw new IllegalArgumentException(value); - } else { - return constant; - } - } - - @Override - public String toString() { - return this.value; - } - - @JsonValue - public String value() { - return this.value; - } - } - - public enum ModifiedSubIaType { - - NEGLIGIBLE("NEGLIGIBLE"), LOW("LOW"), HIGH("HIGH"), SAFETY("SAFETY"), NOT_DEFINED("NOT_DEFINED"); - - private final static Map CONSTANTS = new HashMap<>(); - - static { - for (ModifiedSubIaType c : values()) { - CONSTANTS.put(c.value, c); - } - } - - private final String value; - - ModifiedSubIaType(String value) { - this.value = value; - } - - @JsonCreator - public static ModifiedSubIaType fromValue(String value) { - // allow conversion from vector string - if (value != null && value.length() == 1) { - if ("x".equalsIgnoreCase(value)) { - return NOT_DEFINED; - } - for (ModifiedSubIaType t : values()) { - if (t.value.startsWith(value.toUpperCase())) { - return t; - } - } - } - ModifiedSubIaType constant = CONSTANTS.get(value); - if (constant == null) { - throw new IllegalArgumentException(value); - } else { - return constant; - } - } - - @Override - public String toString() { - return this.value; - } - - @JsonValue - public String value() { - return this.value; - } - } - - public enum SafetyType { - - NEGLIGIBLE("NEGLIGIBLE"), PRESENT("PRESENT"), NOT_DEFINED("NOT_DEFINED"); - - private final static Map CONSTANTS = new HashMap<>(); - - static { - for (SafetyType c : values()) { - CONSTANTS.put(c.value, c); - } - } - - private final String value; - - SafetyType(String value) { - this.value = value; - } - - @JsonCreator - public static SafetyType fromValue(String value) { - // allow conversion from vector string - if (value != null && value.length() == 1) { - if ("x".equalsIgnoreCase(value)) { - return NOT_DEFINED; - } - for (SafetyType t : values()) { - if (t.value.startsWith(value.toUpperCase())) { - return t; - } - } - } - SafetyType constant = CONSTANTS.get(value); - if (constant == null) { - throw new IllegalArgumentException(value); - } else { - return constant; - } - } - - @Override - public String toString() { - return this.value; - } - - @JsonValue - public String value() { - return this.value; - } - } - - public enum AutomatableType { - - NO("NO"), YES("YES"), NOT_DEFINED("NOT_DEFINED"); - - private final static Map CONSTANTS = new HashMap<>(); - - static { - for (AutomatableType c : values()) { - CONSTANTS.put(c.value, c); - } - } - - private final String value; - - AutomatableType(String value) { - this.value = value; - } - - @JsonCreator - public static AutomatableType fromValue(String value) { - // allow conversion from vector string - if (value != null && value.length() == 1) { - if ("x".equalsIgnoreCase(value)) { - return NOT_DEFINED; - } - for (AutomatableType t : values()) { - if (t.value.startsWith(value.toUpperCase())) { - return t; - } - } - } - AutomatableType constant = CONSTANTS.get(value); - if (constant == null) { - throw new IllegalArgumentException(value); - } else { - return constant; - } - } - - @Override - public String toString() { - return this.value; - } - - @JsonValue - public String value() { - return this.value; - } - } - - public enum RecoveryType { - - AUTOMATIC("AUTOMATIC"), USER("USER"), IRRECOVERABLE("IRRECOVERABLE"), NOT_DEFINED("NOT_DEFINED"); - - private final static Map CONSTANTS = new HashMap<>(); - - static { - for (RecoveryType c : values()) { - CONSTANTS.put(c.value, c); - } - } - - private final String value; - - RecoveryType(String value) { - this.value = value; - } - - @JsonCreator - public static RecoveryType fromValue(String value) { - // allow conversion from vector string - if (value != null && value.length() == 1) { - if ("x".equalsIgnoreCase(value)) { - return NOT_DEFINED; - } - for (RecoveryType t : values()) { - if (t.value.startsWith(value.toUpperCase())) { - return t; - } - } - } - RecoveryType constant = CONSTANTS.get(value); - if (constant == null) { - throw new IllegalArgumentException(value); - } else { - return constant; - } - } - - @Override - public String toString() { - return this.value; - } - - @JsonValue - public String value() { - return this.value; - } - } - - public enum ValueDensityType { - - DIFFUSE("DIFFUSE"), CONCENTRATED("CONCENTRATED"), NOT_DEFINED("NOT_DEFINED"); - - private final static Map CONSTANTS = new HashMap<>(); - - static { - for (ValueDensityType c : values()) { - CONSTANTS.put(c.value, c); - } - } - - private final String value; - - ValueDensityType(String value) { - this.value = value; - } - - @JsonCreator - public static ValueDensityType fromValue(String value) { - // allow conversion from vector string - if (value != null && value.length() == 1) { - if ("x".equalsIgnoreCase(value)) { - return NOT_DEFINED; - } - for (ValueDensityType t : values()) { - if (t.value.startsWith(value.toUpperCase())) { - return t; - } - } - } - ValueDensityType constant = CONSTANTS.get(value); - if (constant == null) { - throw new IllegalArgumentException(value); - } else { - return constant; - } - } - - @Override - public String toString() { - return this.value; - } - - @JsonValue - public String value() { - return this.value; - } - } - - public enum VulnerabilityResponseEffortType { - - LOW("LOW"), MODERATE("MODERATE"), HIGH("HIGH"), NOT_DEFINED("NOT_DEFINED"); - - private final static Map CONSTANTS = new HashMap<>(); - - static { - for (VulnerabilityResponseEffortType c : values()) { - CONSTANTS.put(c.value, c); - } - } - - private final String value; - - VulnerabilityResponseEffortType(String value) { - this.value = value; - } - - @JsonCreator - public static VulnerabilityResponseEffortType fromValue(String value) { - // allow conversion from vector string - if (value != null && value.length() == 1) { - if ("x".equalsIgnoreCase(value)) { - return NOT_DEFINED; - } - for (VulnerabilityResponseEffortType t : values()) { - if (t.value.startsWith(value.toUpperCase())) { - return t; - } - } - } - VulnerabilityResponseEffortType constant = CONSTANTS.get(value); - if (constant == null) { - throw new IllegalArgumentException(value); - } else { - return constant; - } - } - - @Override - public String toString() { - return this.value; - } - - @JsonValue - public String value() { - return this.value; - } - } - - public enum ProviderUrgencyType { - - CLEAR("CLEAR"), GREEN("GREEN"), AMBER("AMBER"), RED("RED"), NOT_DEFINED("NOT_DEFINED"); - - private final static Map CONSTANTS = new HashMap<>(); - - static { - for (ProviderUrgencyType c : values()) { - CONSTANTS.put(c.value, c); - } - } - - private final String value; - - ProviderUrgencyType(String value) { - this.value = value; - } - - @JsonCreator - public static ProviderUrgencyType fromValue(String value) { - // allow conversion from vector string - if (value != null && value.length() == 1) { - if ("x".equalsIgnoreCase(value)) { - return NOT_DEFINED; - } - for (ProviderUrgencyType t : values()) { - if (t.value.startsWith(value.toUpperCase())) { - return t; - } - } - } - ProviderUrgencyType constant = CONSTANTS.get(value); - if (constant == null) { - throw new IllegalArgumentException(value); - } else { - return constant; - } - } - - @Override - public String toString() { - return this.value; - } - - @JsonValue - public String value() { - return this.value; - } - } - - public enum ModifiedPrivilegesRequiredType { - - HIGH("HIGH"), LOW("LOW"), NONE("NONE"), NOT_DEFINED("NOT_DEFINED"); - - private final static Map CONSTANTS = new HashMap<>(); - - static { - for (ModifiedPrivilegesRequiredType c : values()) { - CONSTANTS.put(c.value, c); - } - } - - private final String value; - - ModifiedPrivilegesRequiredType(String value) { - this.value = value; - } - - @JsonCreator - public static ModifiedPrivilegesRequiredType fromValue(String value) { - // allow conversion from vector string - if (value != null && value.length() == 1) { - if ("x".equalsIgnoreCase(value)) { - return NOT_DEFINED; - } - for (ModifiedPrivilegesRequiredType t : values()) { - if (t.value.startsWith(value.toUpperCase())) { - return t; - } - } - } - ModifiedPrivilegesRequiredType constant = CONSTANTS.get(value); - if (constant == null) { - throw new IllegalArgumentException(value); - } else { - return constant; - } - } - - @Override - public String toString() { - return this.value; - } - - @JsonValue - public String value() { - return this.value; - } - - } - - public enum ModifiedVulnCiaType { - - NONE("NONE"), LOW("LOW"), HIGH("HIGH"), NOT_DEFINED("NOT_DEFINED"); - - private final static Map CONSTANTS = new HashMap<>(); - - static { - for (ModifiedVulnCiaType c : values()) { - CONSTANTS.put(c.value, c); - } - } - - private final String value; - - ModifiedVulnCiaType(String value) { - this.value = value; - } - - @JsonCreator - public static ModifiedVulnCiaType fromValue(String value) { - // allow conversion from vector string - if (value != null && value.length() == 1) { - if ("x".equalsIgnoreCase(value)) { - return NOT_DEFINED; - } - for (ModifiedVulnCiaType t : values()) { - if (t.value.startsWith(value.toUpperCase())) { - return t; - } - } - } - ModifiedVulnCiaType constant = CONSTANTS.get(value); - if (constant == null) { - throw new IllegalArgumentException(value); - } else { - return constant; - } - } - - @Override - public String toString() { - return this.value; - } - - @JsonValue - public String value() { - return this.value; - } - - } - - public enum ModifiedUserInteractionType { - - NONE("NONE"), PASSIVE("PASSIVE"), ACTIVE("ACTIVE"), NOT_DEFINED("NOT_DEFINED"); - - private final static Map CONSTANTS = new HashMap<>(); - - static { - for (ModifiedUserInteractionType c : values()) { - CONSTANTS.put(c.value, c); - } - } - - private final String value; - - ModifiedUserInteractionType(String value) { - this.value = value; - } - - @JsonCreator - public static ModifiedUserInteractionType fromValue(String value) { - // allow conversion from vector string - if (value != null && value.length() == 1) { - if ("x".equalsIgnoreCase(value)) { - return NOT_DEFINED; - } - for (ModifiedUserInteractionType t : values()) { - if (t.value.startsWith(value.toUpperCase())) { - return t; - } - } - } - ModifiedUserInteractionType constant = CONSTANTS.get(value); - if (constant == null) { - throw new IllegalArgumentException(value); - } else { - return constant; - } - } - - @Override - public String toString() { - return this.value; - } - - @JsonValue - public String value() { - return this.value; - } - - } - - public enum PrivilegesRequiredType { - - HIGH("HIGH"), LOW("LOW"), NONE("NONE"); - - private final static Map CONSTANTS = new HashMap<>(); - - static { - for (PrivilegesRequiredType c : values()) { - CONSTANTS.put(c.value, c); - } - } - - private final String value; - - PrivilegesRequiredType(String value) { - this.value = value; - } - - @JsonCreator - public static PrivilegesRequiredType fromValue(String value) { - // allow conversion from vector string - if (value != null && value.length() == 1) { - for (PrivilegesRequiredType t : values()) { - if (t.value.startsWith(value.toUpperCase())) { - return t; - } - } - } - PrivilegesRequiredType constant = CONSTANTS.get(value); - if (constant == null) { - throw new IllegalArgumentException(value); - } else { - return constant; - } - } - - @Override - public String toString() { - return this.value; - } - - @JsonValue - public String value() { - return this.value; - } - - } - - public enum RemediationLevelType { - - OFFICIAL_FIX("OFFICIAL_FIX"), TEMPORARY_FIX("TEMPORARY_FIX"), WORKAROUND("WORKAROUND"), UNAVAILABLE( - "UNAVAILABLE"), NOT_DEFINED("NOT_DEFINED"); - - private final static Map CONSTANTS = new HashMap<>(); - - static { - for (RemediationLevelType c : values()) { - CONSTANTS.put(c.value, c); - } - } - - private final String value; - - RemediationLevelType(String value) { - this.value = value; - } - - @JsonCreator - public static RemediationLevelType fromValue(String value) { - // allow conversion from vector string - if (value != null && value.length() == 1) { - if ("x".equalsIgnoreCase(value)) { - return NOT_DEFINED; - } - for (RemediationLevelType t : values()) { - if (t.value.startsWith(value.toUpperCase())) { - return t; - } - } - } - RemediationLevelType constant = CONSTANTS.get(value); - if (constant == null) { - throw new IllegalArgumentException(value); - } else { - return constant; - } - } - - @Override - public String toString() { - return this.value; - } - - @JsonValue - public String value() { - return this.value; - } - - } - - public enum SeverityType { - - NONE("NONE"), LOW("LOW"), MEDIUM("MEDIUM"), HIGH("HIGH"), CRITICAL("CRITICAL"); - - private final static Map CONSTANTS = new HashMap<>(); - - static { - for (SeverityType c : values()) { - CONSTANTS.put(c.value, c); - } - } - - private final String value; - - SeverityType(String value) { - this.value = value; - } - - @JsonCreator - public static SeverityType fromValue(String value) { - // allow conversion from vector string - if (value != null && value.length() == 1) { - for (SeverityType t : values()) { - if (t.value.startsWith(value.toUpperCase())) { - return t; - } - } - } - SeverityType constant = CONSTANTS.get(value); - if (constant == null) { - throw new IllegalArgumentException(value); - } else { - return constant; - } - } - - @Override - public String toString() { - return this.value; - } - - @JsonValue - public String value() { - return this.value; - } - - } - - public enum UserInteractionType { - - NONE("NONE"), PASSIVE("PASSIVE"), ACTIVE("ACTIVE"); - - private final static Map CONSTANTS = new HashMap<>(); - - static { - for (UserInteractionType c : values()) { - CONSTANTS.put(c.value, c); - } - } - - private final String value; - - UserInteractionType(String value) { - this.value = value; - } - - @JsonCreator - public static UserInteractionType fromValue(String value) { - // allow conversion from vector string - if (value != null && value.length() == 1) { - for (UserInteractionType t : values()) { - if (t.value.startsWith(value.toUpperCase())) { - return t; - } - } - } - UserInteractionType constant = CONSTANTS.get(value); - if (constant == null) { - throw new IllegalArgumentException(value); - } else { - return constant; - } - } - - @Override - public String toString() { - return this.value; - } - - @JsonValue - public String value() { - return this.value; - } - - } - - /** - * CVSS Version - */ - public enum Version { - - _4_0("4.0"); - - private final static Map CONSTANTS = new HashMap<>(); - - static { - for (Version c : values()) { - CONSTANTS.put(c.value, c); - } - } - - private final String value; - - Version(String value) { - this.value = value; - } - - @JsonCreator - public static Version fromValue(String value) { - Version constant = CONSTANTS.get(value); - if (constant == null) { - throw new IllegalArgumentException(value); - } else { - return constant; - } - } - - @Override - public String toString() { - return this.value; - } - - @JsonValue - public String value() { - return this.value; - } - - } - -} diff --git a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/DefCveItem.java b/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/DefCveItem.java deleted file mode 100644 index e56f45da..00000000 --- a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/DefCveItem.java +++ /dev/null @@ -1,76 +0,0 @@ -/* - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * Copyright (c) 2023-2025 Jeremy Long. All Rights Reserved. - */ -package io.github.jeremylong.openvulnerability.client.nvd; - -import com.fasterxml.jackson.annotation.JsonInclude; -import com.fasterxml.jackson.annotation.JsonProperty; -import com.fasterxml.jackson.annotation.JsonPropertyOrder; - -import java.io.Serializable; -import java.util.Objects; - -@JsonInclude(JsonInclude.Include.NON_NULL) -@JsonPropertyOrder({"cve"}) -public class DefCveItem implements Serializable { - - /** - * Serialization version UID. - */ - private static final long serialVersionUID = 8372992609837009849L; - /** - * (Required) - */ - @JsonProperty("cve") - private CveItem cve; - - /** - * (Required) - * - * @return cve - */ - @JsonProperty("cve") - public CveItem getCve() { - return cve; - } - - @Override - public String toString() { - return "DefCveItem{" + "cve=" + cve + '}'; - } - - @Override - public boolean equals(Object o) { - if (this == o) - return true; - if (o == null || getClass() != o.getClass()) - return false; - DefCveItem that = (DefCveItem) o; - return Objects.equals(cve, that.cve); - } - - public DefCveItem(CveItem cve) { - this.cve = cve; - } - - public DefCveItem() { - } - - @Override - public int hashCode() { - return Objects.hash(cve); - } -} diff --git a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/LangString.java b/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/LangString.java deleted file mode 100644 index 41d32e45..00000000 --- a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/LangString.java +++ /dev/null @@ -1,92 +0,0 @@ -/* - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * Copyright (c) 2023-2025 Jeremy Long. All Rights Reserved. - */ -package io.github.jeremylong.openvulnerability.client.nvd; - -import com.fasterxml.jackson.annotation.JsonInclude; -import com.fasterxml.jackson.annotation.JsonProperty; -import com.fasterxml.jackson.annotation.JsonPropertyOrder; - -import java.io.Serializable; -import java.util.Objects; - -@JsonInclude(JsonInclude.Include.NON_NULL) -@JsonPropertyOrder({"lang", "value"}) -public class LangString implements Serializable { - - /** - * Serialization version UID. - */ - private static final long serialVersionUID = 691162195898166591L; - /** - * (Required) - */ - @JsonProperty("lang") - private String lang; - /** - * (Required) - */ - @JsonProperty("value") - private String value; - - /** - * (Required) - * - * @return lang - */ - @JsonProperty("lang") - public String getLang() { - return lang; - } - - /** - * (Required) - * - * @return value - */ - @JsonProperty("value") - public String getValue() { - return value; - } - - @Override - public String toString() { - return "LangString{" + "lang='" + lang + '\'' + ", value='" + value + '\'' + '}'; - } - - @Override - public boolean equals(Object o) { - if (this == o) - return true; - if (o == null || getClass() != o.getClass()) - return false; - LangString that = (LangString) o; - return Objects.equals(lang, that.lang) && Objects.equals(value, that.value); - } - - public LangString() { - } - - public LangString(String lang, String value) { - this.lang = lang; - this.value = value; - } - - @Override - public int hashCode() { - return Objects.hash(lang, value); - } -} diff --git a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/Metrics.java b/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/Metrics.java deleted file mode 100644 index 4ad14162..00000000 --- a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/Metrics.java +++ /dev/null @@ -1,151 +0,0 @@ -/* - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * Copyright (c) 2023-2025 Jeremy Long. All Rights Reserved. - */ -package io.github.jeremylong.openvulnerability.client.nvd; - -import com.fasterxml.jackson.annotation.JsonIgnoreProperties; -import com.fasterxml.jackson.annotation.JsonInclude; -import com.fasterxml.jackson.annotation.JsonProperty; -import com.fasterxml.jackson.annotation.JsonPropertyDescription; -import com.fasterxml.jackson.annotation.JsonPropertyOrder; -import edu.umd.cs.findbugs.annotations.SuppressFBWarnings; - -import java.io.Serializable; -import java.util.List; -import java.util.Objects; - -/** - * Metric scores for a vulnerability as found on NVD. - */ -@JsonInclude(JsonInclude.Include.NON_NULL) -@JsonIgnoreProperties(ignoreUnknown = true) -@JsonPropertyOrder({"cvssMetricV40", "cvssMetricV31", "cvssMetricV30", "cvssMetricV2"}) -public class Metrics implements Serializable { - - /** - * Serialization version UID. - */ - private static final long serialVersionUID = 3506888424662802743L; - /** - * CVSS V4.0 score. - */ - @JsonProperty("cvssMetricV40") - @JsonPropertyDescription("CVSS V4.0 score.") - private List cvssMetricV40; - /** - * CVSS V3.1 score. - */ - @JsonProperty("cvssMetricV31") - @JsonPropertyDescription("CVSS V3.1 score.") - private List cvssMetricV31; - /** - * CVSS V3.0 score. - */ - @JsonProperty("cvssMetricV30") - @JsonPropertyDescription("CVSS V3.0 score.") - private List cvssMetricV30; - /** - * CVSS V2.0 score. - */ - @JsonProperty("cvssMetricV2") - @JsonPropertyDescription("CVSS V2.0 score.") - private List cvssMetricV2; - - public Metrics() { - } - - @SuppressFBWarnings(value = {"EI_EXPOSE_REP", - "EI_EXPOSE_REP2"}, justification = "I prefer to suppress these FindBugs warnings") - public Metrics(List cvssMetricV40, List cvssMetricV31, List cvssMetricV30, - List cvssMetricV2) { - this.cvssMetricV40 = cvssMetricV40; - this.cvssMetricV31 = cvssMetricV31; - this.cvssMetricV30 = cvssMetricV30; - this.cvssMetricV2 = cvssMetricV2; - } - - /** - * CVSS V4.0 score. - * - * @return cvssMetricV40 - */ - @JsonProperty("cvssMetricV40") - @SuppressFBWarnings(value = {"EI_EXPOSE_REP", - "EI_EXPOSE_REP2"}, justification = "I prefer to suppress these FindBugs warnings") - public List getCvssMetricV40() { - return cvssMetricV40; - } - - /** - * CVSS V3.1 score. - * - * @return cvssMetricV31 - */ - @JsonProperty("cvssMetricV31") - @SuppressFBWarnings(value = {"EI_EXPOSE_REP", - "EI_EXPOSE_REP2"}, justification = "I prefer to suppress these FindBugs warnings") - public List getCvssMetricV31() { - return cvssMetricV31; - } - - /** - * CVSS V3.0 score. - * - * @return cvssMetricV30 - */ - @JsonProperty("cvssMetricV30") - @SuppressFBWarnings(value = {"EI_EXPOSE_REP", - "EI_EXPOSE_REP2"}, justification = "I prefer to suppress these FindBugs warnings") - public List getCvssMetricV30() { - return cvssMetricV30; - } - - /** - * CVSS V2.0 score. - * - * @return cvssMetricV2 - */ - @JsonProperty("cvssMetricV2") - @SuppressFBWarnings(value = {"EI_EXPOSE_REP", - "EI_EXPOSE_REP2"}, justification = "I prefer to suppress these FindBugs warnings") - public List getCvssMetricV2() { - return cvssMetricV2; - } - - @Override - public String toString() { - return "Metrics{" + "cvssMetricV40=" + cvssMetricV40 + "cvssMetricV31=" + cvssMetricV31 + ", cvssMetricV30=" - + cvssMetricV30 + ", cvssMetricV2=" + cvssMetricV2 + '}'; - } - - @Override - public boolean equals(Object o) { - if (this == o) - return true; - if (o == null || getClass() != o.getClass()) - return false; - Metrics metrics = (Metrics) o; - return Objects.equals(cvssMetricV40, metrics.cvssMetricV40) - && Objects.equals(cvssMetricV31, metrics.cvssMetricV31) - && Objects.equals(cvssMetricV30, metrics.cvssMetricV30) - && Objects.equals(cvssMetricV2, metrics.cvssMetricV2); - } - - @Override - public int hashCode() { - return Objects.hash(cvssMetricV40, cvssMetricV31, cvssMetricV30, cvssMetricV2); - } -} diff --git a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/Node.java b/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/Node.java deleted file mode 100644 index 1d0d79c2..00000000 --- a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/Node.java +++ /dev/null @@ -1,160 +0,0 @@ -/* - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * Copyright (c) 2023-2025 Jeremy Long. All Rights Reserved. - */ -package io.github.jeremylong.openvulnerability.client.nvd; - -import com.fasterxml.jackson.annotation.JsonCreator; -import com.fasterxml.jackson.annotation.JsonIgnoreProperties; -import com.fasterxml.jackson.annotation.JsonInclude; -import com.fasterxml.jackson.annotation.JsonProperty; -import com.fasterxml.jackson.annotation.JsonPropertyOrder; -import com.fasterxml.jackson.annotation.JsonValue; -import edu.umd.cs.findbugs.annotations.SuppressFBWarnings; - -import java.io.Serializable; -import java.util.HashMap; -import java.util.List; -import java.util.Map; -import java.util.Objects; - -/** - * Defines a configuration node in an NVD applicability statement. - */ -@JsonInclude(JsonInclude.Include.NON_NULL) -@JsonIgnoreProperties(ignoreUnknown = true) -@JsonPropertyOrder({"operator", "negate", "cpeMatch"}) -public class Node implements Serializable { - - /** - * Serialization version UID. - */ - private static final long serialVersionUID = 3573822908057141798L; - /** - * (Required) - */ - @JsonProperty("operator") - private Operator operator; - @JsonProperty("negate") - private Boolean negate; - /** - * (Required) - */ - @JsonProperty("cpeMatch") - private List cpeMatch; - - public Node() { - } - - @SuppressFBWarnings(value = {"EI_EXPOSE_REP", - "EI_EXPOSE_REP2"}, justification = "I prefer to suppress these FindBugs warnings") - public Node(Operator operator, Boolean negate, List cpeMatch) { - this.operator = operator; - this.negate = negate; - this.cpeMatch = cpeMatch; - } - - /** - * (Required) - * - * @return operator - */ - @JsonProperty("operator") - public Operator getOperator() { - return operator; - } - - /** - * @return negate - */ - @JsonProperty("negate") - public Boolean getNegate() { - return negate; - } - - /** - * (Required) - * - * @return cpeMatch - */ - @JsonProperty("cpeMatch") - @SuppressFBWarnings(value = {"EI_EXPOSE_REP", - "EI_EXPOSE_REP2"}, justification = "I prefer to suppress these FindBugs warnings") - public List getCpeMatch() { - return cpeMatch; - } - - @Override - public String toString() { - return "Node{" + "operator=" + operator + ", negate=" + negate + ", cpeMatch=" + cpeMatch + '}'; - } - - @Override - public boolean equals(Object o) { - if (this == o) - return true; - if (o == null || getClass() != o.getClass()) - return false; - Node node = (Node) o; - return operator == node.operator && Objects.equals(negate, node.negate) - && Objects.equals(cpeMatch, node.cpeMatch); - } - - @Override - public int hashCode() { - return Objects.hash(operator, negate, cpeMatch); - } - - public enum Operator { - - AND("AND"), OR("OR"); - - private final static Map CONSTANTS = new HashMap<>(); - - static { - for (Operator c : values()) { - CONSTANTS.put(c.value, c); - } - } - - private final String value; - - Operator(String value) { - this.value = value; - } - - @JsonCreator - public static Operator fromValue(String value) { - Operator constant = CONSTANTS.get(value); - if (constant == null) { - throw new IllegalArgumentException(value); - } else { - return constant; - } - } - - @Override - public String toString() { - return this.value; - } - - @JsonValue - public String value() { - return this.value; - } - - } - -} diff --git a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/NvdApiException.java b/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/NvdApiException.java deleted file mode 100644 index dbc84736..00000000 --- a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/NvdApiException.java +++ /dev/null @@ -1,58 +0,0 @@ -/* - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * Copyright (c) 2022-2025 Jeremy Long. All Rights Reserved. - */ -package io.github.jeremylong.openvulnerability.client.nvd; - -/** - * Exception thrown if there is a problem calling the NVD APIs. - * - * @author Jeremy Long - */ -public class NvdApiException extends RuntimeException { - - /** - * Serialization version UID. - */ - private static final long serialVersionUID = -6730557637335641024L; - - /** - * Generate a new exception. - * - * @param message the message - */ - public NvdApiException(String message) { - super(message); - } - - /** - * Generate a new exception. - * - * @param message the message - * @param cause the cause - */ - public NvdApiException(String message, Throwable cause) { - super(message, cause); - } - - /** - * Generate a new exception. - * - * @param cause the cause - */ - public NvdApiException(Throwable cause) { - super(cause); - } -} diff --git a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/NvdApiRetryExceededException.java b/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/NvdApiRetryExceededException.java deleted file mode 100644 index 70ce07ec..00000000 --- a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/NvdApiRetryExceededException.java +++ /dev/null @@ -1,58 +0,0 @@ -/* - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * Copyright (c) 2022-2025 Jeremy Long. All Rights Reserved. - */ -package io.github.jeremylong.openvulnerability.client.nvd; - -/** - * Exception thrown if there is a problem calling the NVD APIs too many times for a single set of data. - * - * @author Jeremy Long - */ -public class NvdApiRetryExceededException extends RuntimeException { - - /** - * Serialization version UID. - */ - private static final long serialVersionUID = -8352647741306381271L; - - /** - * Generate a new exception. - * - * @param message the message - */ - public NvdApiRetryExceededException(String message) { - super(message); - } - - /** - * Generate a new exception. - * - * @param message the message - * @param cause the cause - */ - public NvdApiRetryExceededException(String message, Throwable cause) { - super(message, cause); - } - - /** - * Generate a new exception. - * - * @param cause the cause - */ - public NvdApiRetryExceededException(Throwable cause) { - super(cause); - } -} diff --git a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/NvdApiRetryStrategy.java b/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/NvdApiRetryStrategy.java deleted file mode 100644 index 27b1eda9..00000000 --- a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/NvdApiRetryStrategy.java +++ /dev/null @@ -1,148 +0,0 @@ -/* - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * Copyright (c) 2023-2025 Jeremy Long. All Rights Reserved. - */ -package io.github.jeremylong.openvulnerability.client.nvd; - -import org.apache.hc.client5.http.impl.DefaultHttpRequestRetryStrategy; -import org.apache.hc.client5.http.utils.DateUtils; -import org.apache.hc.core5.http.Header; -import org.apache.hc.core5.http.HttpHeaders; -import org.apache.hc.core5.http.HttpRequest; -import org.apache.hc.core5.http.HttpResponse; -import org.apache.hc.core5.http.protocol.HttpContext; -import org.apache.hc.core5.util.TimeValue; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import javax.annotation.Nonnull; -import java.io.IOException; -import java.time.Instant; -import java.util.ArrayList; -import java.util.Arrays; -import java.util.concurrent.TimeUnit; - -/** - * Implements a back-off delay retry strategy that honors the retry-after header. - */ -public class NvdApiRetryStrategy extends DefaultHttpRequestRetryStrategy { - - /** - * Reference to the logger. - */ - private static final Logger LOG = LoggerFactory.getLogger(NvdApiRetryStrategy.class); - - /** - * Maximum number of allowed retries. - */ - private final int maxRetries; - - /** - * Retry interval between subsequent retries in milliseconds. - */ - private final long delay; - - private static final String RETRY_MESSAGE_TEMPLATE = "NVD API request failures are occurring; retrying request for the {} time"; - - public NvdApiRetryStrategy(int maxRetries, long delay) { - super(maxRetries, TimeValue.of(delay, TimeUnit.MILLISECONDS), new ArrayList<>(), - Arrays.asList(429, 502, 503, 504)); - this.maxRetries = maxRetries; - this.delay = delay; - } - - @Override - public boolean retryRequest(@Nonnull HttpRequest request, @Nonnull IOException exception, int execCount, - HttpContext context) { - logRetryState(request, exception, execCount); - return super.retryRequest(request, exception, execCount, context); - } - - @Override - public boolean retryRequest(HttpResponse response, int execCount, HttpContext context) { - if (execCount >= (maxRetries / 2)) { - LOG.warn(RETRY_MESSAGE_TEMPLATE, toOrdinal(execCount)); - } else if (execCount > 1) { - LOG.debug("Retrying request {} time", toOrdinal(execCount)); - } - return super.retryRequest(response, execCount, context); - } - - private void logRetryState(@Nonnull HttpRequest request, @Nonnull IOException exception, int execCount) { - if (execCount >= (maxRetries / 2)) { - LOG.warn(RETRY_MESSAGE_TEMPLATE, toOrdinal(execCount)); - if (LOG.isDebugEnabled()) { - LOG.debug("NVD API request failures with exception : {}. Message: {}", exception.getClass().getName(), - exception.getMessage()); - } - } else if (execCount > 1) { - LOG.warn("Retrying request {} : {} time", request.getRequestUri(), toOrdinal(execCount)); - if (LOG.isDebugEnabled()) { - LOG.debug("Retrying request with exception {}. Message: {}", exception.getClass().getName(), - exception.getMessage()); - } - } - } - - @Override - public TimeValue getRetryInterval(final HttpResponse response, final int execCount, final HttpContext context) { - TimeValue value; - if (execCount < maxRetries / 2) { - value = TimeValue.of(delay * execCount, TimeUnit.MILLISECONDS); - } else { - value = TimeValue.of(delay * execCount / 2, TimeUnit.MILLISECONDS); - } - LOG.debug("Calculated retry interval in {} ms with execCount of {}", value.toMilliseconds(), execCount); - // check retry after header - final Header header = response.getFirstHeader(HttpHeaders.RETRY_AFTER); - if (header != null) { - TimeValue retryAfter = null; - final String headerValue = header.getValue(); - try { - retryAfter = TimeValue.ofSeconds(Long.parseLong(headerValue)); - LOG.debug("Retry-After header value: {} ms", retryAfter.toMilliseconds()); - } catch (final NumberFormatException ignore) { - final Instant retryAfterDate = DateUtils.parseStandardDate(headerValue); - if (retryAfterDate != null) { - retryAfter = TimeValue.ofMilliseconds(retryAfterDate.toEpochMilli() - System.currentTimeMillis()); - LOG.debug("Failed to parse value; Retry-After header value: {} ms", retryAfter.toMilliseconds()); - } - } - if (TimeValue.isPositive(retryAfter) && retryAfter.compareTo(value) < 0) { - LOG.debug("Using Retry-After header value: {} ms", retryAfter.toMilliseconds()); - return retryAfter; - } - } - LOG.debug("Using calculated retry interval: {} ms", value.toMilliseconds()); - return value; - } - - /** - * Converts a number to an ordinal string. - * @param number the number to convert - * @return the ordinal string - */ - public static String toOrdinal(int number) { - String[] suffixes = new String[]{"th", "st", "nd", "rd", "th", "th", "th", "th", "th", "th"}; - switch (number % 100) { - case 11: - case 12: - case 13: - return number + "th"; - default: - return number + suffixes[number % 10]; - } - } -} diff --git a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/NvdCveClient.java b/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/NvdCveClient.java deleted file mode 100644 index d9912514..00000000 --- a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/NvdCveClient.java +++ /dev/null @@ -1,548 +0,0 @@ -/* - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * Copyright (c) 2022-2025 Jeremy Long. All Rights Reserved. - */ -package io.github.jeremylong.openvulnerability.client.nvd; - -import com.fasterxml.jackson.core.JsonProcessingException; -import com.fasterxml.jackson.databind.JsonMappingException; -import com.fasterxml.jackson.databind.ObjectMapper; -import com.fasterxml.jackson.datatype.jsr310.JavaTimeModule; -import io.github.jeremylong.openvulnerability.client.HttpAsyncClientSupplier; -import io.github.jeremylong.openvulnerability.client.PagedDataSource; -import org.apache.hc.client5.http.async.methods.SimpleHttpRequest; -import org.apache.hc.client5.http.async.methods.SimpleHttpResponse; -import org.apache.hc.client5.http.async.methods.SimpleRequestBuilder; -import org.apache.hc.core5.http.Header; -import org.apache.hc.core5.http.NameValuePair; -import org.apache.hc.core5.net.URIBuilder; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import java.io.IOException; -import java.net.URI; -import java.net.URISyntaxException; -import java.nio.charset.StandardCharsets; -import java.time.ZonedDateTime; -import java.util.ArrayList; -import java.util.Collection; -import java.util.HashMap; -import java.util.List; -import java.util.Map; -import java.util.Properties; -import java.util.concurrent.ExecutionException; -import java.util.concurrent.Future; - -/** - * A simple client for the NVD CVE API. Use the NvdCveClientBuilder with the desired filters to build the client and - * then iterate over the results: - * - * 

- * try (NvdCveClient api = NvdCveClientBuilder.aNvdCveApi().build()) {
- *     while (api.hasNext()) {
- *         Collection<DefCveItem> items = api.next();
- *     }
- * }
- *
- * - * @author Jeremy Long - * @see NVD CVE API - */ -public class NvdCveClient implements PagedDataSource { - - /** - * Reference to the logger. - */ - private static final Logger LOG = LoggerFactory.getLogger(NvdCveClient.class); - /** - * The default endpoint for the NVD CVE API. - */ - private final static String DEFAULT_ENDPOINT = "https://services.nvd.nist.gov/rest/json/cves/2.0"; - /** - * The header name for the NVD API Key. - */ - private static final String API_KEY_NAME = "apiKey"; - /** - * The NVD API key; can be null if a key is not used. - */ - private final String apiKey; - /** - * The NVD API endpoint used to call the NVD CVE API. - */ - private final String endpoint; - /** - * Jackson object mapper. - */ - private final ObjectMapper objectMapper; - /** - * The user agent to append to the default open-vulnerability-client's user-agent string - */ - private final String userAgent; - /** - * The rate limited HTTP client for calling the NVD APIs. - */ - private List clients; - /** - * The list of future responses. - */ - private final List> futures = new ArrayList<>(); - /** - * The map of indexes to retrieve from the NVD and their retry count. This is used to retry when failures have - * occurred on a single index. - */ - private final Map indexesToRetrieve = new HashMap<>(); - /** - * Flag indicating if the first call has been made. - */ - private boolean firstCall = true; - /** - * The number of results per page. - */ - private int resultsPerPage = 2000; - /** - * The total results from the NVD CVE API call. - */ - private int totalAvailable = -1; - /** - * The maximum number of pages to retrieve from the NVD API. - */ - private final int maxPageCount; - /** - * A list of filters to apply to the request. - */ - private List filters; - /** - * The last HTTP Status Code returned by the API. - */ - private int lastStatusCode = 200; - /** - * The last lastModified timestamp from the NVD data processed. - */ - private ZonedDateTime lastUpdated = null; - /** - * The version of the client. - */ - private String version = "unknown"; - - /** - * Constructs a new NVD CVE API client. - * - * @param apiKey the api key; can be null - * @param endpoint the endpoint for the NVD CVE API; if null the default endpoint is used - * @param threadCount the number of threads to use when calling the NVD API. - * @param maxPageCount the maximum number of pages to retrieve from the NVD API. - */ - NvdCveClient(String apiKey, String endpoint, int threadCount, int maxPageCount) { - this(apiKey, endpoint, 0, threadCount, maxPageCount, 10, null); - } - - /** - * Constructs a new NVD CVE API client. - * - * @param apiKey the api key; can be null - * @param endpoint the endpoint for the NVD CVE API; if null the default endpoint is used - * @param threadCount the number of threads to use when calling the NVD API. - * @param maxPageCount the maximum number of pages to retrieve from the NVD API. - * @param maxRetryCount the maximum number of retries for 503 and 429 status code responses. - */ - NvdCveClient(String apiKey, String endpoint, int threadCount, int maxPageCount, int maxRetryCount) { - this(apiKey, endpoint, 0, threadCount, maxPageCount, maxRetryCount, null); - } - - /** - * Constructs a new NVD CVE API client. - * - * @param apiKey the api key; can be null - * @param endpoint the endpoint for the NVD CVE API; if null the default endpoint is used - * @param delay the delay in milliseconds between API calls on a single thread. - * @param threadCount the number of threads to use when calling the NVD API. - * @param maxPageCount the maximum number of pages to retrieve from the NVD API. - * @param maxRetryCount the maximum number of retries for 503 and 429 status code responses. - * @param httpClientSupplier supplier for custom HTTP clients; if {@code null} a default client will be used - */ - NvdCveClient(String apiKey, String endpoint, long delay, int threadCount, int maxPageCount, int maxRetryCount, - HttpAsyncClientSupplier httpClientSupplier) { - this(apiKey, endpoint, delay, threadCount, maxPageCount, maxRetryCount, httpClientSupplier, null); - } - - /** - * Constructs a new NVD CVE API client. - * - * @param apiKey the api key; can be null - * @param endpoint the endpoint for the NVD CVE API; if null the default endpoint is used - * @param delay the delay in milliseconds between API calls on a single thread. - * @param threadCount the number of threads to use when calling the NVD API. - * @param maxPageCount the maximum number of pages to retrieve from the NVD API. - * @param maxRetryCount the maximum number of retries for 503 and 429 status code responses. - * @param httpClientSupplier supplier for custom HTTP clients; if {@code null} a default client will be used - * @param userAgent the user agent to append to the default open-vulnerability-client's user-agent string - */ - NvdCveClient(String apiKey, String endpoint, long delay, int threadCount, int maxPageCount, int maxRetryCount, - HttpAsyncClientSupplier httpClientSupplier, String userAgent) { - - this.apiKey = apiKey; - this.userAgent = userAgent; - if (endpoint == null) { - this.endpoint = DEFAULT_ENDPOINT; - } else { - this.endpoint = endpoint; - } - if (threadCount <= 0) { - threadCount = 1; - } - this.maxPageCount = maxPageCount; - // configure the rate limit slightly higher than the published limits: - // https://nvd.nist.gov/developers/start-here (see Rate Limits) - - RateMeter meter; - if (apiKey == null) { - if (threadCount > 1) { - LOG.warn( - "No api key provided; as such the thread count has been reset to 1 instead of the requested {}", - threadCount); - threadCount = 1; - } - meter = new RateMeter(5, 32500); - } else { - meter = new RateMeter(50, 32500); - } - clients = new ArrayList<>(threadCount); - if (delay == 0) { - delay = apiKey == null ? 6500 : 600; - } - for (int i = 0; i < threadCount; i++) { - clients.add(new RateLimitedClient(maxRetryCount, delay, meter, httpClientSupplier)); - } - objectMapper = new ObjectMapper(); - objectMapper.registerModule(new JavaTimeModule()); - - try { - Properties props = new Properties(); - props.load(getClass().getClassLoader().getResourceAsStream("version.properties")); - version = props.getProperty("version"); - } catch (IOException e) { - LOG.debug("Error loading version.properties", e); - } - } - - /** - * Set the filter parameters for the NVD CVE API calls. - * - * @param filters the list of parameters used to filter the results in the API call - */ - void setFilters(List filters) { - this.filters = filters; - } - - /** - * The number of results per page; the default is 2000. - * - * @param resultsPerPage the number of results per page - */ - void setResultsPerPage(int resultsPerPage) { - this.resultsPerPage = resultsPerPage; - } - - /** - * Returns the last HTTP Status Code. - * - * @return the last HTTP Status Code - */ - public int getLastStatusCode() { - return lastStatusCode; - } - - /** - * Only available after the first call to `next()`; returns the total number of records that will be returned. - * - * @return the total number of records that will be returned - */ - @Override - public int getTotalAvailable() { - return totalAvailable; - } - - /** - * Asynchronously calls the NVD CVE API. - * - * @param startIndex the start index to request - * @return the future - * @throws NvdApiException thrown if there is a problem calling the API - */ - private Future callApi(int clientIndex, int startIndex) throws NvdApiException { - try { - URIBuilder uriBuilder = new URIBuilder(endpoint); - if (filters != null) { - uriBuilder.addParameters(filters); - } - uriBuilder.addParameter("resultsPerPage", Integer.toString(resultsPerPage)); - uriBuilder.addParameter("startIndex", Integer.toString(startIndex)); - final SimpleRequestBuilder builder = SimpleRequestBuilder.get(); - if (apiKey != null) { - builder.addHeader(API_KEY_NAME, apiKey); - } - String ua = "open-vulnerability-client/" + version; - if (userAgent != null) { - ua += "; " + userAgent; - } - builder.addHeader("User-Agent", ua); - URI uri = uriBuilder.build(); - LOG.debug("requesting URI: {}", uri.toString()); - final SimpleHttpRequest request = builder.setUri(uri).build(); - return clients.get(clientIndex).execute(request, clientIndex, startIndex); - } catch (URISyntaxException e) { - throw new NvdApiException(e); - } - } - - @Override - public void close() { - indexesToRetrieve.clear(); - if (futures.size() > 0) { - for (Future future : futures) { - if (!future.isDone()) { - future.cancel(true); - } - } - futures.clear(); - } - if (clients != null) { - for (RateLimitedClient client : clients) { - try { - client.close(); - } catch (Exception ex) { - LOG.debug("Error closing client during `close`", ex); - } - } - clients = null; - } - } - - @Override - public boolean hasNext() { - if (lastStatusCode != 200) { - return false; - } - if (firstCall) { - return true; - } - if (futures.isEmpty() && !indexesToRetrieve.isEmpty()) { - queueUnsuccessful(); - } - return !futures.isEmpty(); - } - - /** - *

- * Retrieves the next entry. Note that even if `hasNext()` returns true it is possible that `next()` will return - * null. This will generally only occur on the very first call. - *

- * - * @return the next collection of CVE entries - */ - @Override - public Collection next() { - return _next(0); - } - - private Collection _next(int retryCount) { - if (retryCount > 5) { - throw new NvdApiRetryExceededException( - "NVD Update Failed: attempted to retrieve data from the NVD unsuccessfully five times."); - } - if (firstCall) { - futures.add(callApi(0, 0)); - } - String json; - RateLimitedCall call; - try { - call = getCompletedFuture(); - if (call == null) { - if (hasNext()) { - return _next(retryCount + 1); - } - } else { - SimpleHttpResponse response = call.getResponse(); - if (response.getCode() == 200) { - LOG.debug("Content-Type Received: {}", response.getContentType()); - json = new String(response.getBodyBytes(), StandardCharsets.UTF_8); - - CveApiJson20 current; - try { - current = objectMapper.readValue(json, CveApiJson20.class); - this.indexesToRetrieve.remove(call.getStartIndex()); - } catch (JsonMappingException e) { - LOG.debug("Error parsing NVD data", e); - // Fail fast on JSON parsing errors - throw new NvdApiException("Failed to parse NVD data", e); - } catch (JsonProcessingException e) { - LOG.debug("Error processing NVD data", e); - // Re-try on what might be temporarily streaming errors - return _next(retryCount + 1); - } - this.totalAvailable = current.getTotalResults(); - lastUpdated = findLastUpdated(lastUpdated, current.getVulnerabilities()); - if (firstCall) { - firstCall = false; - queueCalls(); - } - if (futures.isEmpty() && !indexesToRetrieve.isEmpty()) { - queueUnsuccessful(); - } - return current.getVulnerabilities(); - } else { - lastStatusCode = response.getCode(); - LOG.debug("Status Code: {}", lastStatusCode); - LOG.debug("Reason: {}", response.getReasonPhrase()); - LOG.debug("Response Headers:"); - Header[] headers = response.getHeaders(); - String msg = null; - for (Header header : headers) { - LOG.debug("Key : " + header.getName() + " ,Value : " + header.getValue()); - if ("message".equals(header.getName())) { - msg = header.getValue(); - } - } - LOG.debug("Response: {}", new String(response.getBodyBytes(), StandardCharsets.UTF_8)); - if (msg != null) { - msg = msg.trim(); - if (msg.contains("Invalid apiKey")) { - if (this.apiKey.length() > 30) { - String masked = String.format("Invalid API Key: %s-*****-%s", - this.apiKey.substring(0, 5), - this.apiKey.substring(this.apiKey.length() - 5, this.apiKey.length())); - throw new NvdApiException(masked); - } - String masked = String.format("Invalid API Key: %s-*****", this.apiKey.substring(0, 5)); - throw new NvdApiException(masked); - } else if (msg.startsWith("resultsPerPage parameter cannot exceed")) { - this.resultsPerPage = parseResultsPerPage(msg); - LOG.warn(msg); - LOG.warn("NVD requested a lower resultsPerPage; settings to {}", this.resultsPerPage); - return _next(retryCount + 1); - } - throw new NvdApiException("NVD Returned Status Code: " + lastStatusCode + " - " + msg); - } - throw new NvdApiException("NVD Returned Status Code: " + lastStatusCode); - } - } - } catch (InterruptedException e) { - Thread.currentThread().interrupt(); - close(); - throw new NvdApiException(e); - } catch (ExecutionException e) { - // in rare cases we get an error from the NVD - log the error and only fail if we retry too many times - LOG.debug("Error retrieving the NVD data", e); - if (hasNext()) { - return _next(retryCount + 1); - } - close(); - } - return null; - } - - /** - * Attempts to parse the resultsPerPage error message to determine the maximum number of results per page. - * @param msg the error message from the NVD - * @return the parsed results per page if succesful; otherwise the previously confiuged results per page - */ - protected int parseResultsPerPage(String msg) { - String value = msg; - if (value.endsWith(".")) { - value = value.substring(0, value.length() - 1); - } - value = value.substring(msg.lastIndexOf(" ") + 1); - try { - return Integer.parseInt(value); - } catch (NumberFormatException e) { - LOG.debug("Error parsing " + msg, e); - } - return resultsPerPage; - } - - /** - * Retrieve the latest last updated date from the list of vulnerabilities. - * - * @param lastUpdated the last updated date. - * @param list the list of vulnerabilities. - * @return the latest last modified date. - */ - private ZonedDateTime findLastUpdated(ZonedDateTime lastUpdated, List list) { - ZonedDateTime current = lastUpdated; - for (DefCveItem item : list) { - if (current == null || current.compareTo(item.getCve().getLastModified()) < 0) { - current = item.getCve().getLastModified(); - } - } - return current; - } - - @Override - public ZonedDateTime getLastUpdated() { - return lastUpdated; - } - - private RateLimitedCall getCompletedFuture() throws InterruptedException, ExecutionException { - Future result = null; - while (result == null && !futures.isEmpty()) { - for (Future future : futures) { - if (future.isDone()) { - result = future; - break; - } - } - if (result == null) { - Thread.sleep(500); - } - } - if (result != null) { - futures.remove(result); - return result.get(); - } - return null; - } - - private void queueUnsuccessful() { - int clientIndex = 0; - for (Map.Entry i : indexesToRetrieve.entrySet()) { - if (i.getValue() > 5) { - throw new NvdApiRetryExceededException("NVD Update Failed: attempted to retrieve starting index " - + i.getKey() + " from the NVD unsuccessfully five times."); - } - i.setValue(i.getValue() + 1); - futures.add(callApi(clientIndex, i.getKey())); - clientIndex += 1; - if (clientIndex >= clients.size()) { - clientIndex = 0; - } - } - } - - private void queueCalls() { - int clientIndex = 0; - int pageCount = 1; - // start at results per page - as 0 was already requested - for (int i = resultsPerPage; (maxPageCount <= 0 || pageCount < maxPageCount) - && i < totalAvailable; i += resultsPerPage) { - indexesToRetrieve.put(i, 0); - futures.add(callApi(clientIndex, i)); - pageCount += 1; - clientIndex += 1; - if (clientIndex >= clients.size()) { - clientIndex = 0; - } - } - } -} diff --git a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/NvdCveClientBuilder.java b/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/NvdCveClientBuilder.java deleted file mode 100644 index 51b98e77..00000000 --- a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/NvdCveClientBuilder.java +++ /dev/null @@ -1,589 +0,0 @@ -/* - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * Copyright (c) 2022-2025 Jeremy Long. All Rights Reserved. - */ -package io.github.jeremylong.openvulnerability.client.nvd; - -import io.github.jeremylong.openvulnerability.client.HttpAsyncClientSupplier; -import org.apache.hc.core5.http.NameValuePair; -import org.apache.hc.core5.http.message.BasicNameValuePair; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import java.time.ZonedDateTime; -import java.time.format.DateTimeFormatter; -import java.util.ArrayList; -import java.util.List; - -/** - * Used to build an NVD CVE API client. As the NvdCveClient client is autocloseable the builder should be used in a try - * with resources: - * - * 
- * try (NvdCveClient api = NvdCveClientBuilder.aNvdCveApi().build()) {
- *     while (api.hasNext()) {
- *         Collection<DefCveItem> items = api.next();
- *     }
- * }
- *
- */ -public final class NvdCveClientBuilder { - - /** - * Reference to the logger. - */ - private static final Logger LOG = LoggerFactory.getLogger(NvdCveClientBuilder.class); - /** - * A list of filters to apply to the request. - */ - private final List filters = new ArrayList<>(); - /** - * The NVD CVE API key. - */ - private String apiKey; - /** - * The endpoint for the NVD CVE API. - */ - private String endpoint; - /** - * The number of results per page. - */ - private int resultsPerPage; - /** - * The minimum delay between API calls in milliseconds. - */ - private long delay; - /** - * The maximum number of retries for 503 and 429 responses from the NVD. - */ - private int maxRetryCount = 10; - /** - * The number of threads to use when calling the NVD API. - */ - private int threadCount = 1; - /** - * The maximum number of pages to retrieve from the NVD API. - */ - private int maxPageCount = 0; - private HttpAsyncClientSupplier httpClientSupplier; - /** - * The user agent to append to the default open-vulnerability-client's user-agent string - */ - private String userAgent; - - /** - * Private constructor for a builder. - */ - private NvdCveClientBuilder() { - } - - /** - * Begin building the NVD CVE API Object. - * - * @return the builder - */ - public static NvdCveClientBuilder aNvdCveApi() { - return new NvdCveClientBuilder(); - } - - /** - * Use an NVD CVE API key. - * - * @param apiKey the NVD CVE API key. - * @return the builder - * @see NVD CVE API Request an API Key - */ - public NvdCveClientBuilder withApiKey(String apiKey) { - this.apiKey = apiKey; - return this; - } - - /** - * Use an alternative endpoint for the NVD CVE API. - * - * @param endpoint the endpoint for the NVD CVE API - * @return the builder - */ - public NvdCveClientBuilder withEndpoint(String endpoint) { - this.endpoint = endpoint; - return this; - } - - /** - * Use a minimum delay in milliseconds between API calls; useful if you run into issues with rate limiting. - * - * @param milliseconds the minimum number of milliseconds between API calls to the NVD CVE API - * @return the builder - */ - public NvdCveClientBuilder withDelay(long milliseconds) { - this.delay = milliseconds; - return this; - } - - /** - * Set the maximum number of retries for 503 and 429 responses from the NVD; default is 10. - * - * @param maxRetryCount the maximum number of retries for 503 and 429 responses from the NVD. - * @return the builder - */ - public NvdCveClientBuilder withMaxRetryCount(int maxRetryCount) { - this.maxRetryCount = maxRetryCount; - return this; - } - - /** - * Set the number of threads to use when calling the NVD API. - * - * @param count the number of threads to use when calling the NVD API - * @return the builder - */ - public NvdCveClientBuilder withThreadCount(int count) { - this.threadCount = count; - return this; - } - - /** - * Set the maximum number of pages to retrieve from the NVD API. - * - * @param count the maximum number of pages to retrieve from the NVD API - * @return the builder - */ - public NvdCveClientBuilder withMaxPageCount(int count) { - this.maxPageCount = count; - return this; - } - - /** - * Use a specific number of results per page. Value must be between 1 and 2000. The default value is 2000. - * - * @param resultsPerPage the number of results per page - * @return the builder - */ - public NvdCveClientBuilder withResultsPerPage(int resultsPerPage) { - if (resultsPerPage > 0 && resultsPerPage <= 2000) { - this.resultsPerPage = resultsPerPage; - } else { - LOG.warn("Invalid results per page - must be between 1 and 2000: {}", resultsPerPage); - } - return this; - } - - /** - * Add a querystring parameter to filter the call to the NVD CVE API. - * - * @param filter the querystring parameter - * @param value the querystring parameter value - * @return the builder - */ - public NvdCveClientBuilder withFilter(String filter, String value) { - filters.add(new BasicNameValuePair(filter, value)); - return this; - } - - /** - * Add a querystring parameter to filter the call to the NVD CVE API. - * - * @param filter the querystring parameter - * @param value the querystring parameter value - * @return the builder - */ - public NvdCveClientBuilder withFilter(Filter filter, String value) { - filters.add(new BasicNameValuePair(filter.toParameterName(), value)); - return this; - } - - /** - * Add a querystring parameter to filter the call to the NVD CVE API. - * - * @param filter the querystring parameter - * @return the builder - */ - public NvdCveClientBuilder withFilter(BooleanFilter filter) { - filters.add(new BasicNameValuePair(filter.toParameterName(), null)); - return this; - } - - /** - * Use a range of no more than 120 days on the last modified dates to filter the results. The ZonedDateTime objects - * must be set to UTC. - * - * @param utcStartDate the UTC date time for the range start - * @param utcEndDate the UTC date time for the range end - * @return the builder - */ - public NvdCveClientBuilder withLastModifiedFilter(ZonedDateTime utcStartDate, ZonedDateTime utcEndDate) { - DateTimeFormatter dtf = DateTimeFormatter.ofPattern("uuuu-MM-dd'T'HH:mm:ssX"); - filters.add(new BasicNameValuePair("lastModStartDate", utcStartDate.format(dtf))); - filters.add(new BasicNameValuePair("lastModEndDate", utcEndDate.format(dtf))); - return this; - } - - /** - * Use an additional identifier as part of the User-Agent when making requests. - * - * @param userAgent the user agent string to append - * @return the builder - */ - public NvdCveClientBuilder withAdditionalUserAgent(String userAgent) { - this.userAgent = userAgent; - return this; - } - - /** - * Filter the results with a range of published date times. The ZonedDateTime objects must be set to UTC. - * - * @param utcStartDate the UTC date time for the range start - * @param utcEndDate the UTC date time for the range end - * @return the builder - */ - public NvdCveClientBuilder withPublishedDateFilter(ZonedDateTime utcStartDate, ZonedDateTime utcEndDate) { - DateTimeFormatter dtf = DateTimeFormatter.ofPattern("uuuu-MM-dd'T'HH:mm:ssX"); - filters.add(new BasicNameValuePair("pubStartDate", utcStartDate.format(dtf))); - filters.add(new BasicNameValuePair("pubEndDate", utcEndDate.format(dtf))); - return this; - } - - /** - * Filter the results for a specific CVSS V2 Severity. - * - * @param severity the severity - * @return the builder - */ - public NvdCveClientBuilder withCvssV2SeverityFilter(CvssV2Severity severity) { - withFilter("cvssV2Severity", severity.toString()); - return this; - } - - /** - * Filter the results for a specific CVSS V3 Severity. - * - * @param severity the severity - * @return the builder - */ - public NvdCveClientBuilder withCvssV3SeverityFilter(CvssV3Severity severity) { - withFilter("cvssV3Severity", severity.toString()); - return this; - } - - /** - * This parameter filters CVE more broadly than cpeName. The exact value of {cpe match string} is compared against - * the CPE Match Criteria present on CVE applicability statements. - * - * @param virtualMatchString virtual matching CPE - * @return the builder - * @see cves-virtualMatchString - */ - public NvdCveClientBuilder withVirtualMatchString(String virtualMatchString) { - withFilter("virtualMatchString", virtualMatchString); - return this; - } - - /** - * The virtualMatchString parameter may be combined with versionStart and versionStartType to return only the CVEs - * associated with CPEs in specific version ranges. - * - * @param versionStart the version start - * @return the builder - * @see cves-versionStart - */ - public NvdCveClientBuilder withVersionStart(String versionStart) { - withFilter("versionStart", versionStart); - return this; - } - - /** - * The virtualMatchString parameter may be combined with versionStart and versionStartType to return only the CVEs - * associated with CPEs in specific version ranges. - * - * @param versionStart the version start - * @param startType including or excluding - * @return the builder - * @see cves-versionStart - */ - public NvdCveClientBuilder withVersionStart(String versionStart, VersionType startType) { - withFilter("versionStart", versionStart); - withFilter("versionStartType", startType.toString().toLowerCase()); - return this; - } - - /** - * The virtualMatchString parameter may be combined with versionEnd and versionEndType to return only the CVEs - * associated with CPEs in specific version ranges. - * - * @param versionEnd the version end - * @return the builder - * @see cves-versionEnd - */ - public NvdCveClientBuilder withVersionEnd(String versionEnd) { - withFilter("versionEnd", versionEnd); - return this; - } - - /** - * The virtualMatchString parameter may be combined with versionEnd and versionEndType to return only the CVEs - * associated with CPEs in specific version ranges. - * - * @param versionEnd the version end - * @param endType including or excluding - * @return the builder - * @see cves-versionEnd - */ - public NvdCveClientBuilder withVersionEnd(String versionEnd, VersionType endType) { - withFilter("versionEnd", versionEnd); - withFilter("versionEndType", endType.toString().toLowerCase()); - return this; - } - - /** - * Provide a supplier for custom HTTP clients. - *

- * Note that {@link #withDelay(long)} and {@link #withMaxRetryCount(int)} have no effect when a custom - * {@link HttpAsyncClientSupplier} is provided. Instead, clients created by the supplier should be configured to use - * {@link NvdApiRetryStrategy} with the desired delay and retry count values. - * - * @param httpClientSupplier supplier for custom HTTP clients; if {@code null} a default client will be used - * @return the builder - */ - public NvdCveClientBuilder withHttpClientSupplier(final HttpAsyncClientSupplier httpClientSupplier) { - this.httpClientSupplier = httpClientSupplier; - return this; - } - - /** - * Build the NVD CVE API client. - * - * @return the NVD CVE API client - */ - public NvdCveClient build() { - NvdCveClient client = new NvdCveClient(apiKey, endpoint, delay, threadCount, maxPageCount, maxRetryCount, - httpClientSupplier, userAgent); - if (!filters.isEmpty()) { - client.setFilters(filters); - } - if (resultsPerPage > 0) { - client.setResultsPerPage(resultsPerPage); - } - return client; - } - - public enum VersionType { - INCLUDING, EXCLUDING - } - - /** - * Parameters to the NVD CVE API used to filter the results. - */ - public enum Filter { - /** - * Returns the vulnerabilities associated with a specific CPE. - * - * 

-         * cpeName=cpe:2.3:a:apache:log4j:2.0:*:*:*:*:*:*:*
-         *
- * - * @see NVD CVE API - */ - CPE_NAME, - /** - * Returns a specific vulnerability. - * - * 
-         * cveId = CVE - 2021 - 44228
-         *
- * - * @see NVD CVE API - */ - CVE_ID, - /** - * Returns vulnerabilities that match a specific CVSS V2 Metric; full or partial vector strings may be used. - * - * 
-         * parameter: cvssV2Metrics=AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L
-         *
- * - * @see NVD CVE API - */ - CVSS_V2_METRICS, - /** - * Returns vulnerabilities that match a specific CVSS V3 Metric; full or partial vector strings may be used. - * - * 
-         * cvssV3Metrics=AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L
-         *
- * - * @see NVD CVE API - */ - CVSS_V3_METRICS, - /** - * Returns vulnerabilities that have a specific CWE. - * - * 
-         * cweId = CWE - 287
-         *
- * - * @see NVD CVE API - */ - CWE_ID, - /** - * Returns vulnerabilities that have an exact key word sequence in the description. - * - * 
-         * keywordExactMatch=exact words
-         *
- * - * @see NVD CVE API - */ - KEYWORD_EXACT_MATCH, - /** - * Returns vulnerabilities where all the keywords are in the description. - * - * 
-         * keywordSearch = words
-         *
- * - * @see NVD CVE API - */ - KEYWORD_SEARCH; - - /** - * Returns the API querystring parameter. - * - * @return the API querystring parameter - */ - public String toParameterName() { - switch (this) { - case CPE_NAME: - return "cpeName"; - case CVE_ID: - return "cveId"; - case CVSS_V2_METRICS: - return "cvssV2Metrics"; - case CVSS_V3_METRICS: - return "cvssV3Metrics"; - case CWE_ID: - return "cweId"; - case KEYWORD_EXACT_MATCH: - return "keywordExactMatch"; - case KEYWORD_SEARCH: - return "keywordSearch"; - } - return "unknown"; - } - } - - /** - * Filters for the NVD CVE API that are used without parameters. - */ - public enum BooleanFilter { - /** - * Returns vulnerabilities with have CERT alerts. - * - * 
-         * hasCertAlerts
-         *
- * - * @see NVD CVE API - */ - HAS_CERT_ALERTS, - /** - * Returns vulnerabilities with have CERT notes. - * - * 
-         * hasCertNotes
-         *
- * - * @see NVD CVE API - */ - HAS_CERT_NOTES, - /** - * Returns vulnerabilities with Known Exploited Vulnerabilities information. - * - * 
-         * hasKev
-         *
- * - * @see NVD CVE API - */ - HAS_KEV, - /** - * Returns vulnerabilities that have OVAL information. - * - * 
-         * hasOval
-         *
- * - * @see NVD CVE API - */ - HAS_OVAL, - /** - * Used in conjunction with the CPE Search and returns only those considered vulnerable. - * - * 
-         * isVulnerable
-         *
- * - * @see NVD CVE API - */ - IS_VULNERABLE, - /** - * Do not include rejected CVEs. - * - * 
-         * noRejected
-         *
- * - * @see NVD CVE API - */ - NO_REJECTED; - - /** - * Returns the API querystring parameter. - * - * @return the API querystring parameter - */ - public String toParameterName() { - switch (this) { - case HAS_CERT_ALERTS: - return "hasCertAlerts"; - case HAS_CERT_NOTES: - return "hasCertNotes"; - case HAS_KEV: - return "hasKev"; - case HAS_OVAL: - return "hasOval"; - case IS_VULNERABLE: - return "isVulnerable"; - case NO_REJECTED: - return "noRejected"; - } - return "unknown"; - } - } - - /** - * The CVSS V2 Severity. - */ - public enum CvssV2Severity { - LOW, MEDIUM, HIGH - } - - /** - * The CVSS V3 Severity. - */ - public enum CvssV3Severity { - LOW, MEDIUM, HIGH, CRITICAL - } -} diff --git a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/RateLimitedCall.java b/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/RateLimitedCall.java deleted file mode 100644 index c4699945..00000000 --- a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/RateLimitedCall.java +++ /dev/null @@ -1,48 +0,0 @@ -/* - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * Copyright (c) 2023-2025 Jeremy Long. All Rights Reserved. - */ -package io.github.jeremylong.openvulnerability.client.nvd; - -import org.apache.hc.client5.http.async.methods.SimpleHttpResponse; -import edu.umd.cs.findbugs.annotations.SuppressFBWarnings; - -public class RateLimitedCall { - private final SimpleHttpResponse response; - private final int clientIndex; - private final int startIndex; - - @SuppressFBWarnings(value = {"EI_EXPOSE_REP", - "EI_EXPOSE_REP2"}, justification = "I prefer to suppress these FindBugs warnings") - public RateLimitedCall(SimpleHttpResponse response, int clientIndex, int startIndex) { - this.response = response; - this.clientIndex = clientIndex; - this.startIndex = startIndex; - } - - @SuppressFBWarnings(value = {"EI_EXPOSE_REP", - "EI_EXPOSE_REP2"}, justification = "I prefer to suppress these FindBugs warnings") - public SimpleHttpResponse getResponse() { - return response; - } - - public int getClientIndex() { - return clientIndex; - } - - public int getStartIndex() { - return startIndex; - } -} diff --git a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/RateLimitedClient.java b/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/RateLimitedClient.java deleted file mode 100644 index f758171e..00000000 --- a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/RateLimitedClient.java +++ /dev/null @@ -1,236 +0,0 @@ -/* - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * Copyright (c) 2022-2025 Jeremy Long. All Rights Reserved. - */ -package io.github.jeremylong.openvulnerability.client.nvd; - -import io.github.jeremylong.openvulnerability.client.HttpAsyncClientSupplier; -import org.apache.hc.client5.http.async.methods.SimpleHttpRequest; -import org.apache.hc.client5.http.async.methods.SimpleHttpResponse; -import org.apache.hc.client5.http.impl.async.CloseableHttpAsyncClient; -import org.apache.hc.client5.http.impl.async.HttpAsyncClients; -import org.apache.hc.client5.http.impl.routing.SystemDefaultRoutePlanner; -import org.apache.hc.core5.concurrent.FutureCallback; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import java.net.ProxySelector; -import java.time.LocalTime; -import java.time.ZonedDateTime; -import java.time.format.DateTimeFormatter; -import java.util.concurrent.ExecutionException; -import java.util.concurrent.ExecutorService; -import java.util.concurrent.Executors; -import java.util.concurrent.Future; - -/** - * Rate limited client for use with a rate limited API. The client contains two mechanisms to control the rate: - *
    - *
  1. RateMeter - limits the number of calls over a given time period
    2. - *
  2. Delay - the minimum delay between calls
    3. - *
- *

- * The two mechanisms may appear redundant - but each have its purpose in making the calls as fast as can be done while - * being kind to the endpoint. If one is calling an endpoint, such as the NVD vulnerability API which is limited to 5 - * calls in 30 seconds without an API Key, to retrieve 4 page of data as quickly as possible you could set a smaller - * delay and still keep the Rate Meter to limit to 5 calls per 30 seconds. However, if you are retrieving a large number - * of pages you would want the delay to be slightly under the time period divided by the allowed number of calls (e.g., - * if we allowed 5 calls over 30 seconds we would use 30/5=6 seconds). - */ -class RateLimitedClient implements AutoCloseable { - - /** - * Reference to the logger. - */ - private final static Logger LOG = LoggerFactory.getLogger(SimpleFutureResponse.class); - /** - * The underlying Async Client. - */ - private final CloseableHttpAsyncClient client; - /** - * Executor service for async implementation. - */ - private final ExecutorService executor = Executors.newSingleThreadExecutor(); - /** - * The epoch time of the last request. - */ - private long lastRequest = 0; - /** - * The minimum delay in milliseconds between API calls. - */ - private long delay; - /** - * Rate limiting meter. - */ - private final RateMeter meter; - - /** - * Construct a rate limited client without a delay or limiters. - */ - RateLimitedClient() { - this(0, 0, 0); - } - - /** - * Construct a rate limited client with a given delay and request window configuration. This allows callers to - * configure 5 requests are allowed over a 30-second rolling window and we will delay at least 4 seconds between - * calls to help more evenly distribute the calls across the request window. - * - * @param minimumDelay the number of milliseconds to wait between API calls - * @param requestsCount the number of requests allowed during the rolling request window timespan - * @param requestWindowMilliseconds the rolling request window size in milliseconds - */ - RateLimitedClient(long minimumDelay, int requestsCount, long requestWindowMilliseconds) { - this(minimumDelay, - (requestsCount > 0 && requestWindowMilliseconds > 0) - ? new RateMeter(requestsCount, requestWindowMilliseconds) - : new RateMeter(100, 5)); - } - - /** - * Construct a rate limited client with a given delay and request window configuration. This allows callers to - * configure 5 requests are allowed over a 30-second rolling window and we will delay at least 4 seconds between - * calls to help more evenly distribute the calls across the request window. - * - * @param minimumDelay the number of milliseconds to wait between API calls - * @param meter the rate meter to limit the request rate - */ - RateLimitedClient(long minimumDelay, RateMeter meter) { - this(10, minimumDelay, meter, null); - } - - /** - * Construct a rate limited client with a given delay and request window configuration. This allows callers to - * configure 5 requests are allowed over a 30-second rolling window and we will delay at least 4 seconds between - * calls to help more evenly distribute the calls across the request window. - * - * @param maxRetries the maximum number of retry attemps - * @param minimumDelay the number of milliseconds to wait between API calls - * @param meter the rate meter to limit the request rate - * @param httpClientSupplier supplier for custom HTTP clients; if {@code null} a default client will be used - */ - RateLimitedClient(int maxRetries, long minimumDelay, RateMeter meter, HttpAsyncClientSupplier httpClientSupplier) { - this.meter = meter; - this.delay = minimumDelay; - LOG.debug("rate limited call delay: {}", delay); - if (httpClientSupplier == null) { - NvdApiRetryStrategy retryStrategy = new NvdApiRetryStrategy(maxRetries, minimumDelay); - SystemDefaultRoutePlanner planner = new SystemDefaultRoutePlanner(ProxySelector.getDefault()); - client = HttpAsyncClients.custom().setRoutePlanner(planner).setRetryStrategy(retryStrategy) - .useSystemProperties().build(); - } else { - client = httpClientSupplier.get(); - } - client.start(); - } - - @Override - public void close() throws Exception { - if (client != null) { - client.close(); - } - executor.shutdown(); - } - - /** - * Returns the delay between API calls in milliseconds. - * - * @return the delay between API calls in milliseconds - */ - public long getDelay() { - return delay; - } - - /** - * Sets the minimum delay between API calls. - * - * @param milliseconds the delay duration - */ - void setDelay(long milliseconds) { - this.delay = milliseconds; - LOG.debug("rate limited call delay: {}", delay); - } - - /** - * Ensures the minimum delay has passed since the last call and asynchronously calls the API. - * - * @param request the request - * @return the future response - */ - Future execute(SimpleHttpRequest request, int clientIndex, int startIndex) { - return executor.submit(() -> delayedExecute(request, clientIndex, startIndex)); - } - - /** - * Ensures the minimum delay has passed since the last call and calls the API. - * - * @param request the request - * @return the future response - * @throws ExecutionException thrown if there is an exception - * @throws InterruptedException thrown if interrupted - */ - private RateLimitedCall delayedExecute(SimpleHttpRequest request, int clientIndex, int startIndex) - throws ExecutionException, InterruptedException { - if (lastRequest > 0 && delay > 0) { - long now = ZonedDateTime.now().toInstant().toEpochMilli(); - long wait = delay - (now - lastRequest); - if (wait > 0) { - LOG.debug("Rate Limited API call - waiting for {}ms", wait); - Thread.sleep(wait); - } - } - try (RateMeter.Ticket t = meter.getTicket()) { - if (LOG.isDebugEnabled()) { - LocalTime time = LocalTime.now(); - DateTimeFormatter formatter = DateTimeFormatter.ofPattern("HH:mm:ss"); - LOG.debug("Requested At: {}; URI: {}", time.format(formatter), request.getRequestUri()); - } - Future f = client.execute(request, new SimpleFutureResponse()); - lastRequest = ZonedDateTime.now().toInstant().toEpochMilli(); - return new RateLimitedCall(f.get(), clientIndex, startIndex); - } catch (Exception e) { - if (e instanceof InterruptedException) { - throw (InterruptedException) e; - } else if (e instanceof ExecutionException) { - throw (ExecutionException) e; - } - throw new NvdApiException(e); - } - } - - /** - * Future response. - */ - static class SimpleFutureResponse implements FutureCallback { - /** - * Reference to the logger. - */ - private final Logger log = LoggerFactory.getLogger(SimpleFutureResponse.class); - - @Override - public void completed(SimpleHttpResponse result) { - } - - @Override - public void failed(Exception ex) { - log.debug("request failed", ex); - } - - @Override - public void cancelled() { - // do nothing - } - } -} diff --git a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/RateMeter.java b/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/RateMeter.java deleted file mode 100644 index f223fc28..00000000 --- a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/RateMeter.java +++ /dev/null @@ -1,157 +0,0 @@ -/* - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * Copyright (c) 2022-2025 Jeremy Long. All Rights Reserved. - */ -package io.github.jeremylong.openvulnerability.client.nvd; - -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import java.time.LocalTime; -import java.time.format.DateTimeFormatter; -import java.util.Objects; -import java.util.concurrent.BlockingQueue; -import java.util.concurrent.DelayQueue; -import java.util.concurrent.Delayed; -import java.util.concurrent.TimeUnit; - -/** - * A rate limiting meter that works by granting tickets. The tickets are closable - do not leak tickets. The tickets are - * auto-closable so should be granted in a try with resources: - * - * 

- * int duration = 30000;
- * int queueSize = 5;
- * RateMeter instance = new RateMeter(queueSize, duration);
- * try (RateMeter.Ticket t = instance.getTicket()) {
- *     // do something
- * }
- *
- */ -public class RateMeter { - /** - * Reference to the logger. - */ - private static final Logger LOG = LoggerFactory.getLogger(RateMeter.class); - private final BlockingQueue queue = new DelayQueue<>(); - private int quantity; - private long durationMilliseconds; - - /** - * Creates a new rate meter to limit how quickly an operation can take place. - * - * @param quantity the number of tickets available - * @param durationMilliseconds the duration of a ticket in milliseconds - */ - public RateMeter(int quantity, long durationMilliseconds) { - this.quantity = quantity; - this.durationMilliseconds = durationMilliseconds; - } - - /** - * Grants a ticket to proceed given the rate limit. Tickets are closable - do not leak tickets; remember to close - * them. - * - * @return a ticket - * @throws InterruptedException thrown if interrupted - */ - public synchronized Ticket getTicket() throws InterruptedException { - if (queue.size() >= quantity) { - Ticket ticket = queue.take(); - if (LOG.isDebugEnabled()) { - final DateTimeFormatter formatter = DateTimeFormatter.ofPattern("HH:mm:ss"); - final LocalTime time = LocalTime.now(); - LOG.debug("Ticket taken At: {}; count: {}", time.format(formatter), queue.size() + 1); - } - return ticket; - } - if (LOG.isDebugEnabled()) { - final DateTimeFormatter formatter = DateTimeFormatter.ofPattern("HH:mm:ss"); - final LocalTime time = LocalTime.now(); - LOG.debug("Ticket taken At: {}; count: {}; by {}", time.format(formatter), queue.size() + 1, - Thread.currentThread().getId()); - } - return new Ticket(this); - } - - synchronized void replaceTicket() throws InterruptedException { - if (queue.size() < quantity) { - queue.put(new Ticket(this)); - if (LOG.isDebugEnabled()) { - final DateTimeFormatter formatter = DateTimeFormatter.ofPattern("HH:mm:ss"); - final LocalTime time = LocalTime.now(); - LOG.debug("Ticket returned At: {}; count: {}; by {}", time.format(formatter), queue.size() + 1, - Thread.currentThread().getId()); - } - } - } - - public int getQuantity() { - return quantity; - } - - public void setQuantity(int quantity) { - this.quantity = quantity; - } - - public long getDurationMilliseconds() { - return durationMilliseconds; - } - - public void setDurationMilliseconds(long durationMilliseconds) { - this.durationMilliseconds = durationMilliseconds; - } - - public static class Ticket implements Delayed, AutoCloseable { - private final RateMeter meter; - private final long startTime; - - Ticket(RateMeter meter) { - this.meter = meter; - this.startTime = System.currentTimeMillis() + meter.getDurationMilliseconds(); - } - - @Override - public long getDelay(TimeUnit unit) { - long diff = startTime - System.currentTimeMillis(); - return unit.convert(diff, TimeUnit.MILLISECONDS); - } - - @Override - public int compareTo(Delayed o) { - return (int) (this.startTime - ((Ticket) o).startTime); - } - - @Override - public boolean equals(Object o) { - if (this == o) - return true; - if (o == null || getClass() != o.getClass()) - return false; - Ticket ticket = (Ticket) o; - return startTime == ticket.startTime; - } - - @Override - public int hashCode() { - return Objects.hash(startTime); - } - - @Override - public void close() throws Exception { - meter.replaceTicket(); - } - } -} diff --git a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/Reference.java b/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/Reference.java deleted file mode 100644 index 0d48455c..00000000 --- a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/Reference.java +++ /dev/null @@ -1,107 +0,0 @@ -/* - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * Copyright (c) 2023-2025 Jeremy Long. All Rights Reserved. - */ -package io.github.jeremylong.openvulnerability.client.nvd; - -import com.fasterxml.jackson.annotation.JsonIgnoreProperties; -import com.fasterxml.jackson.annotation.JsonInclude; -import com.fasterxml.jackson.annotation.JsonProperty; -import com.fasterxml.jackson.annotation.JsonPropertyOrder; -import edu.umd.cs.findbugs.annotations.SuppressFBWarnings; - -import java.io.Serializable; -import java.util.List; -import java.util.Objects; - -@JsonInclude(JsonInclude.Include.NON_NULL) -@JsonIgnoreProperties(ignoreUnknown = true) -@JsonPropertyOrder({"url", "source", "tags"}) -public class Reference implements Serializable { - - /** - * Serialization version UID. - */ - private static final long serialVersionUID = -224192309845772254L; - /** - * (Required) - */ - @JsonProperty("url") - private String url; - @JsonProperty("source") - private String source; - @JsonProperty("tags") - private List tags; - - public Reference() { - } - - @SuppressFBWarnings(value = {"EI_EXPOSE_REP", - "EI_EXPOSE_REP2"}, justification = "I prefer to suppress these FindBugs warnings") - public Reference(String url, String source, List tags) { - this.url = url; - this.source = source; - this.tags = tags; - } - - /** - * (Required) - * - * @return url - */ - @JsonProperty("url") - public String getUrl() { - return url; - } - - /** - * @return source - */ - @JsonProperty("source") - public String getSource() { - return source; - } - - /** - * @return tags - */ - @JsonProperty("tags") - @SuppressFBWarnings(value = {"EI_EXPOSE_REP", - "EI_EXPOSE_REP2"}, justification = "I prefer to suppress these FindBugs warnings") - public List getTags() { - return tags; - } - - @Override - public String toString() { - return "Reference{" + "url='" + url + '\'' + ", source='" + source + '\'' + ", tags=" + tags + '}'; - } - - @Override - public boolean equals(Object o) { - if (this == o) - return true; - if (o == null || getClass() != o.getClass()) - return false; - Reference reference = (Reference) o; - return Objects.equals(url, reference.url) && Objects.equals(source, reference.source) - && Objects.equals(tags, reference.tags); - } - - @Override - public int hashCode() { - return Objects.hash(url, source, tags); - } -} diff --git a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/VendorComment.java b/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/VendorComment.java deleted file mode 100644 index c8961d50..00000000 --- a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/VendorComment.java +++ /dev/null @@ -1,116 +0,0 @@ -/* - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * Copyright (c) 2023-2025 Jeremy Long. All Rights Reserved. - */ -package io.github.jeremylong.openvulnerability.client.nvd; - -import com.fasterxml.jackson.annotation.JsonFormat; -import com.fasterxml.jackson.annotation.JsonInclude; -import com.fasterxml.jackson.annotation.JsonProperty; -import com.fasterxml.jackson.annotation.JsonPropertyOrder; - -import java.io.Serializable; -import java.time.ZonedDateTime; -import java.util.Objects; - -@JsonInclude(JsonInclude.Include.NON_NULL) -@JsonPropertyOrder({"organization", "comment", "lastModified"}) -public class VendorComment implements Serializable { - - /** - * Serialization version UID. - */ - private static final long serialVersionUID = -5866678952379674377L; - /** - * (Required) - */ - @JsonProperty("organization") - private String organization; - /** - * (Required) - */ - @JsonProperty("comment") - private String comment; - /** - * (Required) - */ - @JsonProperty("lastModified") - // the below format is a hack/workaround due to some poorly formatted dates in the NVD data, the getter corrects the - // serialized format - @JsonFormat(pattern = "uuuu-MM-dd'T'HH:mm:ss[.[SSSSSSSSS][SSSSSSSS][SSSSSSS][SSSSSS][SSSSS][SSSS][SSS][SS][S]]", timezone = "UTC") - private ZonedDateTime lastModified; - - public VendorComment() { - } - - public VendorComment(String organization, String comment, ZonedDateTime lastModified) { - this.organization = organization; - this.comment = comment; - this.lastModified = lastModified; - } - - /** - * (Required) - * - * @return organization - */ - @JsonProperty("organization") - public String getOrganization() { - return organization; - } - - /** - * (Required) - * - * @return comment - */ - @JsonProperty("comment") - public String getComment() { - return comment; - } - - /** - * (Required) - * - * @return lastModified - */ - @JsonProperty("lastModified") - @JsonFormat(pattern = "uuuu-MM-dd'T'HH:mm:ss.SSS", timezone = "UTC") - public ZonedDateTime getLastModified() { - return lastModified; - } - - @Override - public String toString() { - return "VendorComment{" + "organization='" + organization + '\'' + ", comment='" + comment + '\'' - + ", lastModified=" + lastModified + '}'; - } - - @Override - public boolean equals(Object o) { - if (this == o) - return true; - if (o == null || getClass() != o.getClass()) - return false; - VendorComment that = (VendorComment) o; - return Objects.equals(organization, that.organization) && Objects.equals(comment, that.comment) - && Objects.equals(lastModified, that.lastModified); - } - - @Override - public int hashCode() { - return Objects.hash(organization, comment, lastModified); - } -} diff --git a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/Weakness.java b/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/Weakness.java deleted file mode 100644 index 9ba2b9d4..00000000 --- a/open-vulnerability-clients/src/main/java/io/github/jeremylong/openvulnerability/client/nvd/Weakness.java +++ /dev/null @@ -1,116 +0,0 @@ -/* - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * Copyright (c) 2023-2025 Jeremy Long. All Rights Reserved. - */ -package io.github.jeremylong.openvulnerability.client.nvd; - -import com.fasterxml.jackson.annotation.JsonInclude; -import com.fasterxml.jackson.annotation.JsonProperty; -import com.fasterxml.jackson.annotation.JsonPropertyOrder; -import edu.umd.cs.findbugs.annotations.SuppressFBWarnings; - -import java.io.Serializable; -import java.util.List; -import java.util.Objects; - -@JsonInclude(JsonInclude.Include.NON_NULL) -@JsonPropertyOrder({"source", "type", "description"}) -public class Weakness implements Serializable { - - /** - * Serialization version UID. - */ - private static final long serialVersionUID = -6330752220797574809L; - /** - * (Required) - */ - @JsonProperty("source") - private String source; - /** - * (Required) - */ - @JsonProperty("type") - private String type; - /** - * (Required) - */ - @JsonProperty("description") - private List description; - - public Weakness() { - } - - @SuppressFBWarnings(value = {"EI_EXPOSE_REP", - "EI_EXPOSE_REP2"}, justification = "I prefer to suppress these FindBugs warnings") - public Weakness(String source, String type, List description) { - this.source = source; - this.type = type; - this.description = description; - } - - /** - * (Required) - * - * @return source - */ - @JsonProperty("source") - public String getSource() { - return source; - } - - /** - * (Required) - * - * @return type - */ - @JsonProperty("type") - public String getType() { - return type; - } - - /** - * (Required) - * - * @return description - */ - @JsonProperty("description") - @SuppressFBWarnings(value = {"EI_EXPOSE_REP", - "EI_EXPOSE_REP2"}, justification = "I prefer to suppress these FindBugs warnings") - public List getDescription() { - return description; - } - - @Override - public String toString() { - return "Weakness{" + "source='" + source + '\'' + ", type='" + type + '\'' + ", description=" + description - + '}'; - } - - @Override - public boolean equals(Object o) { - if (this == o) - return true; - if (o == null || getClass() != o.getClass()) - return false; - Weakness weakness = (Weakness) o; - return Objects.equals(source, weakness.source) && Objects.equals(type, weakness.type) - && Objects.equals(description, weakness.description); - } - - @Override - public int hashCode() { - return Objects.hash(source, type, description); - } -} diff --git a/open-vulnerability-clients/src/main/resources/json/cve-api-json-v2.2.0.schema b/open-vulnerability-clients/src/main/resources/json/cve-api-json-v2.2.0.schema deleted file mode 100644 index 1401ac2c..00000000 --- a/open-vulnerability-clients/src/main/resources/json/cve-api-json-v2.2.0.schema +++ /dev/null @@ -1,498 +0,0 @@ -{ - "$schema": "http://json-schema.org/draft-07/schema#", - "title": "JSON Schema for NVD Vulnerability Data API version 2.2.0", - "definitions": { - "def_cve_item": { - "properties": { - "cve": { - "$ref": "#/definitions/cve_item" - } - }, - "required": [ - "cve" - ], - "additionalProperties": false - }, - "cve_item": { - "type": "object", - "properties": { - "id": { - "$ref": "#/definitions/cve_id" - }, - "sourceIdentifier": { - "type": "string" - }, - "vulnStatus": { - "type": "string" - }, - "published": { - "type": "string", - "format": "date-time" - }, - "lastModified": { - "type": "string", - "format": "date-time" - }, - "evaluatorComment": { - "type": "string" - }, - "evaluatorSolution": { - "type": "string" - }, - "evaluatorImpact": { - "type": "string" - }, - "cisaExploitAdd": { - "type": "string", - "format": "date" - }, - "cisaActionDue": { - "type": "string", - "format": "date" - }, - "cisaRequiredAction": { - "type": "string" - }, - "cisaVulnerabilityName": { - "type": "string" - }, - "cveTags": { - "type": "array", - "items": [ - { - "type": "object", - "properties": { - "sourceIdentifier": { - "description": "The email address or UUID of the source that contributed the information", - "type": "string" - }, - "tags": { - "type": "array", - "items": { - "type": "string", - "enum": [ - "unsupported-when-assigned", - "exclusively-hosted-service", - "disputed" - ] - } - } - } - } - ] - }, - "descriptions": { - "type": "array", - "minItems": 1, - "items": { - "$ref": "#/definitions/lang_string" - } - }, - "references": { - "type": "array", - "items": { - "$ref": "#/definitions/reference" - }, - "maxItems": 500, - "minItems": 0 - }, - "metrics": { - "description": "Metric scores for a vulnerability as found on NVD.", - "type": "object", - "properties": { - "cvssMetricV40": { - "description": "CVSS V4.0 score.", - "type": "array", - "items": { - "$ref": "#/definitions/cvss-v40" - } - }, - "cvssMetricV31": { - "description": "CVSS V3.1 score.", - "type": "array", - "items": { - "$ref": "#/definitions/cvss-v31" - } - }, - "cvssMetricV30": { - "description": "CVSS V3.0 score.", - "type": "array", - "items": { - "$ref": "#/definitions/cvss-v30" - } - }, - "cvssMetricV2": { - "description": "CVSS V2.0 score.", - "type": "array", - "items": { - "$ref": "#/definitions/cvss-v2" - } - } - } - }, - "weaknesses": { - "type": "array", - "items": { - "$ref": "#/definitions/weakness" - } - }, - "configurations": { - "type": "array", - "items": { - "$ref": "#/definitions/config" - } - }, - "vendorComments": { - "type": "array", - "items": { - "$ref": "#/definitions/vendorComment" - } - } - }, - "required": [ - "id", - "published", - "lastModified", - "references", - "descriptions" - ] - }, - "cvss-v2": { - "properties": { - "source": { - "type": "string" - }, - "type": { - "enum": [ - "Primary", - "Secondary" - ] - }, - "cvssData": { - "$ref": "https://csrc.nist.gov/schema/nvd/api/2.0/external/cvss-v2.0.json" - }, - "baseSeverity": { - "type": "string" - }, - "exploitabilityScore": { - "$ref": "#/definitions/def_subscore" - }, - "impactScore": { - "$ref": "#/definitions/def_subscore" - }, - "acInsufInfo": { - "type": "boolean" - }, - "obtainAllPrivilege": { - "type": "boolean" - }, - "obtainUserPrivilege": { - "type": "boolean" - }, - "obtainOtherPrivilege": { - "type": "boolean" - }, - "userInteractionRequired": { - "type": "boolean" - } - }, - "required": [ - "source", - "type", - "cvssData" - ], - "additionalProperties": false - }, - "cvss-v30": { - "properties": { - "source": { - "type": "string" - }, - "type": { - "enum": [ - "Primary", - "Secondary" - ] - }, - "cvssData": { - "$ref": "https://csrc.nist.gov/schema/nvd/api/2.0/external/cvss-v3.0.json" - }, - "exploitabilityScore": { - "$ref": "#/definitions/def_subscore" - }, - "impactScore": { - "$ref": "#/definitions/def_subscore" - } - }, - "required": [ - "source", - "type", - "cvssData" - ], - "additionalProperties": false - }, - "cvss-v31": { - "properties": { - "source": { - "type": "string" - }, - "type": { - "enum": [ - "Primary", - "Secondary" - ] - }, - "cvssData": { - "$ref": "https://csrc.nist.gov/schema/nvd/api/2.0/external/cvss-v3.1.json" - }, - "exploitabilityScore": { - "$ref": "#/definitions/def_subscore" - }, - "impactScore": { - "$ref": "#/definitions/def_subscore" - } - }, - "required": [ - "source", - "type", - "cvssData" - ], - "additionalProperties": false - }, - "cvss-v40": { - "properties": { - "source": { - "type": "string" - }, - "type": { - "enum": [ - "Primary", - "Secondary" - ] - }, - "cvssData": { - "$ref": "https://csrc.nist.gov/schema/nvd/api/2.0/external/cvss-v4.0.json" - } - }, - "required": [ - "source", - "type", - "cvssData" - ], - "additionalProperties": false - }, - "cve_id": { - "type": "string", - "pattern": "^CVE-[0-9]{4}-[0-9]{4,}$" - }, - "lang_string": { - "type": "object", - "properties": { - "lang": { - "type": "string" - }, - "value": { - "type": "string", - "maxLength": 4096 - } - }, - "required": [ - "lang", - "value" - ], - "additionalProperties": false - }, - "reference": { - "type": "object", - "properties": { - "url": { - "maxLength": 500, - "type": "string", - "pattern": "^(ftp|http)s?://\\S+$" - }, - "source": { - "type": "string" - }, - "tags": { - "type": "array", - "items": { - "type": "string" - } - } - }, - "required": [ - "url" - ] - }, - "vendorComment": { - "type": "object", - "properties": { - "organization": { - "type": "string" - }, - "comment": { - "type": "string" - }, - "lastModified": { - "type": "string", - "format": "date-time" - } - }, - "required": [ - "organization", - "comment", - "lastModified" - ], - "additionalProperties": false - }, - "weakness": { - "properties": { - "source": { - "type": "string" - }, - "type": { - "type": "string" - }, - "description": { - "type": "array", - "minItems": 0, - "items": { - "$ref": "#/definitions/lang_string" - } - } - }, - "required": [ - "source", - "type", - "description" - ], - "additionalProperties": false - }, - "config": { - "properties": { - "operator": { - "type": "string", - "enum": [ - "AND", - "OR" - ] - }, - "negate": { - "type": "boolean" - }, - "nodes": { - "type": "array", - "items": { - "$ref": "#/definitions/node" - } - } - }, - "required": [ - "nodes" - ] - }, - "node": { - "description": "Defines a configuration node in an NVD applicability statement.", - "properties": { - "operator": { - "type": "string", - "enum": [ - "AND", - "OR" - ] - }, - "negate": { - "type": "boolean" - }, - "cpeMatch": { - "type": "array", - "items": { - "$ref": "#/definitions/cpe_match" - } - } - }, - "required": [ - "operator", - "cpeMatch" - ] - }, - "cpe_match": { - "description": "CPE match string or range", - "type": "object", - "properties": { - "vulnerable": { - "type": "boolean" - }, - "criteria": { - "type": "string" - }, - "matchCriteriaId": { - "type": "string", - "format": "uuid" - }, - "versionStartExcluding": { - "type": "string" - }, - "versionStartIncluding": { - "type": "string" - }, - "versionEndExcluding": { - "type": "string" - }, - "versionEndIncluding": { - "type": "string" - } - }, - "required": [ - "vulnerable", - "criteria", - "matchCriteriaId" - ] - }, - "def_subscore": { - "description": "CVSS subscore.", - "type": "number", - "minimum": 0, - "maximum": 10 - } - }, - "type": "object", - "properties": { - "resultsPerPage": { - "type": "integer" - }, - "startIndex": { - "type": "integer" - }, - "totalResults": { - "type": "integer" - }, - "format": { - "type": "string" - }, - "version": { - "type": "string" - }, - "timestamp": { - "type": "string", - "format": "date-time" - }, - "vulnerabilities": { - "description": "NVD feed array of CVE", - "type": "array", - "items": { - "$ref": "#/definitions/def_cve_item" - } - } - }, - "required": [ - "resultsPerPage", - "startIndex", - "totalResults", - "format", - "version", - "timestamp", - "vulnerabilities" - ], - "additionalProperties": false -} diff --git a/open-vulnerability-clients/src/main/resources/json/cvss-v2.0.json b/open-vulnerability-clients/src/main/resources/json/cvss-v2.0.json deleted file mode 100644 index 3dc88031..00000000 --- a/open-vulnerability-clients/src/main/resources/json/cvss-v2.0.json +++ /dev/null @@ -1,103 +0,0 @@ -{ - "license": [ - "Copyright (c) 2017, FIRST.ORG, INC.", - "All rights reserved.", - "", - "Redistribution and use in source and binary forms, with or without modification, are permitted provided that the ", - "following conditions are met:", - "1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following ", - " disclaimer.", - "2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the ", - " following disclaimer in the documentation and/or other materials provided with the distribution.", - "3. Neither the name of the copyright holder nor the names of its contributors may be used to endorse or promote ", - " products derived from this software without specific prior written permission.", - "", - "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 'AS IS' AND ANY EXPRESS OR IMPLIED WARRANTIES, ", - "INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE ", - "DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, ", - "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR ", - "SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, ", - "WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE ", - "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE." - ], - - "$schema": "http://json-schema.org/draft-07/schema#", - "title": "JSON Schema for Common Vulnerability Scoring System version 2.0", - "type": "object", - "definitions": { - "accessVectorType": { - "type": "string", - "enum": [ "NETWORK", "ADJACENT_NETWORK", "LOCAL" ] - }, - "accessComplexityType": { - "type": "string", - "enum": [ "HIGH", "MEDIUM", "LOW" ] - }, - "authenticationType": { - "type": "string", - "enum": [ "MULTIPLE", "SINGLE", "NONE" ] - }, - "ciaType": { - "type": "string", - "enum": [ "NONE", "PARTIAL", "COMPLETE" ] - }, - "exploitabilityType": { - "type": "string", - "enum": [ "UNPROVEN", "PROOF_OF_CONCEPT", "FUNCTIONAL", "HIGH", "NOT_DEFINED" ] - }, - "remediationLevelType": { - "type": "string", - "enum": [ "OFFICIAL_FIX", "TEMPORARY_FIX", "WORKAROUND", "UNAVAILABLE", "NOT_DEFINED" ] - }, - "reportConfidenceType": { - "type": "string", - "enum": [ "UNCONFIRMED", "UNCORROBORATED", "CONFIRMED", "NOT_DEFINED" ] - }, - "collateralDamagePotentialType": { - "type": "string", - "enum": [ "NONE", "LOW", "LOW_MEDIUM", "MEDIUM_HIGH", "HIGH", "NOT_DEFINED" ] - }, - "targetDistributionType": { - "type": "string", - "enum": [ "NONE", "LOW", "MEDIUM", "HIGH", "NOT_DEFINED" ] - }, - "ciaRequirementType": { - "type": "string", - "enum": [ "LOW", "MEDIUM", "HIGH", "NOT_DEFINED" ] - }, - "scoreType": { - "type": "number", - "minimum": 0, - "maximum": 10 - } - }, - "properties": { - "version": { - "description": "CVSS Version", - "type": "string", - "enum": [ "2.0" ] - }, - "vectorString": { - "type": "string", - "pattern": "^((AV:[NAL]|AC:[LMH]|Au:[MSN]|[CIA]:[NPC]|E:(U|POC|F|H|ND)|RL:(OF|TF|W|U|ND)|RC:(UC|UR|C|ND)|CDP:(N|L|LM|MH|H|ND)|TD:(N|L|M|H|ND)|[CIA]R:(L|M|H|ND))/)*(AV:[NAL]|AC:[LMH]|Au:[MSN]|[CIA]:[NPC]|E:(U|POC|F|H|ND)|RL:(OF|TF|W|U|ND)|RC:(UC|UR|C|ND)|CDP:(N|L|LM|MH|H|ND)|TD:(N|L|M|H|ND)|[CIA]R:(L|M|H|ND))$" - }, - "accessVector": { "$ref": "#/definitions/accessVectorType" }, - "accessComplexity": { "$ref": "#/definitions/accessComplexityType" }, - "authentication": { "$ref": "#/definitions/authenticationType" }, - "confidentialityImpact": { "$ref": "#/definitions/ciaType" }, - "integrityImpact": { "$ref": "#/definitions/ciaType" }, - "availabilityImpact": { "$ref": "#/definitions/ciaType" }, - "baseScore": { "$ref": "#/definitions/scoreType" }, - "exploitability": { "$ref": "#/definitions/exploitabilityType" }, - "remediationLevel": { "$ref": "#/definitions/remediationLevelType" }, - "reportConfidence": { "$ref": "#/definitions/reportConfidenceType" }, - "temporalScore": { "$ref": "#/definitions/scoreType" }, - "collateralDamagePotential": { "$ref": "#/definitions/collateralDamagePotentialType" }, - "targetDistribution": { "$ref": "#/definitions/targetDistributionType" }, - "confidentialityRequirement": { "$ref": "#/definitions/ciaRequirementType" }, - "integrityRequirement": { "$ref": "#/definitions/ciaRequirementType" }, - "availabilityRequirement": { "$ref": "#/definitions/ciaRequirementType" }, - "environmentalScore": { "$ref": "#/definitions/scoreType" } - }, - "required": [ "version", "vectorString", "baseScore" ] -} \ No newline at end of file diff --git a/open-vulnerability-clients/src/main/resources/json/cvss-v3.0.json b/open-vulnerability-clients/src/main/resources/json/cvss-v3.0.json deleted file mode 100644 index 1d8928f0..00000000 --- a/open-vulnerability-clients/src/main/resources/json/cvss-v3.0.json +++ /dev/null @@ -1,142 +0,0 @@ -{ - "license": [ - "Copyright (c) 2017, FIRST.ORG, INC.", - "All rights reserved.", - "", - "Redistribution and use in source and binary forms, with or without modification, are permitted provided that the ", - "following conditions are met:", - "1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following ", - " disclaimer.", - "2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the ", - " following disclaimer in the documentation and/or other materials provided with the distribution.", - "3. Neither the name of the copyright holder nor the names of its contributors may be used to endorse or promote ", - " products derived from this software without specific prior written permission.", - "", - "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 'AS IS' AND ANY EXPRESS OR IMPLIED WARRANTIES, ", - "INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE ", - "DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, ", - "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR ", - "SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, ", - "WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE ", - "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE." - ], - - "$schema": "http://json-schema.org/draft-07/schema#", - "title": "JSON Schema for Common Vulnerability Scoring System version 3.0", - "type": "object", - "definitions": { - "attackVectorType": { - "type": "string", - "enum": [ "NETWORK", "ADJACENT_NETWORK", "LOCAL", "PHYSICAL" ] - }, - "modifiedAttackVectorType": { - "type": "string", - "enum": [ "NETWORK", "ADJACENT_NETWORK", "LOCAL", "PHYSICAL", "NOT_DEFINED" ] - }, - "attackComplexityType": { - "type": "string", - "enum": [ "HIGH", "LOW" ] - }, - "modifiedAttackComplexityType": { - "type": "string", - "enum": [ "HIGH", "LOW", "NOT_DEFINED" ] - }, - "privilegesRequiredType": { - "type": "string", - "enum": [ "HIGH", "LOW", "NONE" ] - }, - "modifiedPrivilegesRequiredType": { - "type": "string", - "enum": [ "HIGH", "LOW", "NONE", "NOT_DEFINED" ] - }, - "userInteractionType": { - "type": "string", - "enum": [ "NONE", "REQUIRED" ] - }, - "modifiedUserInteractionType": { - "type": "string", - "enum": [ "NONE", "REQUIRED", "NOT_DEFINED" ] - }, - "scopeType": { - "type": "string", - "enum": [ "UNCHANGED", "CHANGED" ] - }, - "modifiedScopeType": { - "type": "string", - "enum": [ "UNCHANGED", "CHANGED", "NOT_DEFINED" ] - }, - "ciaType": { - "type": "string", - "enum": [ "NONE", "LOW", "HIGH" ] - }, - "modifiedCiaType": { - "type": "string", - "enum": [ "NONE", "LOW", "HIGH", "NOT_DEFINED" ] - }, - "exploitCodeMaturityType": { - "type": "string", - "enum": [ "UNPROVEN", "PROOF_OF_CONCEPT", "FUNCTIONAL", "HIGH", "NOT_DEFINED" ] - }, - "remediationLevelType": { - "type": "string", - "enum": [ "OFFICIAL_FIX", "TEMPORARY_FIX", "WORKAROUND", "UNAVAILABLE", "NOT_DEFINED" ] - }, - "confidenceType": { - "type": "string", - "enum": [ "UNKNOWN", "REASONABLE", "CONFIRMED", "NOT_DEFINED" ] - }, - "ciaRequirementType": { - "type": "string", - "enum": [ "LOW", "MEDIUM", "HIGH", "NOT_DEFINED" ] - }, - "scoreType": { - "type": "number", - "minimum": 0, - "maximum": 10 - }, - "severityType": { - "type": "string", - "enum": [ "NONE", "LOW", "MEDIUM", "HIGH", "CRITICAL" ] - } - }, - "properties": { - "version": { - "description": "CVSS Version", - "type": "string", - "enum": [ "3.0" ] - }, - "vectorString": { - "type": "string", - "pattern": "^CVSS:3[.]0/((AV:[NALP]|AC:[LH]|PR:[UNLH]|UI:[NR]|S:[UC]|[CIA]:[NLH]|E:[XUPFH]|RL:[XOTWU]|RC:[XURC]|[CIA]R:[XLMH]|MAV:[XNALP]|MAC:[XLH]|MPR:[XUNLH]|MUI:[XNR]|MS:[XUC]|M[CIA]:[XNLH])/)*(AV:[NALP]|AC:[LH]|PR:[UNLH]|UI:[NR]|S:[UC]|[CIA]:[NLH]|E:[XUPFH]|RL:[XOTWU]|RC:[XURC]|[CIA]R:[XLMH]|MAV:[XNALP]|MAC:[XLH]|MPR:[XUNLH]|MUI:[XNR]|MS:[XUC]|M[CIA]:[XNLH])$" - }, - "attackVector": { "$ref": "#/definitions/attackVectorType" }, - "attackComplexity": { "$ref": "#/definitions/attackComplexityType" }, - "privilegesRequired": { "$ref": "#/definitions/privilegesRequiredType" }, - "userInteraction": { "$ref": "#/definitions/userInteractionType" }, - "scope": { "$ref": "#/definitions/scopeType" }, - "confidentialityImpact": { "$ref": "#/definitions/ciaType" }, - "integrityImpact": { "$ref": "#/definitions/ciaType" }, - "availabilityImpact": { "$ref": "#/definitions/ciaType" }, - "baseScore": { "$ref": "#/definitions/scoreType" }, - "baseSeverity": { "$ref": "#/definitions/severityType" }, - "exploitCodeMaturity": { "$ref": "#/definitions/exploitCodeMaturityType" }, - "remediationLevel": { "$ref": "#/definitions/remediationLevelType" }, - "reportConfidence": { "$ref": "#/definitions/confidenceType" }, - "temporalScore": { "$ref": "#/definitions/scoreType" }, - "temporalSeverity": { "$ref": "#/definitions/severityType" }, - "confidentialityRequirement": { "$ref": "#/definitions/ciaRequirementType" }, - "integrityRequirement": { "$ref": "#/definitions/ciaRequirementType" }, - "availabilityRequirement": { "$ref": "#/definitions/ciaRequirementType" }, - "modifiedAttackVector": { "$ref": "#/definitions/modifiedAttackVectorType" }, - "modifiedAttackComplexity": { "$ref": "#/definitions/modifiedAttackComplexityType" }, - "modifiedPrivilegesRequired": { "$ref": "#/definitions/modifiedPrivilegesRequiredType" }, - "modifiedUserInteraction": { "$ref": "#/definitions/modifiedUserInteractionType" }, - "modifiedScope": { "$ref": "#/definitions/modifiedScopeType" }, - "modifiedConfidentialityImpact": { "$ref": "#/definitions/modifiedCiaType" }, - "modifiedIntegrityImpact": { "$ref": "#/definitions/modifiedCiaType" }, - "modifiedAvailabilityImpact": { "$ref": "#/definitions/modifiedCiaType" }, - "environmentalScore": { "$ref": "#/definitions/scoreType" }, - "environmentalSeverity": { "$ref": "#/definitions/severityType" } - }, - "required": [ "version", "vectorString", "baseScore", "baseSeverity" ] -} \ No newline at end of file diff --git a/open-vulnerability-clients/src/main/resources/json/cvss-v3.1.json b/open-vulnerability-clients/src/main/resources/json/cvss-v3.1.json deleted file mode 100644 index 305bd281..00000000 --- a/open-vulnerability-clients/src/main/resources/json/cvss-v3.1.json +++ /dev/null @@ -1,142 +0,0 @@ -{ - "license": [ - "Copyright (c) 2021, FIRST.ORG, INC.", - "All rights reserved.", - "", - "Redistribution and use in source and binary forms, with or without modification, are permitted provided that the ", - "following conditions are met:", - "1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following ", - " disclaimer.", - "2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the ", - " following disclaimer in the documentation and/or other materials provided with the distribution.", - "3. Neither the name of the copyright holder nor the names of its contributors may be used to endorse or promote ", - " products derived from this software without specific prior written permission.", - "", - "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 'AS IS' AND ANY EXPRESS OR IMPLIED WARRANTIES, ", - "INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE ", - "DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, ", - "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR ", - "SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, ", - "WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE ", - "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE." - ], - - "$schema": "http://json-schema.org/draft-07/schema#", - "title": "JSON Schema for Common Vulnerability Scoring System version 3.1", - "type": "object", - "definitions": { - "attackVectorType": { - "type": "string", - "enum": [ "NETWORK", "ADJACENT_NETWORK", "LOCAL", "PHYSICAL" ] - }, - "modifiedAttackVectorType": { - "type": "string", - "enum": [ "NETWORK", "ADJACENT_NETWORK", "LOCAL", "PHYSICAL", "NOT_DEFINED" ] - }, - "attackComplexityType": { - "type": "string", - "enum": [ "HIGH", "LOW" ] - }, - "modifiedAttackComplexityType": { - "type": "string", - "enum": [ "HIGH", "LOW", "NOT_DEFINED" ] - }, - "privilegesRequiredType": { - "type": "string", - "enum": [ "HIGH", "LOW", "NONE" ] - }, - "modifiedPrivilegesRequiredType": { - "type": "string", - "enum": [ "HIGH", "LOW", "NONE", "NOT_DEFINED" ] - }, - "userInteractionType": { - "type": "string", - "enum": [ "NONE", "REQUIRED" ] - }, - "modifiedUserInteractionType": { - "type": "string", - "enum": [ "NONE", "REQUIRED", "NOT_DEFINED" ] - }, - "scopeType": { - "type": "string", - "enum": [ "UNCHANGED", "CHANGED" ] - }, - "modifiedScopeType": { - "type": "string", - "enum": [ "UNCHANGED", "CHANGED", "NOT_DEFINED" ] - }, - "ciaType": { - "type": "string", - "enum": [ "NONE", "LOW", "HIGH" ] - }, - "modifiedCiaType": { - "type": "string", - "enum": [ "NONE", "LOW", "HIGH", "NOT_DEFINED" ] - }, - "exploitCodeMaturityType": { - "type": "string", - "enum": [ "UNPROVEN", "PROOF_OF_CONCEPT", "FUNCTIONAL", "HIGH", "NOT_DEFINED" ] - }, - "remediationLevelType": { - "type": "string", - "enum": [ "OFFICIAL_FIX", "TEMPORARY_FIX", "WORKAROUND", "UNAVAILABLE", "NOT_DEFINED" ] - }, - "confidenceType": { - "type": "string", - "enum": [ "UNKNOWN", "REASONABLE", "CONFIRMED", "NOT_DEFINED" ] - }, - "ciaRequirementType": { - "type": "string", - "enum": [ "LOW", "MEDIUM", "HIGH", "NOT_DEFINED" ] - }, - "scoreType": { - "type": "number", - "minimum": 0, - "maximum": 10 - }, - "severityType": { - "type": "string", - "enum": [ "NONE", "LOW", "MEDIUM", "HIGH", "CRITICAL" ] - } - }, - "properties": { - "version": { - "description": "CVSS Version", - "type": "string", - "enum": [ "3.1" ] - }, - "vectorString": { - "type": "string", - "pattern": "^CVSS:3[.]1/((AV:[NALP]|AC:[LH]|PR:[NLH]|UI:[NR]|S:[UC]|[CIA]:[NLH]|E:[XUPFH]|RL:[XOTWU]|RC:[XURC]|[CIA]R:[XLMH]|MAV:[XNALP]|MAC:[XLH]|MPR:[XNLH]|MUI:[XNR]|MS:[XUC]|M[CIA]:[XNLH])/)*(AV:[NALP]|AC:[LH]|PR:[NLH]|UI:[NR]|S:[UC]|[CIA]:[NLH]|E:[XUPFH]|RL:[XOTWU]|RC:[XURC]|[CIA]R:[XLMH]|MAV:[XNALP]|MAC:[XLH]|MPR:[XNLH]|MUI:[XNR]|MS:[XUC]|M[CIA]:[XNLH])$" - }, - "attackVector": { "$ref": "#/definitions/attackVectorType" }, - "attackComplexity": { "$ref": "#/definitions/attackComplexityType" }, - "privilegesRequired": { "$ref": "#/definitions/privilegesRequiredType" }, - "userInteraction": { "$ref": "#/definitions/userInteractionType" }, - "scope": { "$ref": "#/definitions/scopeType" }, - "confidentialityImpact": { "$ref": "#/definitions/ciaType" }, - "integrityImpact": { "$ref": "#/definitions/ciaType" }, - "availabilityImpact": { "$ref": "#/definitions/ciaType" }, - "baseScore": { "$ref": "#/definitions/scoreType" }, - "baseSeverity": { "$ref": "#/definitions/severityType" }, - "exploitCodeMaturity": { "$ref": "#/definitions/exploitCodeMaturityType" }, - "remediationLevel": { "$ref": "#/definitions/remediationLevelType" }, - "reportConfidence": { "$ref": "#/definitions/confidenceType" }, - "temporalScore": { "$ref": "#/definitions/scoreType" }, - "temporalSeverity": { "$ref": "#/definitions/severityType" }, - "confidentialityRequirement": { "$ref": "#/definitions/ciaRequirementType" }, - "integrityRequirement": { "$ref": "#/definitions/ciaRequirementType" }, - "availabilityRequirement": { "$ref": "#/definitions/ciaRequirementType" }, - "modifiedAttackVector": { "$ref": "#/definitions/modifiedAttackVectorType" }, - "modifiedAttackComplexity": { "$ref": "#/definitions/modifiedAttackComplexityType" }, - "modifiedPrivilegesRequired": { "$ref": "#/definitions/modifiedPrivilegesRequiredType" }, - "modifiedUserInteraction": { "$ref": "#/definitions/modifiedUserInteractionType" }, - "modifiedScope": { "$ref": "#/definitions/modifiedScopeType" }, - "modifiedConfidentialityImpact": { "$ref": "#/definitions/modifiedCiaType" }, - "modifiedIntegrityImpact": { "$ref": "#/definitions/modifiedCiaType" }, - "modifiedAvailabilityImpact": { "$ref": "#/definitions/modifiedCiaType" }, - "environmentalScore": { "$ref": "#/definitions/scoreType" }, - "environmentalSeverity": { "$ref": "#/definitions/severityType" } - }, - "required": [ "version", "vectorString", "baseScore", "baseSeverity" ] -} \ No newline at end of file diff --git a/open-vulnerability-clients/src/main/resources/json/cvss-v4.0.json b/open-vulnerability-clients/src/main/resources/json/cvss-v4.0.json deleted file mode 100644 index 9a7d9da8..00000000 --- a/open-vulnerability-clients/src/main/resources/json/cvss-v4.0.json +++ /dev/null @@ -1,387 +0,0 @@ -{ - "license": [ - "Copyright (c) 2023, FIRST.ORG, INC.", - "All rights reserved.", - "", - "Redistribution and use in source and binary forms, with or without modification, are permitted provided that the ", - "following conditions are met:", - "1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following ", - " disclaimer.", - "2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the ", - " following disclaimer in the documentation and/or other materials provided with the distribution.", - "3. Neither the name of the copyright holder nor the names of its contributors may be used to endorse or promote ", - " products derived from this software without specific prior written permission.", - "", - "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 'AS IS' AND ANY EXPRESS OR IMPLIED WARRANTIES, ", - "INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE ", - "DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, ", - "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR ", - "SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, ", - "WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE ", - "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE." - ], - - "$schema": "http://json-schema.org/draft-07/schema#", - "title": "JSON Schema for Common Vulnerability Scoring System version 4.0", - "$id": "https://www.first.org/cvss/cvss-v4.0.json?20240216", - "type": "object", - "definitions": { - "attackVectorType": { - "type": "string", - "enum": [ "NETWORK", "ADJACENT", "LOCAL", "PHYSICAL" ] - }, - "modifiedAttackVectorType": { - "type": "string", - "enum": [ "NETWORK", "ADJACENT", "LOCAL", "PHYSICAL", "NOT_DEFINED" ], - "default": "NOT_DEFINED" - }, - "attackComplexityType": { - "type": "string", - "enum": [ "HIGH", "LOW" ] - }, - "modifiedAttackComplexityType": { - "type": "string", - "enum": [ "HIGH", "LOW", "NOT_DEFINED" ], - "default": "NOT_DEFINED" - }, - "attackRequirementsType": { - "type": "string", - "enum": [ "NONE", "PRESENT" ] - }, - "modifiedAttackRequirementsType": { - "type": "string", - "enum": [ "NONE", "PRESENT", "NOT_DEFINED" ], - "default": "NOT_DEFINED" - }, - "privilegesRequiredType": { - "type": "string", - "enum": [ "HIGH", "LOW", "NONE" ] - }, - "modifiedPrivilegesRequiredType": { - "type": "string", - "enum": [ "HIGH", "LOW", "NONE", "NOT_DEFINED" ], - "default": "NOT_DEFINED" - }, - "userInteractionType": { - "type": "string", - "enum": [ "NONE", "PASSIVE", "ACTIVE" ] - }, - "modifiedUserInteractionType": { - "type": "string", - "enum": [ "NONE", "PASSIVE", "ACTIVE", "NOT_DEFINED" ], - "default": "NOT_DEFINED" - }, - "vulnCiaType": { - "type": "string", - "enum": [ "NONE", "LOW", "HIGH" ] - }, - "modifiedVulnCiaType": { - "type": "string", - "enum": [ "NONE", "LOW", "HIGH", "NOT_DEFINED" ], - "default": "NOT_DEFINED" - }, - "subCiaType": { - "type": "string", - "enum": [ "NONE", "LOW", "HIGH" ] - }, - "modifiedSubCType": { - "type": "string", - "enum": [ "NEGLIGIBLE", "LOW", "HIGH", "NOT_DEFINED" ], - "default": "NOT_DEFINED" - }, - "modifiedSubIaType": { - "type": "string", - "enum": [ "NEGLIGIBLE", "LOW", "HIGH", "SAFETY", "NOT_DEFINED" ], - "default": "NOT_DEFINED" - }, - "exploitMaturityType": { - "type": "string", - "enum": [ "UNREPORTED", "PROOF_OF_CONCEPT", "ATTACKED", "NOT_DEFINED" ], - "default": "NOT_DEFINED" - }, - "ciaRequirementType": { - "type": "string", - "enum": [ "LOW", "MEDIUM", "HIGH", "NOT_DEFINED" ], - "default": "NOT_DEFINED" - }, - "safetyType": { - "type": "string", - "enum": [ "NEGLIGIBLE", "PRESENT", "NOT_DEFINED" ], - "default": "NOT_DEFINED" - }, - "automatableType": { - "type": "string", - "enum": [ "NO", "YES", "NOT_DEFINED" ], - "default": "NOT_DEFINED" - }, - "recoveryType": { - "type": "string", - "enum": [ "AUTOMATIC", "USER", "IRRECOVERABLE", "NOT_DEFINED" ], - "default": "NOT_DEFINED" - }, - "valueDensityType": { - "type": "string", - "enum": [ "DIFFUSE", "CONCENTRATED", "NOT_DEFINED" ], - "default": "NOT_DEFINED" - }, - "vulnerabilityResponseEffortType": { - "type": "string", - "enum": [ "LOW", "MODERATE", "HIGH", "NOT_DEFINED" ], - "default": "NOT_DEFINED" - }, - "providerUrgencyType": { - "type": "string", - "enum": [ "CLEAR", "GREEN", "AMBER", "RED", "NOT_DEFINED" ], - "default": "NOT_DEFINED" - }, - "noneScoreType": { - "type": "number", - "minimum": 0.0, - "maximum": 0.0 - }, - "lowScoreType": { - "type": "number", - "minimum": 0.1, - "maximum": 3.9, - "multipleOf": 0.1 - }, - "mediumScoreType": { - "type": "number", - "minimum": 4.0, - "maximum": 6.9, - "multipleOf": 0.1 - }, - "highScoreType": { - "type": "number", - "minimum": 7.0, - "maximum": 8.9, - "multipleOf": 0.1 - }, - "criticalScoreType": { - "type": "number", - "minimum": 9.0, - "maximum": 10, - "multipleOf": 0.1 - }, - "noneSeverityType": { - "const": "NONE" - }, - "lowSeverityType": { - "const": "LOW" - }, - "mediumSeverityType": { - "const": "MEDIUM" - }, - "highSeverityType": { - "const": "HIGH" - }, - "criticalSeverityType": { - "const": "CRITICAL" - } - }, - "properties": { - "version": { - "description": "CVSS Version", - "type": "string", - "enum": [ "4.0" ] - }, - "vectorString": { - "type": "string", - "pattern": "^CVSS:4[.]0\/AV:[NALP]\/AC:[LH]\/AT:[NP]\/PR:[NLH]\/UI:[NPA]\/VC:[HLN]\/VI:[HLN]\/VA:[HLN]\/SC:[HLN]\/SI:[HLN]\/SA:[HLN](\/E:[XAPU])?(\/CR:[XHML])?(\/IR:[XHML])?(\/AR:[XHML])?(\/MAV:[XNALP])?(\/MAC:[XLH])?(\/MAT:[XNP])?(\/MPR:[XNLH])?(\/MUI:[XNPA])?(\/MVC:[XNLH])?(\/MVI:[XNLH])?(\/MVA:[XNLH])?(\/MSC:[XNLH])?(\/MSI:[XNLHS])?(\/MSA:[XNLHS])?(\/S:[XNP])?(\/AU:[XNY])?(\/R:[XAUI])?(\/V:[XDC])?(\/RE:[XLMH])?(\/U:(X|Clear|Green|Amber|Red))?$" - }, - "attackVector": { "$ref": "#/definitions/attackVectorType" }, - "attackComplexity": { "$ref": "#/definitions/attackComplexityType" }, - "attackRequirements": { "$ref": "#/definitions/attackRequirementsType" }, - "privilegesRequired": { "$ref": "#/definitions/privilegesRequiredType" }, - "userInteraction": { "$ref": "#/definitions/userInteractionType" }, - "vulnConfidentialityImpact": { "$ref": "#/definitions/vulnCiaType" }, - "vulnIntegrityImpact": { "$ref": "#/definitions/vulnCiaType" }, - "vulnAvailabilityImpact": { "$ref": "#/definitions/vulnCiaType" }, - "subConfidentialityImpact": { "$ref": "#/definitions/subCiaType" }, - "subIntegrityImpact": { "$ref": "#/definitions/subCiaType" }, - "subAvailabilityImpact": { "$ref": "#/definitions/subCiaType" }, - "exploitMaturity": { "$ref": "#/definitions/exploitMaturityType" }, - "confidentialityRequirement": { "$ref": "#/definitions/ciaRequirementType" }, - "integrityRequirement": { "$ref": "#/definitions/ciaRequirementType" }, - "availabilityRequirement": { "$ref": "#/definitions/ciaRequirementType" }, - "modifiedAttackVector": { "$ref": "#/definitions/modifiedAttackVectorType" }, - "modifiedAttackComplexity": { "$ref": "#/definitions/modifiedAttackComplexityType" }, - "modifiedAttackRequirements": { "$ref": "#/definitions/modifiedAttackRequirementsType" }, - "modifiedPrivilegesRequired": { "$ref": "#/definitions/modifiedPrivilegesRequiredType" }, - "modifiedUserInteraction": { "$ref": "#/definitions/modifiedUserInteractionType" }, - "modifiedVulnConfidentialityImpact": { "$ref": "#/definitions/modifiedVulnCiaType" }, - "modifiedVulnIntegrityImpact": { "$ref": "#/definitions/modifiedVulnCiaType" }, - "modifiedVulnAvailabilityImpact": { "$ref": "#/definitions/modifiedVulnCiaType" }, - "modifiedSubConfidentialityImpact": { "$ref": "#/definitions/modifiedSubCType" }, - "modifiedSubIntegrityImpact": { "$ref": "#/definitions/modifiedSubIaType" }, - "modifiedSubAvailabilityImpact": { "$ref": "#/definitions/modifiedSubIaType" }, - "Safety": { "$ref": "#/definitions/safetyType" }, - "Automatable": { "$ref": "#/definitions/automatableType" }, - "Recovery": { "$ref": "#/definitions/recoveryType" }, - "valueDensity": { "$ref": "#/definitions/valueDensityType" }, - "vulnerabilityResponseEffort": { "$ref": "#/definitions/vulnerabilityResponseEffortType" }, - "providerUrgency": { "$ref": "#/definitions/providerUrgencyType" } - }, - "allOf": [ - { - "anyOf": [{ - "properties": { - "baseScore" : { - "$ref": "#/definitions/noneScoreType" - }, - "baseSeverity" : { - "$ref": "#/definitions/noneSeverityType" - } - } - }, - { - "properties": { - "baseScore" : { - "$ref": "#/definitions/lowScoreType" - }, - "baseSeverity" : { - "$ref": "#/definitions/lowSeverityType" - } - } - }, - { - "properties": { - "baseScore" : { - "$ref": "#/definitions/mediumScoreType" - }, - "baseSeverity" : { - "$ref": "#/definitions/mediumSeverityType" - } - } - }, - { - "properties": { - "baseScore" : { - "$ref": "#/definitions/highScoreType" - }, - "baseSeverity" : { - "$ref": "#/definitions/highSeverityType" - } - } - }, - { - "properties": { - "baseScore" : { - "$ref": "#/definitions/criticalScoreType" - }, - "baseSeverity" : { - "$ref": "#/definitions/criticalSeverityType" - } - } - }] - }, - { - "anyOf": [{ - "properties": { - "threatScore" : { - "$ref": "#/definitions/noneScoreType" - }, - "threatSeverity" : { - "$ref": "#/definitions/noneSeverityType" - } - } - }, - { - "properties": { - "threatScore" : { - "$ref": "#/definitions/lowScoreType" - }, - "threatSeverity" : { - "$ref": "#/definitions/lowSeverityType" - } - } - }, - { - "properties": { - "threatScore" : { - "$ref": "#/definitions/mediumScoreType" - }, - "threatSeverity" : { - "$ref": "#/definitions/mediumSeverityType" - } - } - }, - { - "properties": { - "threatScore" : { - "$ref": "#/definitions/highScoreType" - }, - "threatSeverity" : { - "$ref": "#/definitions/highSeverityType" - } - } - }, - { - "properties": { - "threatScore" : { - "$ref": "#/definitions/criticalScoreType" - }, - "threatSeverity" : { - "$ref": "#/definitions/criticalSeverityType" - } - } - } - ] - }, - { - "anyOf": [ - { - "properties": { - "environmentalScore" : { - "$ref": "#/definitions/noneScoreType" - }, - "environmentalSeverity" : { - "$ref": "#/definitions/noneSeverityType" - } - } - }, - { - "properties": { - "environmentalScore" : { - "$ref": "#/definitions/lowScoreType" - }, - "environmentalSeverity" : { - "$ref": "#/definitions/lowSeverityType" - } - } - }, - { - "properties": { - "environmentalScore" : { - "$ref": "#/definitions/mediumScoreType" - }, - "environmentalSeverity" : { - "$ref": "#/definitions/mediumSeverityType" - } - } - }, - { - "properties": { - "environmentalScore" : { - "$ref": "#/definitions/highScoreType" - }, - "environmentalSeverity" : { - "$ref": "#/definitions/highSeverityType" - } - } - }, - { - "properties": { - "environmentalScore" : { - "$ref": "#/definitions/criticalScoreType" - }, - "environmentalSeverity" : { - "$ref": "#/definitions/criticalSeverityType" - } - } - } - ] - } - ], - "required": [ "version", "vectorString", "baseScore", "baseSeverity" ] -} \ No newline at end of file diff --git a/open-vulnerability-clients/src/main/resources/securityAdvisories.mustache b/open-vulnerability-clients/src/main/resources/securityAdvisories.mustache deleted file mode 100644 index cf879e1f..00000000 --- a/open-vulnerability-clients/src/main/resources/securityAdvisories.mustache +++ /dev/null @@ -1,92 +0,0 @@ -query { - rateLimit { - limit - cost - remaining - resetAt - } - securityAdvisories(first: 100 - orderBy: {field: UPDATED_AT, direction: ASC} - {{#updatedSince}}updatedSince: "{{updatedSince}}" {{/updatedSince}} - {{#publishedSince}}publishedSince: "{{publishedSince}}" {{/publishedSince}} - {{#classifications}}classifications: {{classifications}} {{/classifications}} - {{#after}}after: "{{after}}" {{/after}} - ) { - nodes { - databaseId - description - ghsaId - id - identifiers { - type - value - } - notificationsPermalink - origin - permalink - publishedAt - references { - url - } - severity - summary - updatedAt - vulnerabilities(first: 100, orderBy: {field: UPDATED_AT, direction: ASC}) { - edges { - node { - severity - updatedAt - firstPatchedVersion { - identifier - } - vulnerableVersionRange - package { - ecosystem - name - } - } - } - totalCount - pageInfo { - hasNextPage - endCursor - } - } - classification - cvss { - score - vectorString - } - cvssSeverities { - cvssV3 { - score - vectorString - } - cvssV4 { - score - vectorString - } - } - cwes(first: 50) { - edges { - node { - cweId - name - description - } - } - totalCount - pageInfo { - hasNextPage - endCursor - } - } - withdrawnAt - } - totalCount - pageInfo { - hasNextPage - endCursor - } - } -} diff --git a/open-vulnerability-clients/src/main/resources/securityAdvisoryCwes.mustache b/open-vulnerability-clients/src/main/resources/securityAdvisoryCwes.mustache deleted file mode 100644 index c9a82a7e..00000000 --- a/open-vulnerability-clients/src/main/resources/securityAdvisoryCwes.mustache +++ /dev/null @@ -1,25 +0,0 @@ -{ - rateLimit { - limit - cost - remaining - resetAt - } - securityAdvisory(ghsaId: "{{ghsaId}}") { - databaseId - cwes(first: 50{{#after}}, after: "{{after}}" {{/after}}) { - edges { - node { - cweId - name - description - } - } - totalCount - pageInfo { - hasNextPage - endCursor - } - } - } - } diff --git a/open-vulnerability-clients/src/main/resources/securityAdvisoryVulnerabilities.mustache b/open-vulnerability-clients/src/main/resources/securityAdvisoryVulnerabilities.mustache deleted file mode 100644 index 12b0149a..00000000 --- a/open-vulnerability-clients/src/main/resources/securityAdvisoryVulnerabilities.mustache +++ /dev/null @@ -1,34 +0,0 @@ -{ - rateLimit { - limit - cost - remaining - resetAt - } - securityAdvisory(ghsaId: "{{ghsaId}}") { - databaseId - vulnerabilities(first: 100 - {{#after}}after: "{{after}}" {{/after}} - orderBy: {field: UPDATED_AT, direction: ASC}) { - edges { - node { - severity - updatedAt - firstPatchedVersion { - identifier - } - vulnerableVersionRange - package { - ecosystem - name - } - } - } - totalCount - pageInfo { - hasNextPage - endCursor - } - } - } - } diff --git a/open-vulnerability-clients/src/test/java/io/github/jeremylong/openvulnerability/client/ghsa/GitHubSecurityAdvisoryClientTest.java b/open-vulnerability-clients/src/test/java/io/github/jeremylong/openvulnerability/client/ghsa/GitHubSecurityAdvisoryClientTest.java deleted file mode 100644 index 7a55d37d..00000000 --- a/open-vulnerability-clients/src/test/java/io/github/jeremylong/openvulnerability/client/ghsa/GitHubSecurityAdvisoryClientTest.java +++ /dev/null @@ -1,67 +0,0 @@ -/* - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * Copyright (c) 2023-2025 Jeremy Long. All Rights Reserved. - */ -package io.github.jeremylong.openvulnerability.client.ghsa; - -import io.github.jeremylong.openvulnerability.client.RecordDataSource; -import org.junit.jupiter.api.Assumptions; -import org.junit.jupiter.api.Test; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import java.time.ZoneOffset; -import java.time.ZonedDateTime; - -class GitHubSecurityAdvisoryClientTest { - - private static final Logger LOG = LoggerFactory.getLogger(GitHubSecurityAdvisoryClientTest.class); - - ZonedDateTime retrieveLastUpdated() { - // TODO implement a storage/retrieval mechanism for the last updated date. - - return ZonedDateTime.now(ZoneOffset.UTC).minusDays(5); - } - - void storeLastUpdated(ZonedDateTime lastUpdated) { - // TODO implement a storage/retrieval mechanism for the last update time. - } - - @Test - void testNext() throws Exception { - String apiKey = System.getenv("GITHUB_TOKEN"); - - Assumptions.assumeTrue(apiKey != null, "env GITHUB_TOKEN not found - skipping test"); - Assumptions.assumeFalse(apiKey.startsWith("op:"), - "env GITHUB_TOKEN found protected with 1password - skipping test"); - - GitHubSecurityAdvisoryClientBuilder builder = GitHubSecurityAdvisoryClientBuilder - .aGitHubSecurityAdvisoryClient().withApiKey(apiKey); - ZonedDateTime lastUpdated = retrieveLastUpdated(); - if (lastUpdated != null) { - builder.withUpdatedSinceFilter(lastUpdated); - } - try (GitHubSecurityAdvisoryClient api = builder.build(); - RecordDataSource client = new RecordDataSource<>(api)) { - - if (client.hasNext()) { - SecurityAdvisory result = client.next(); - // TODO do something useful with the SecurityAdvisories - System.out.println("Retrieved " + result.getGhsaId()); - } - storeLastUpdated(client.getLastUpdated()); - } - } -} diff --git a/open-vulnerability-clients/src/test/java/io/github/jeremylong/openvulnerability/client/ghsa/SerializationTest.java b/open-vulnerability-clients/src/test/java/io/github/jeremylong/openvulnerability/client/ghsa/SerializationTest.java deleted file mode 100644 index c94a0c99..00000000 --- a/open-vulnerability-clients/src/test/java/io/github/jeremylong/openvulnerability/client/ghsa/SerializationTest.java +++ /dev/null @@ -1,56 +0,0 @@ -/* - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * Copyright (c) 2023-2025 Jeremy Long. All Rights Reserved. - */ -package io.github.jeremylong.openvulnerability.client.ghsa; - -import com.fasterxml.jackson.databind.ObjectMapper; -import com.fasterxml.jackson.databind.SerializationFeature; -import com.fasterxml.jackson.datatype.jsr310.JavaTimeModule; -import org.junit.jupiter.api.Test; - -import java.io.BufferedReader; -import java.io.IOException; -import java.io.InputStreamReader; -import java.nio.charset.StandardCharsets; -import java.util.Objects; -import java.util.stream.Collectors; - -import static org.junit.jupiter.api.Assertions.assertEquals; - -public class SerializationTest { - - @Test - void thereAndBackAgain() throws IOException { - ObjectMapper objectMapper = new ObjectMapper(); - objectMapper.registerModule(new JavaTimeModule()); - objectMapper.disable(SerializationFeature.WRITE_DATES_AS_TIMESTAMPS); - - String json; - try (BufferedReader r = new BufferedReader(new InputStreamReader( - Objects.requireNonNull(this.getClass().getClassLoader().getResourceAsStream("advisories.json")), - StandardCharsets.UTF_8))) { - json = r.lines().collect(Collectors.joining("\n")); - } - SecurityAdvisories current = objectMapper.readValue(json, SecurityAdvisories.class); - assertEquals(5000, current.getRateLimit().getLimit()); - - String serialized = objectMapper.writeValueAsString(current); - SecurityAdvisories hydrated = objectMapper.readValue(serialized, SecurityAdvisories.class); - String reserialized = objectMapper.writeValueAsString(hydrated); - assertEquals(serialized, reserialized); - - } -} diff --git a/open-vulnerability-clients/src/test/java/io/github/jeremylong/openvulnerability/client/kev/SerializationTest.java b/open-vulnerability-clients/src/test/java/io/github/jeremylong/openvulnerability/client/kev/SerializationTest.java deleted file mode 100644 index c4590f27..00000000 --- a/open-vulnerability-clients/src/test/java/io/github/jeremylong/openvulnerability/client/kev/SerializationTest.java +++ /dev/null @@ -1,57 +0,0 @@ -/* - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * Copyright (c) 2023-2025 Jeremy Long. All Rights Reserved. - */ -package io.github.jeremylong.openvulnerability.client.kev; - -import com.fasterxml.jackson.databind.ObjectMapper; -import com.fasterxml.jackson.databind.SerializationFeature; -import com.fasterxml.jackson.datatype.jsr310.JavaTimeModule; -import io.github.jeremylong.openvulnerability.client.ghsa.SecurityAdvisories; -import org.junit.jupiter.api.Test; - -import java.io.BufferedReader; -import java.io.IOException; -import java.io.InputStreamReader; -import java.nio.charset.StandardCharsets; -import java.util.stream.Collectors; - -import static org.junit.jupiter.api.Assertions.assertEquals; -import static org.junit.jupiter.api.Assertions.assertTrue; - -public class SerializationTest { - - @Test - void thereAndBackAgain() throws IOException { - ObjectMapper objectMapper = new ObjectMapper(); - objectMapper.registerModule(new JavaTimeModule()); - objectMapper.disable(SerializationFeature.WRITE_DATES_AS_TIMESTAMPS); - - String json; - try (BufferedReader r = new BufferedReader(new InputStreamReader( - this.getClass().getClassLoader().getResourceAsStream("known_exploited_vulnerabilities.json"), - StandardCharsets.UTF_8))) { - json = r.lines().collect(Collectors.joining("\n")); - } - KevCatalog current = objectMapper.readValue(json, KevCatalog.class); - assertEquals(922, current.getCount()); - - String serialized = objectMapper.writeValueAsString(current); - KevCatalog hydrated = objectMapper.readValue(serialized, KevCatalog.class); - String reserialized = objectMapper.writeValueAsString(hydrated); - assertTrue(serialized.equals(reserialized)); - - } -} diff --git a/open-vulnerability-clients/src/test/java/io/github/jeremylong/openvulnerability/client/nvd/NvdCveClientIntegrationTest.java b/open-vulnerability-clients/src/test/java/io/github/jeremylong/openvulnerability/client/nvd/NvdCveClientIntegrationTest.java deleted file mode 100644 index ee30b0a3..00000000 --- a/open-vulnerability-clients/src/test/java/io/github/jeremylong/openvulnerability/client/nvd/NvdCveClientIntegrationTest.java +++ /dev/null @@ -1,73 +0,0 @@ -/* - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * Copyright (c) 2022-2025 Jeremy Long. All Rights Reserved. - */ -package io.github.jeremylong.openvulnerability.client.nvd; - -import org.junit.jupiter.api.Assumptions; -import org.junit.jupiter.api.Test; -import org.junit.jupiter.api.Timeout; - -import java.time.ZoneOffset; -import java.time.ZonedDateTime; -import java.util.Collection; -import java.util.concurrent.TimeUnit; - -import static org.junit.jupiter.api.Assertions.assertFalse; -import static org.junit.jupiter.api.Assertions.assertTrue; - -class NvdCveClientIntegrationTest { - - ZonedDateTime retrieveLastUpdated() { - // TODO implement a storage/retrieval mechanism. - return ZonedDateTime.now(ZoneOffset.UTC).minusDays(5); - } - - void storeLasUpdated(ZonedDateTime lastUpdated) { - // TODO implement a storage/retrieval mechanism. - } - - @Test - @Timeout(value = 2, unit = TimeUnit.MINUTES) - public void update() { - String apiKey = System.getenv("NVD_API_KEY"); - if (apiKey != null) { - Assumptions.assumeFalse(apiKey.startsWith("op:"), - "env NVD_API_KEY found protected with 1password - skipping test"); - } - - ZonedDateTime lastModifiedRequest = retrieveLastUpdated(); - NvdCveClientBuilder builder = NvdCveClientBuilder.aNvdCveApi(); - if (lastModifiedRequest != null) { - ZonedDateTime end = lastModifiedRequest.minusDays(-120); - builder.withLastModifiedFilter(lastModifiedRequest, end); - } - // TODO add any additional filters via the builder's `withfilter()` - - try (NvdCveClient api = builder.withApiKey(apiKey).withMaxPageCount(1).build()) { - // in a real world case - `while` would be used instead of `if` - if (api.hasNext()) { - Collection items = api.next(); - - assertFalse(items::isEmpty, "Should receive at least 1 item from first API call"); - - items.stream().findFirst() - .ifPresent(i -> assertTrue(() -> i.getCve().getId() != null, "CVE ID should not be null")); - } - lastModifiedRequest = api.getLastUpdated(); - } - storeLasUpdated(lastModifiedRequest); - } -} \ No newline at end of file diff --git a/open-vulnerability-clients/src/test/java/io/github/jeremylong/openvulnerability/client/nvd/NvdCveClientTest.java b/open-vulnerability-clients/src/test/java/io/github/jeremylong/openvulnerability/client/nvd/NvdCveClientTest.java deleted file mode 100644 index 346b28df..00000000 --- a/open-vulnerability-clients/src/test/java/io/github/jeremylong/openvulnerability/client/nvd/NvdCveClientTest.java +++ /dev/null @@ -1,41 +0,0 @@ -/* - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * Copyright (c) 2022-2025 Jeremy Long. All Rights Reserved. - */ -package io.github.jeremylong.openvulnerability.client.nvd; - -import org.junit.jupiter.api.Assumptions; -import org.junit.jupiter.api.Test; -import org.junit.jupiter.api.Timeout; - -import java.time.ZoneOffset; -import java.time.ZonedDateTime; -import java.util.Collection; -import java.util.concurrent.TimeUnit; - -import static org.junit.jupiter.api.Assertions.assertEquals; -import static org.junit.jupiter.api.Assertions.assertFalse; -import static org.junit.jupiter.api.Assertions.assertTrue; - -class NvdCveClientTest { - - @Test - public void parseResultsPerPageTest() { - NvdCveClient client = new NvdCveClient(null, null, 1, 1); - client.setResultsPerPage(2000); - int recordsPerPage = client.parseResultsPerPage("resultsPerPage parameter cannot exceed 1000."); - assertEquals(1000, recordsPerPage, "Incorrect records per page value parsed"); - } -} \ No newline at end of file diff --git a/open-vulnerability-clients/src/test/java/io/github/jeremylong/openvulnerability/client/nvd/RateMeterTest.java b/open-vulnerability-clients/src/test/java/io/github/jeremylong/openvulnerability/client/nvd/RateMeterTest.java deleted file mode 100644 index 8881c3f1..00000000 --- a/open-vulnerability-clients/src/test/java/io/github/jeremylong/openvulnerability/client/nvd/RateMeterTest.java +++ /dev/null @@ -1,48 +0,0 @@ -/* - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * Copyright (c) 2022-2025 Jeremy Long. All Rights Reserved. - */ -package io.github.jeremylong.openvulnerability.client.nvd; - -import org.junit.jupiter.api.Test; - -import static org.junit.jupiter.api.Assertions.assertTrue; - -class RateMeterTest { - - @Test - void check() throws Exception { - // ensure we can request up to the quantity in under the duration - int durationLimit = 500; - int queueSize = 2; - RateMeter instance = new RateMeter(queueSize, durationLimit); - long startTime = System.currentTimeMillis(); - instance.getTicket().close(); - instance.getTicket().close(); - long endTime = System.currentTimeMillis(); - long duration = endTime - startTime; - assertTrue(duration < durationLimit, "duration: " + duration); - - // ensure requesting more than the quantity we are delayed - instance = new RateMeter(queueSize, durationLimit); - startTime = System.currentTimeMillis(); - instance.getTicket().close(); - instance.getTicket().close(); - instance.getTicket().close(); - endTime = System.currentTimeMillis(); - duration = endTime - startTime; - assertTrue(duration >= durationLimit, "duration: " + duration); - } -} \ No newline at end of file diff --git a/open-vulnerability-clients/src/test/java/io/github/jeremylong/openvulnerability/client/nvd/SerializationTest.java b/open-vulnerability-clients/src/test/java/io/github/jeremylong/openvulnerability/client/nvd/SerializationTest.java deleted file mode 100644 index 55e1e655..00000000 --- a/open-vulnerability-clients/src/test/java/io/github/jeremylong/openvulnerability/client/nvd/SerializationTest.java +++ /dev/null @@ -1,55 +0,0 @@ -/* - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * Copyright (c) 2022-2025 Jeremy Long. All Rights Reserved. - */ -package io.github.jeremylong.openvulnerability.client.nvd; - -import com.fasterxml.jackson.databind.ObjectMapper; -import com.fasterxml.jackson.datatype.jsr310.JavaTimeModule; -import org.junit.jupiter.api.Test; - -import java.io.BufferedReader; -import java.io.IOException; -import java.io.InputStreamReader; -import java.nio.charset.StandardCharsets; -import java.util.stream.Collectors; - -import static org.junit.jupiter.api.Assertions.assertEquals; -import static org.junit.jupiter.api.Assertions.assertTrue; - -class SerializationTest { - - @Test - void thereAndBackAgain() throws IOException { - ObjectMapper objectMapper = new ObjectMapper(); - objectMapper.registerModule(new JavaTimeModule()); - String json; - try (BufferedReader r = new BufferedReader(new InputStreamReader( - this.getClass().getClassLoader().getResourceAsStream("nvd.json"), StandardCharsets.UTF_8))) { - json = r.lines().collect(Collectors.joining("\n")); - } - CveApiJson20 current = objectMapper.readValue(json, CveApiJson20.class); - assertEquals(2001, current.getVulnerabilities().size()); - - String serialized = objectMapper.writeValueAsString(current); - CveApiJson20 hydrated = objectMapper.readValue(serialized, CveApiJson20.class); - String reserialized = objectMapper.writeValueAsString(hydrated); - assertTrue(serialized.equals(reserialized)); - - // String fixedInput = json.replaceAll("\\\\/","\\/") - // .replaceAll("T00:00:00\\.00\"","T00:00:00.000\""); - // assertTrue(fixedInput.equals(reserialized)); - } -} \ No newline at end of file diff --git a/open-vulnerability-clients/src/test/resources/advisories.json b/open-vulnerability-clients/src/test/resources/advisories.json deleted file mode 100644 index f3b8a40f..00000000 --- a/open-vulnerability-clients/src/test/resources/advisories.json +++ /dev/null @@ -1,912 +0,0 @@ -{ - "data": { - "rateLimit": { - "limit": 5000, - "cost": 1, - "remaining": 5000, - "resetAt": "2023-02-11T14:04:20Z" - }, - "securityAdvisories": { - "nodes": [ - { - "databaseId": 1275, - "description": "In Bootstrap 4 before 4.3.1 and Bootstrap 3 before 3.4.1, XSS is possible in the tooltip or popover data-template attribute. For more information, see: https://blog.getbootstrap.com/2019/02/13/bootstrap-4-3-1-and-3-4-1/", - "ghsaId": "GHSA-fxwm-579q-49qq", - "id": "MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZ4d20tNTc5cS00OXFx", - "identifiers": [ - { - "type": "GHSA", - "value": "GHSA-fxwm-579q-49qq" - }, - { - "type": "CVE", - "value": "CVE-2019-8331" - } - ], - "notificationsPermalink": "https://github.com/advisories/GHSA-fxwm-579q-49qq/dependabot", - "origin": "UNSPECIFIED", - "permalink": "https://github.com/advisories/GHSA-fxwm-579q-49qq", - "publishedAt": "2019-02-22T20:54:40Z", - "references": [ - { - "url": "https://github.com/advisories/GHSA-fxwm-579q-49qq" - } - ], - "severity": "MODERATE", - "summary": "Moderate severity vulnerability that affects Bootstrap.Less, bootstrap, and bootstrap.sass", - "updatedAt": "2021-12-03T14:54:43Z", - "vulnerabilities": { - "edges": [ - { - "node": { - "severity": "MODERATE", - "updatedAt": "2019-02-22T20:53:04Z", - "firstPatchedVersion": { - "identifier": "4.3.1" - }, - "vulnerableVersionRange": ">= 4.0.0, < 4.3.1", - "package": { - "ecosystem": "NUGET", - "name": "bootstrap" - } - } - }, - { - "node": { - "severity": "MODERATE", - "updatedAt": "2019-02-22T20:53:04Z", - "firstPatchedVersion": { - "identifier": "4.3.1" - }, - "vulnerableVersionRange": "< 4.3.1", - "package": { - "ecosystem": "NUGET", - "name": "bootstrap.sass" - } - } - }, - { - "node": { - "severity": "MODERATE", - "updatedAt": "2019-02-22T20:53:04Z", - "firstPatchedVersion": { - "identifier": "3.4.1" - }, - "vulnerableVersionRange": ">= 3.0.0, < 3.4.1", - "package": { - "ecosystem": "NUGET", - "name": "bootstrap" - } - } - }, - { - "node": { - "severity": "MODERATE", - "updatedAt": "2019-02-22T20:53:04Z", - "firstPatchedVersion": { - "identifier": "3.4.1" - }, - "vulnerableVersionRange": ">= 3.0.0, < 3.4.1", - "package": { - "ecosystem": "NUGET", - "name": "Bootstrap.Less" - } - } - } - ], - "totalCount": 4, - "pageInfo": { - "hasNextPage": false, - "hasPreviousPage": false, - "endCursor": "Y3Vyc29yOnYyOpK5MjAxOS0wMi0yMlQxNTo1MzowNC0wNTowMM0H6w==", - "startCursor": "Y3Vyc29yOnYyOpK5MjAxOS0wMi0yMlQxNTo1MzowNC0wNTowMM0H6A==" - } - }, - "cvss": { - "score": 0, - "vectorString": null - }, - "cwes": { - "edges": [], - "totalCount": 0, - "pageInfo": { - "hasNextPage": false, - "hasPreviousPage": false - } - }, - "withdrawnAt": null, - "classification": "GENERAL" - }, - { - "databaseId": 1276, - "description": "In Bootstrap 4 before 4.3.1 and Bootstrap 3 before 3.4.1, XSS is possible in the tooltip or popover data-template attribute. For more information, see: https://blog.getbootstrap.com/2019/02/13/bootstrap-4-3-1-and-3-4-1/", - "ghsaId": "GHSA-wh77-3x4m-4q9g", - "id": "MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXdoNzctM3g0bS00cTln", - "identifiers": [ - { - "type": "GHSA", - "value": "GHSA-wh77-3x4m-4q9g" - }, - { - "type": "CVE", - "value": "CVE-2019-8331" - } - ], - "notificationsPermalink": "https://github.com/advisories/GHSA-wh77-3x4m-4q9g/dependabot", - "origin": "UNSPECIFIED", - "permalink": "https://github.com/advisories/GHSA-wh77-3x4m-4q9g", - "publishedAt": "2019-02-22T20:54:27Z", - "references": [ - { - "url": "https://github.com/advisories/GHSA-wh77-3x4m-4q9g" - } - ], - "severity": "MODERATE", - "summary": "Moderate severity vulnerability that affects bootstrap and bootstrap-sass", - "updatedAt": "2021-12-03T14:54:43Z", - "vulnerabilities": { - "edges": [ - { - "node": { - "severity": "MODERATE", - "updatedAt": "2019-02-22T20:53:13Z", - "firstPatchedVersion": { - "identifier": "4.3.1" - }, - "vulnerableVersionRange": ">= 4.0.0, < 4.3.1", - "package": { - "ecosystem": "NPM", - "name": "bootstrap" - } - } - }, - { - "node": { - "severity": "MODERATE", - "updatedAt": "2019-02-22T20:53:13Z", - "firstPatchedVersion": { - "identifier": "3.4.1" - }, - "vulnerableVersionRange": ">= 3.0.0, < 3.4.1", - "package": { - "ecosystem": "NPM", - "name": "bootstrap" - } - } - }, - { - "node": { - "severity": "MODERATE", - "updatedAt": "2019-02-22T20:53:13Z", - "firstPatchedVersion": { - "identifier": "3.4.1" - }, - "vulnerableVersionRange": ">= 3.0.0, < 3.4.1", - "package": { - "ecosystem": "NPM", - "name": "bootstrap-sass" - } - } - } - ], - "totalCount": 3, - "pageInfo": { - "hasNextPage": false, - "hasPreviousPage": false, - "endCursor": "Y3Vyc29yOnYyOpK5MjAxOS0wMi0yMlQxNTo1MzoxMy0wNTowMM0H7g==", - "startCursor": "Y3Vyc29yOnYyOpK5MjAxOS0wMi0yMlQxNTo1MzoxMy0wNTowMM0H7A==" - } - }, - "cvss": { - "score": 0, - "vectorString": null - }, - "cwes": { - "edges": [], - "totalCount": 0, - "pageInfo": { - "hasNextPage": false, - "hasPreviousPage": false - } - }, - "withdrawnAt": null, - "classification": "GENERAL" - }, - { - "databaseId": 2660, - "description": "Versions of `dojo` prior to 1.2.0 are vulnerable to Cross-Site Scripting (XSS). The package fails to sanitize HTML code in user-controlled input, allowing attackers to execute arbitrary JavaScript in the victim's browser.\n\n\n## Recommendation\n\nUpgrade to version 1.2.0 or later.", - "ghsaId": "GHSA-p82g-2xpp-m5r3", - "id": "MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXA4MmctMnhwcC1tNXIz", - "identifiers": [ - { - "type": "GHSA", - "value": "GHSA-p82g-2xpp-m5r3" - }, - { - "type": "CVE", - "value": "CVE-2015-5654" - } - ], - "notificationsPermalink": "https://github.com/advisories/GHSA-p82g-2xpp-m5r3/dependabot", - "origin": "UNSPECIFIED", - "permalink": "https://github.com/advisories/GHSA-p82g-2xpp-m5r3", - "publishedAt": "2020-09-11T21:18:05Z", - "references": [ - { - "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5654" - }, - { - "url": "https://snyk.io/vuln/SNYK-JS-DOJO-174933" - }, - { - "url": "https://www.npmjs.com/advisories/973" - }, - { - "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5654" - }, - { - "url": "http://jvn.jp/en/jp/JVN13456571/index.html" - }, - { - "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000153" - }, - { - "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21975256" - }, - { - "url": "http://www.securityfocus.com/bid/77026" - }, - { - "url": "http://www.securitytracker.com/id/1034848" - }, - { - "url": "https://github.com/advisories/GHSA-p82g-2xpp-m5r3" - } - ], - "severity": "MODERATE", - "summary": "Cross-Site Scripting in dojo", - "updatedAt": "2023-01-06T05:01:55Z", - "vulnerabilities": { - "edges": [ - { - "node": { - "severity": "MODERATE", - "updatedAt": "2022-09-09T19:34:40Z", - "firstPatchedVersion": { - "identifier": "1.9.1" - }, - "vulnerableVersionRange": "< 1.2.0", - "package": { - "ecosystem": "NPM", - "name": "dojo" - } - } - } - ], - "totalCount": 1, - "pageInfo": { - "hasNextPage": false, - "hasPreviousPage": false, - "endCursor": "Y3Vyc29yOnYyOpK5MjAyMi0wOS0wOVQxNTozNDo0MC0wNDowMM0R1Q==", - "startCursor": "Y3Vyc29yOnYyOpK5MjAyMi0wOS0wOVQxNTozNDo0MC0wNDowMM0R1Q==" - } - }, - "cvss": { - "score": 5.4, - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" - }, - "cwes": { - "edges": [ - { - "node": { - "cweId": "CWE-79", - "name": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", - "description": "The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users." - } - } - ], - "totalCount": 1, - "pageInfo": { - "hasNextPage": false, - "hasPreviousPage": false - } - }, - "withdrawnAt": null, - "classification": "GENERAL" - }, - { - "databaseId": 2315, - "description": "### Impact\nServer JWT signing secret was included in static assets and served to clients.\n\nThis ALLOWS Flood's builtin authentication to be bypassed. Given Flood is granted access to rTorrent's SCGI interface (which is unprotected and ALLOWS arbitrary code execution) and usually wide-ranging privileges to files, along with Flood's lack of security controls against authenticated users, the severity of this vulnerability is **CRITICAL**. \n\n### Background\nCommit 8d11640b imported `config.js` to client (frontend) components to get `disableUsersAndAuth` configuration variable. Subsequently contents of `config.js` are compiled into static assets and served to users. Unfortunately `config.js` also includes `secret`.\n\nIntruders can use `secret` to sign authentication tokens themselves to bypass builtin access control of Flood.\n\n### Patches\nCommit 042cb4ce removed imports of `config.js` from client (frontend) components. Additionally an eslint rule was added to prevent config.js from being imported to client (frontend) components.\n\nCommit 103f53c8 provided a general mitigation to this kind of problem by searching static assets to ensure `secret` is not included before starting server (backend). \n\n### Workarounds\nUsers shall upgrade if they use Flood's builtin authentication system.\n\nWhile maintainers will do their best to support it, Flood cannot guarantee its in-house access control system can stand against determined attackers in high-stake environments. \n\n> Use `HTTP Basic Auth` or other battle-hardened authentication methods instead of Flood's in-house one. You can use `disableUsersAndAuth` to avoid duplicate authentication.\n\nUsers are advised to check out the [wiki](https://github.com/jesec/flood/wiki) for more information on security precautions.\n\n### References\n[Wiki - Security precautions](https://github.com/jesec/flood/wiki/Security-precautions)\n\n[Introduction to JSON Web Tokens](https://jwt.io/introduction/)\n\n### For more information\nIf you have any questions or comments about this advisory:\n* Open an issue in [issue tracker](https://github.com/jesec/flood/issues)\n* Email us at [jc@linux.com](mailto:jc@linux.com)", - "ghsaId": "GHSA-r587-7jh2-4qr3", - "id": "MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXI1ODctN2poMi00cXIz", - "identifiers": [ - { - "type": "GHSA", - "value": "GHSA-r587-7jh2-4qr3" - } - ], - "notificationsPermalink": "https://github.com/advisories/GHSA-r587-7jh2-4qr3/dependabot", - "origin": "UNSPECIFIED", - "permalink": "https://github.com/advisories/GHSA-r587-7jh2-4qr3", - "publishedAt": "2020-08-26T19:32:50Z", - "references": [ - { - "url": "https://github.com/jesec/flood/security/advisories/GHSA-r587-7jh2-4qr3" - }, - { - "url": "https://github.com/jesec/flood/commit/103f53c8d2963584e41bcf46ccc6fe0fabf179ca" - }, - { - "url": "https://github.com/jesec/flood/commit/d137107ac908526d43966607149fbaf00cfcedf0" - }, - { - "url": "https://github.com/advisories/GHSA-r587-7jh2-4qr3" - } - ], - "severity": "CRITICAL", - "summary": "Server secret was included in static assets and served to clients", - "updatedAt": "2023-01-06T05:01:57Z", - "vulnerabilities": { - "edges": [ - { - "node": { - "severity": "CRITICAL", - "updatedAt": "2022-09-09T20:56:50Z", - "firstPatchedVersion": { - "identifier": "3.0.0" - }, - "vulnerableVersionRange": ">= 2.0.0, < 3.0.0", - "package": { - "ecosystem": "NPM", - "name": "flood" - } - } - } - ], - "totalCount": 1, - "pageInfo": { - "hasNextPage": false, - "hasPreviousPage": false, - "endCursor": "Y3Vyc29yOnYyOpK5MjAyMi0wOS0wOVQxNjo1Njo1MC0wNDowMM2Cyg==", - "startCursor": "Y3Vyc29yOnYyOpK5MjAyMi0wOS0wOVQxNjo1Njo1MC0wNDowMM2Cyg==" - } - }, - "cvss": { - "score": 0, - "vectorString": null - }, - "cwes": { - "edges": [], - "totalCount": 0, - "pageInfo": { - "hasNextPage": false, - "hasPreviousPage": false - } - }, - "withdrawnAt": null, - "classification": "GENERAL" - }, - { - "databaseId": 197913, - "description": "An issue was discovered in Keycloak when using a client with the `offline_access` scope. Reuse of session ids across root and user authentication sessions and a lack of root session validation enabled attackers to resolve a user session attached to a different previously authenticated user.\n\nThis issue most affects users of shared computers. Suppose a user logs out of their account (without clearing their cookies) in a mobile app or similar client that includes the `offline_access` scope, and another user authenticates to the application. In that case, it will share the same root session id, and when utilizing the refresh token, they will be issued a token for the original user.", - "ghsaId": "GHSA-97g8-xfvw-q4hg", - "id": "GSA_kwCzR0hTQS05N2c4LXhmdnctcTRoZ84AAwUZ", - "identifiers": [ - { - "type": "GHSA", - "value": "GHSA-97g8-xfvw-q4hg" - }, - { - "type": "CVE", - "value": "CVE-2022-3916" - } - ], - "notificationsPermalink": "https://github.com/advisories/GHSA-97g8-xfvw-q4hg/dependabot", - "origin": "UNSPECIFIED", - "permalink": "https://github.com/advisories/GHSA-97g8-xfvw-q4hg", - "publishedAt": "2022-12-13T19:44:33Z", - "references": [ - { - "url": "https://github.com/keycloak/keycloak/security/advisories/GHSA-97g8-xfvw-q4hg" - }, - { - "url": "https://github.com/advisories/GHSA-97g8-xfvw-q4hg" - } - ], - "severity": "MODERATE", - "summary": "Keycloak vulnerable to session takeover with OIDC offline refreshtokens", - "updatedAt": "2023-01-06T05:04:41Z", - "vulnerabilities": { - "edges": [ - { - "node": { - "severity": "MODERATE", - "updatedAt": "2022-12-13T19:44:33Z", - "firstPatchedVersion": { - "identifier": "20.0.2" - }, - "vulnerableVersionRange": "<= 19.0.2", - "package": { - "ecosystem": "MAVEN", - "name": "org.keycloak:keycloak-parent" - } - } - } - ], - "totalCount": 1, - "pageInfo": { - "hasNextPage": false, - "hasPreviousPage": false, - "endCursor": "Y3Vyc29yOnYyOpK5MjAyMi0xMi0xM1QxNDo0NDozMy0wNTowMM2RQQ==", - "startCursor": "Y3Vyc29yOnYyOpK5MjAyMi0xMi0xM1QxNDo0NDozMy0wNTowMM2RQQ==" - } - }, - "cvss": { - "score": 0, - "vectorString": null - }, - "cwes": { - "edges": [ - { - "node": { - "cweId": "CWE-287", - "name": "Improper Authentication", - "description": "When an actor claims to have a given identity, the software does not prove or insufficiently proves that the claim is correct." - } - }, - { - "node": { - "cweId": "CWE-304", - "name": "Missing Critical Step in Authentication", - "description": "The software implements an authentication technique, but it skips a step that weakens the technique." - } - }, - { - "node": { - "cweId": "CWE-488", - "name": "Exposure of Data Element to Wrong Session", - "description": "The product does not sufficiently enforce boundaries between the states of different sessions, causing data to be provided to, or used by, the wrong session." - } - } - ], - "totalCount": 3, - "pageInfo": { - "hasNextPage": false, - "hasPreviousPage": false - } - }, - "withdrawnAt": null, - "classification": "GENERAL" - }, - { - "databaseId": 179004, - "description": "`tower_http::services::fs::ServeDir` didn't correctly validate Windows paths\nmeaning paths like `/foo/bar/c:/windows/web/screen/img101.png` would be allowed\nand respond with the contents of `c:/windows/web/screen/img101.png`. Thus users\ncould potentially read files anywhere on the filesystem.\n\nThis only impacts Windows. Linux and other unix likes are not impacted by this.\n\nSee [tower-http#204] for more details.\n\n[tower-http#204]: https://github.com/tower-rs/tower-http/pull/204\n", - "ghsaId": "GHSA-wwh2-r387-g5rm", - "id": "GSA_kwCzR0hTQS13d2gyLXIzODctZzVybc4AArs8", - "identifiers": [ - { - "type": "GHSA", - "value": "GHSA-wwh2-r387-g5rm" - } - ], - "notificationsPermalink": "https://github.com/advisories/GHSA-wwh2-r387-g5rm/dependabot", - "origin": "UNSPECIFIED", - "permalink": "https://github.com/advisories/GHSA-wwh2-r387-g5rm", - "publishedAt": "2022-06-17T00:26:05Z", - "references": [ - { - "url": "https://github.com/tower-rs/tower-http/pull/204" - }, - { - "url": "https://rustsec.org/advisories/RUSTSEC-2021-0135.html" - }, - { - "url": "https://github.com/advisories/GHSA-wwh2-r387-g5rm" - } - ], - "severity": "MODERATE", - "summary": "tower-http's improper validation of Windows paths could lead to directory traversal attack", - "updatedAt": "2023-01-06T05:05:53Z", - "vulnerabilities": { - "edges": [ - { - "node": { - "severity": "MODERATE", - "updatedAt": "2022-06-17T00:26:05Z", - "firstPatchedVersion": { - "identifier": "0.2.1" - }, - "vulnerableVersionRange": ">= 0.2.0, < 0.2.1", - "package": { - "ecosystem": "RUST", - "name": "tower-http" - } - } - }, - { - "node": { - "severity": "MODERATE", - "updatedAt": "2022-06-17T00:26:05Z", - "firstPatchedVersion": { - "identifier": "0.1.3" - }, - "vulnerableVersionRange": "< 0.1.3", - "package": { - "ecosystem": "RUST", - "name": "tower-http" - } - } - } - ], - "totalCount": 2, - "pageInfo": { - "hasNextPage": false, - "hasPreviousPage": false, - "endCursor": "Y3Vyc29yOnYyOpK5MjAyMi0wNi0xNlQyMDoyNjowNS0wNDowMM1ftw==", - "startCursor": "Y3Vyc29yOnYyOpK5MjAyMi0wNi0xNlQyMDoyNjowNS0wNDowMM1ftg==" - } - }, - "cvss": { - "score": 0, - "vectorString": null - }, - "cwes": { - "edges": [ - { - "node": { - "cweId": "CWE-22", - "name": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", - "description": "The software uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the software does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory." - } - } - ], - "totalCount": 1, - "pageInfo": { - "hasNextPage": false, - "hasPreviousPage": false - } - }, - "withdrawnAt": null, - "classification": "GENERAL" - }, - { - "databaseId": 185990, - "description": "Versions of `distributed` earlier than `2021.10.0` had a potential security vulnerability relating to single-machine Dask clusters.\n\nClusters started with `dask.distributed.LocalCluster` or `dask.distributed.Client()` (which defaults to using `LocalCluster`) would mistakenly configure their respective Dask workers to listen on external interfaces (typically with a randomly selected high port) rather than only on `localhost`. A Dask cluster created using this method AND running on a machine that has these ports exposed could be used by a sophisticated attacker to enable remote code execution. Users running on machines with standard firewalls in place, or using clusters created via cluster objects other than `LocalCluster` (e.g. `dask_kubernetes.KubeCluster`) should not be affected. This vulnerability is documented in CVE-2021-42343, and was fixed in version `2021.10.0` (PR #5427).", - "ghsaId": "GHSA-hwqr-f3v9-hwxr", - "id": "GSA_kwCzR0hTQS1od3FyLWYzdjktaHd4cs4AAtaG", - "identifiers": [ - { - "type": "GHSA", - "value": "GHSA-hwqr-f3v9-hwxr" - } - ], - "notificationsPermalink": "https://github.com/advisories/GHSA-hwqr-f3v9-hwxr/dependabot", - "origin": "UNSPECIFIED", - "permalink": "https://github.com/advisories/GHSA-hwqr-f3v9-hwxr", - "publishedAt": "2022-07-15T21:56:08Z", - "references": [ - { - "url": "https://github.com/dask/distributed/security/advisories/GHSA-hwqr-f3v9-hwxr" - }, - { - "url": "https://docs.dask.org/en/latest/changelog.html" - }, - { - "url": "https://github.com/dask/dask/tags" - }, - { - "url": "https://github.com/pypa/advisory-database/tree/main/vulns/distributed/PYSEC-2021-871.yaml" - }, - { - "url": "https://github.com/pypa/advisory-database/tree/main/vulns/distributed/PYSEC-2021-872.yaml" - }, - { - "url": "https://github.com/advisories/GHSA-j8fq-86c5-5v2r" - }, - { - "url": "https://github.com/advisories/GHSA-hwqr-f3v9-hwxr" - } - ], - "severity": "MODERATE", - "summary": "Workers for local Dask clusters mistakenly listened on public interfaces", - "updatedAt": "2023-01-06T05:05:59Z", - "vulnerabilities": { - "edges": [ - { - "node": { - "severity": "MODERATE", - "updatedAt": "2022-07-15T21:56:09Z", - "firstPatchedVersion": { - "identifier": "2021.10.0" - }, - "vulnerableVersionRange": ">= 0, < 2021.10.0", - "package": { - "ecosystem": "PIP", - "name": "distributed" - } - } - } - ], - "totalCount": 1, - "pageInfo": { - "hasNextPage": false, - "hasPreviousPage": false, - "endCursor": "Y3Vyc29yOnYyOpK5MjAyMi0wNy0xNVQxNzo1NjowOS0wNDowMM16gw==", - "startCursor": "Y3Vyc29yOnYyOpK5MjAyMi0wNy0xNVQxNzo1NjowOS0wNDowMM16gw==" - } - }, - "cvss": { - "score": 0, - "vectorString": null - }, - "cwes": { - "edges": [], - "totalCount": 0, - "pageInfo": { - "hasNextPage": false, - "hasPreviousPage": false - } - }, - "withdrawnAt": null, - "classification": "GENERAL" - }, - { - "databaseId": 191238, - "description": "### Impact\nHarbor fails to validate the user permissions when reading job execution logs through the P2P preheat execution logs - API call\n\n  GET /projects/{project_name}/preheat/policies/{preheat_policy_name}/executions/{execution_id}/tasks/{task_id}/logs\n\nBy sending a request that attempts to read P2P preheat execution logs and specifying different job ids, malicious authenticatedusers could read all the job logs stored in the Harbor database.\n\n### Patches\nThis and similar issues are fixed in Harbor v2.5.2 and later. Please upgrade as soon as possible.\n\n### Workarounds\nThere are no workarounds available.\n\n### For more information\nIf you have any questions or comments about this advisory:\n* Open an issue in [the Harbor GitHub repository](https://github.com/goharbor/harbor)\n\n### Credits\nThanks to [Gal Goldstein](https://www.linkedin.com/in/gal-goldshtein/) and [Daniel Abeles](https://www.linkedin.com/in/daniel-abeles/) from [Oxeye Security](https://www.oxeye.io/) for reporting this issue.\n", - "ghsaId": "GHSA-q76q-q8hw-hmpw", - "id": "GSA_kwCzR0hTQS1xNzZxLXE4aHctaG1wd84AAusG", - "identifiers": [ - { - "type": "GHSA", - "value": "GHSA-q76q-q8hw-hmpw" - }, - { - "type": "CVE", - "value": "CVE-2022-31671" - } - ], - "notificationsPermalink": "https://github.com/advisories/GHSA-q76q-q8hw-hmpw/dependabot", - "origin": "UNSPECIFIED", - "permalink": "https://github.com/advisories/GHSA-q76q-q8hw-hmpw", - "publishedAt": "2022-09-09T19:47:03Z", - "references": [ - { - "url": "https://github.com/goharbor/harbor/security/advisories/GHSA-q76q-q8hw-hmpw" - }, - { - "url": "https://github.com/advisories/GHSA-q76q-q8hw-hmpw" - } - ], - "severity": "MODERATE", - "summary": "Harbor fails to validate the user permissions when reading job execution logs through the P2P preheat execution logs", - "updatedAt": "2023-01-06T05:06:01Z", - "vulnerabilities": { - "edges": [ - { - "node": { - "severity": "MODERATE", - "updatedAt": "2022-09-09T19:47:03Z", - "firstPatchedVersion": { - "identifier": "1.10.13" - }, - "vulnerableVersionRange": ">= 1.0, <= 1.10.12", - "package": { - "ecosystem": "GO", - "name": "github.com/goharbor/harbor" - } - } - }, - { - "node": { - "severity": "MODERATE", - "updatedAt": "2022-09-09T19:47:03Z", - "firstPatchedVersion": { - "identifier": "2.4.3" - }, - "vulnerableVersionRange": ">= 2.0, <= 2.4.2", - "package": { - "ecosystem": "GO", - "name": "github.com/goharbor/harbor" - } - } - }, - { - "node": { - "severity": "MODERATE", - "updatedAt": "2022-09-09T19:47:03Z", - "firstPatchedVersion": { - "identifier": "2.5.2" - }, - "vulnerableVersionRange": ">= 2.5, <= 2.5.1", - "package": { - "ecosystem": "GO", - "name": "github.com/goharbor/harbor" - } - } - } - ], - "totalCount": 3, - "pageInfo": { - "hasNextPage": false, - "hasPreviousPage": false, - "endCursor": "Y3Vyc29yOnYyOpK5MjAyMi0wOS0wOVQxNTo0NzowMy0wNDowMM2Cxw==", - "startCursor": "Y3Vyc29yOnYyOpK5MjAyMi0wOS0wOVQxNTo0NzowMy0wNDowMM2CxQ==" - } - }, - "cvss": { - "score": 5, - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" - }, - "cwes": { - "edges": [], - "totalCount": 0, - "pageInfo": { - "hasNextPage": false, - "hasPreviousPage": false - } - }, - "withdrawnAt": null, - "classification": "GENERAL" - }, - { - "databaseId": 195572, - "description": "The compression and decompression function used `mem:uninitialized` to create an array of uninitialized values, to later write values into it. This later leads to reads from uninitialized memory.\n\nThe flaw was corrected in commit b633bf265e41c60dfce3be7eac4e4dd5e18d06cf by using a heap-allocated `Vec` and removing out use of `mem::uninitialized`. The fix was released in v0.3.2 and v1.0.0\n\nSubsequently, the crate was deprecated and its use is discouraged.\n", - "ghsaId": "GHSA-5m39-wx2q-mxg3", - "id": "GSA_kwCzR0hTQS01bTM5LXd4MnEtbXhnM84AAvv0", - "identifiers": [ - { - "type": "GHSA", - "value": "GHSA-5m39-wx2q-mxg3" - } - ], - "notificationsPermalink": "https://github.com/advisories/GHSA-5m39-wx2q-mxg3/dependabot", - "origin": "UNSPECIFIED", - "permalink": "https://github.com/advisories/GHSA-5m39-wx2q-mxg3", - "publishedAt": "2022-11-08T21:42:06Z", - "references": [ - { - "url": "https://github.com/badboy/lzf-rs/issues/9" - }, - { - "url": "https://github.com/badboy/lzf-rs/commit/b633bf265e41c60dfce3be7eac4e4dd5e18d06cf" - }, - { - "url": "https://rustsec.org/advisories/RUSTSEC-2022-0067.html" - }, - { - "url": "https://github.com/advisories/GHSA-5m39-wx2q-mxg3" - } - ], - "severity": "MODERATE", - "summary": "Invalid use of `mem::uninitialized` causes `use-of-uninitialized-value`", - "updatedAt": "2023-01-06T05:06:20Z", - "vulnerabilities": { - "edges": [ - { - "node": { - "severity": "MODERATE", - "updatedAt": "2022-11-08T21:42:06Z", - "firstPatchedVersion": { - "identifier": "0.3.2" - }, - "vulnerableVersionRange": "< 0.3.2", - "package": { - "ecosystem": "RUST", - "name": "lzf" - } - } - } - ], - "totalCount": 1, - "pageInfo": { - "hasNextPage": false, - "hasPreviousPage": false, - "endCursor": "Y3Vyc29yOnYyOpK5MjAyMi0xMS0wOFQxNjo0MjowNi0wNTowMM2MvA==", - "startCursor": "Y3Vyc29yOnYyOpK5MjAyMi0xMS0wOFQxNjo0MjowNi0wNTowMM2MvA==" - } - }, - "cvss": { - "score": 0, - "vectorString": null - }, - "cwes": { - "edges": [], - "totalCount": 0, - "pageInfo": { - "hasNextPage": false, - "hasPreviousPage": false - } - }, - "withdrawnAt": null, - "classification": "GENERAL" - }, - { - "databaseId": 994, - "description": "An issue was discovered in YMFE YApi 1.3.23. There is stored XSS in the name field of a project.", - "ghsaId": "GHSA-5xgh-643p-cp2g", - "id": "MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTV4Z2gtNjQzcC1jcDJn", - "identifiers": [ - { - "type": "GHSA", - "value": "GHSA-5xgh-643p-cp2g" - }, - { - "type": "CVE", - "value": "CVE-2018-17574" - } - ], - "notificationsPermalink": "https://github.com/advisories/GHSA-5xgh-643p-cp2g/dependabot", - "origin": "UNSPECIFIED", - "permalink": "https://github.com/advisories/GHSA-5xgh-643p-cp2g", - "publishedAt": "2018-11-21T22:19:59Z", - "references": [ - { - "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-17574" - }, - { - "url": "https://github.com/YMFE/yapi/issues/520" - }, - { - "url": "https://github.com/advisories/GHSA-5xgh-643p-cp2g" - } - ], - "severity": "MODERATE", - "summary": "Cross-site Scripting in yapi-vendor", - "updatedAt": "2023-01-06T05:06:58Z", - "vulnerabilities": { - "edges": [ - { - "node": { - "severity": "MODERATE", - "updatedAt": "2018-11-21T22:16:17Z", - "firstPatchedVersion": { - "identifier": "1.3.23" - }, - "vulnerableVersionRange": "< 1.3.23", - "package": { - "ecosystem": "NPM", - "name": "yapi-vendor" - } - } - } - ], - "totalCount": 1, - "pageInfo": { - "hasNextPage": false, - "hasPreviousPage": false, - "endCursor": "Y3Vyc29yOnYyOpK5MjAxOC0xMS0yMVQxNzoxNjoxNy0wNTowMM0GcQ==", - "startCursor": "Y3Vyc29yOnYyOpK5MjAxOC0xMS0yMVQxNzoxNjoxNy0wNTowMM0GcQ==" - } - }, - "cvss": { - "score": 5.4, - "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" - }, - "cwes": { - "edges": [ - { - "node": { - "cweId": "CWE-79", - "name": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", - "description": "The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users." - } - } - ], - "totalCount": 1, - "pageInfo": { - "hasNextPage": false, - "hasPreviousPage": false - } - }, - "withdrawnAt": null, - "classification": "GENERAL" - } - ], - "totalCount": 11289, - "pageInfo": { - "hasNextPage": true, - "endCursor": "Y3Vyc29yOnYyOpK5MjAyMy0wMS0wNlQwMDowNjo1OC0wNTowMM0D4g==" - } - } - } -} diff --git a/open-vulnerability-clients/src/test/resources/known_exploited_vulnerabilities.json b/open-vulnerability-clients/src/test/resources/known_exploited_vulnerabilities.json deleted file mode 100644 index df502217..00000000 --- a/open-vulnerability-clients/src/test/resources/known_exploited_vulnerabilities.json +++ /dev/null @@ -1,10150 +0,0 @@ -{ - "title": "CISA Catalog of Known Exploited Vulnerabilities", - "catalogVersion": "2023.04.21", - "dateReleased": "2023-04-21T09:54:52.3190Z", - "count": 922, - "vulnerabilities": [ - { - "cveID": "CVE-2021-27104", - "vendorProject": "Accellion", - "product": "FTA", - "vulnerabilityName": "Accellion FTA OS Command Injection Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Accellion FTA 9_12_370 and earlier is affected by OS command execution via a crafted POST request to various admin endpoints.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2021-27102", - "vendorProject": "Accellion", - "product": "FTA", - "vulnerabilityName": "Accellion FTA OS Command Injection Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Accellion FTA 9_12_411 and earlier is affected by OS command execution via a local web service call.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2021-27101", - "vendorProject": "Accellion", - "product": "FTA", - "vulnerabilityName": "Accellion FTA SQL Injection Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Accellion FTA 9_12_370 and earlier is affected by SQL injection via a crafted Host header in a request to document_root.html.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2021-27103", - "vendorProject": "Accellion", - "product": "FTA", - "vulnerabilityName": "Accellion FTA SSRF Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Accellion FTA 9_12_411 and earlier is affected by SSRF via a crafted POST request to wmProgressstat.html.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2021-21017", - "vendorProject": "Adobe", - "product": "Acrobat and Reader", - "vulnerabilityName": "Adobe Acrobat and Reader Heap-based Buffer Overflow Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a heap-based buffer overflow vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2021-28550", - "vendorProject": "Adobe", - "product": "Acrobat and Reader", - "vulnerabilityName": "Adobe Acrobat and Reader Use-After-Free Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier) and 2017.011.30194 (and earlier) are affected by a Use After Free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2018-4939", - "vendorProject": "Adobe", - "product": "ColdFusion", - "vulnerabilityName": "Adobe ColdFusion Deserialization of Untrusted Data vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Adobe ColdFusion Update 5 and earlier versions, ColdFusion 11 Update 13 and earlier versions have an exploitable Deserialization of Untrusted Data vulnerability. Successful exploitation could lead to arbitrary code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2018-15961", - "vendorProject": "Adobe", - "product": "ColdFusion", - "vulnerabilityName": "Adobe ColdFusion Remote Code Execution", - "dateAdded": "2021-11-03", - "shortDescription": "Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have an unrestricted file upload vulnerability. Successful exploitation could lead to arbitrary code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2018-4878", - "vendorProject": "Adobe", - "product": "Flash Player", - "vulnerabilityName": "Adobe Flash Player Use-After-Free Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "A use-after-free vulnerability was discovered in Adobe Flash Player before 28.0.0.161. This vulnerability occurs due to a dangling pointer in the Primetime SDK related to media player handling of listener objects. A successful attack can lead to arbitrary code execution. This was exploited in the wild in January and February 2018.", - "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2020-5735", - "vendorProject": "Amcrest", - "product": "Cameras and Network Video Recorder (NVR)", - "vulnerabilityName": "Amcrest Camera and NVR Buffer Overflow Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Amcrest cameras and NVR are vulnerable to a stack-based buffer overflow over port 37777. An authenticated remote attacker can abuse this issue to crash the device and possibly execute arbitrary code.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2019-2215", - "vendorProject": "Android", - "product": "Kernel", - "vulnerabilityName": "Android Kernel Use-After-Free Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Android Kernel contains a use-after-free vulnerability in binder.c which allows for privilege escalation from an application to the Linux Kernel. This vulnerability was observed chained with CVE-2020-0041 and CVE-2020-0069 under exploit chain \"AbstractEmu.\"", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2020-0041", - "vendorProject": "Android", - "product": "Kernel", - "vulnerabilityName": "Android Kernel Out-of-Bounds Write Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Android Kernel binder_transaction of binder.c contains an out-of-bounds write vulnerability due to an incorrect bounds check that could allow for local privilege escalation. This vulnerability was observed chained with CVE-2019-2215 and CVE-2020-0069 under exploit chain \"AbstractEmu.\"", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2020-0069", - "vendorProject": "MediaTek", - "product": "Multiple Chipsets", - "vulnerabilityName": "Mediatek Multiple Chipsets Insufficient Input Validation Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Multiple MediaTek chipsets contain an insufficient input validation vulnerability and have missing SELinux restrictions in the Command Queue drivers ioctl handlers. This causes an out-of-bounds write leading to privilege escalation. This vulnerability was observed chained with CVE-2019-2215 and CVE-2020-0041 under exploit chain \"AbstractEmu.\"", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2017-9805", - "vendorProject": "Apache", - "product": "Struts", - "vulnerabilityName": "Apache Struts Multiple Versions Remote Code Execution Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 contains a vulnerability which can lead to Remote Code Execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2021-42013", - "vendorProject": "Apache", - "product": "HTTP Server", - "vulnerabilityName": "Apache HTTP Server 2.4.49 and 2.4.50 Path Traversal", - "dateAdded": "2021-11-03", - "shortDescription": "Apache HTTP server vulnerabilities allow an attacker to use a path traversal attack to map URLs to files outside the expected document root and perform Remote Code Execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2021-41773", - "vendorProject": "Apache", - "product": "HTTP Server", - "vulnerabilityName": "Apache HTTP Server Path Traversal Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default configuration \"require all denied\", these requests can succeed. If CGI scripts are also enabled for these aliased pathes, this could allow for remote code execution. This issue is known to be exploited in the wild. This issue only affects Apache 2.4.49 and not earlier versions. The fix in Apache HTTP Server 2.4.50 was found to be incomplete, see CVE-2021-42013.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2019-0211", - "vendorProject": "Apache", - "product": "HTTP Server", - "vulnerabilityName": "Apache HTTP Server scoreboard vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with the privileges of the parent process (usually root) by manipulating the scoreboard. Non-Unix systems are not affected.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2016-4437", - "vendorProject": "Apache", - "product": "Shiro", - "vulnerabilityName": "Apache Shiro 1.2.4 Cookie RememberME Deserial Remote Code Execution Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Apache Shiro before 1.2.5, when a cipher key has not been configured for the \"remember me\" feature, allows remote attackers to execute arbitrary code or bypass intended access restrictions via an unspecified request parameter.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2019-17558", - "vendorProject": "Apache", - "product": "Solr", - "vulnerabilityName": "Apache Solr 5.0.0-8.3.1 Remote Code Execution Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Apache Solr 5.0.0 to Apache Solr 8.3.1 are vulnerable to a Remote Code Execution through the VelocityResponseWriter. A Velocity template can be provided through Velocity templates in a configset `velocity/` directory or as a parameter. A user defined configset could contain renderable, potentially malicious, templates. Parameter provided templates are disabled by default, but can be enabled by setting `params.resource.loader.enabled` by defining a response writer with that setting set to `true`. Defining a response writer requires configuration API access. Solr 8.4 removed the params resource loader entirely, and only enables the configset-provided template rendering when the configset is `trusted` (has been uploaded by an authenticated user).", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2020-17530", - "vendorProject": "Apache", - "product": "Struts", - "vulnerabilityName": "Apache Struts Forced OGNL Double Evaluation Remote Code Execution", - "dateAdded": "2021-11-03", - "shortDescription": "Forced OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution. Affected software : Apache Struts 2.0.0 - Struts 2.5.25.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2017-5638", - "vendorProject": "Apache", - "product": "Struts", - "vulnerabilityName": "Apache Struts Jakarta Multipart parser exception handling vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header, as exploited in the wild in March 2017 with a Content-Type header containing a #cmd= string.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2018-11776", - "vendorProject": "Apache", - "product": "Struts", - "vulnerabilityName": "Apache Struts 2.3 to 2.3.34 and 2.5 to 2.5.16 Remote Code Execution Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 contain a vulnerability which can allow for remote code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2021-30858", - "vendorProject": "Apple", - "product": "iOS and iPadOS", - "vulnerabilityName": "Apple Apple iOS and iPadOS Use-After-Free Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Apple iOS and iPadOS Arbitrary Code Execution", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2019-6223", - "vendorProject": "Apple", - "product": "FaceTime", - "vulnerabilityName": "Apple FaceTime Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "A logic issue existed in the handling of Group FaceTime calls. The issue was addressed with improved state management. This issue is fixed in iOS 12.1.4, macOS Mojave 10.14.3 Supplemental Update. The initiator of a Group FaceTime call may be able to cause the recipient to answer.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2021-30860", - "vendorProject": "Apple", - "product": "iOS", - "vulnerabilityName": "Apple iOS \"FORCEDENTRY\" Remote Code Execution Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "An integer overflow was addressed with improved input validation vulnerability affecting iOS devices that allows for remote code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2020-27930", - "vendorProject": "Apple", - "product": "iOS and macOS", - "vulnerabilityName": "Apple iOS and macOS FontParser Remote Code Execution Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "A memory corruption issue was addressed with improved input validation. Processing a maliciously crafted font may lead to arbitrary code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2021-30807", - "vendorProject": "Apple", - "product": "Multiple Products", - "vulnerabilityName": "Apple Multiple Products Memory Corruption Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Apple iOS, iPadOS, macOS, and watchOS, contain a memory corruption vulnerability in�IOMobileFrameBuffer�that may allow an application to execute code with kernel privileges.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2020-27950", - "vendorProject": "Apple", - "product": "iOS and macOS", - "vulnerabilityName": "Apple iOS and macOS Kernel Memory Initialization Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "A malicious application may be able to disclose kernel memory.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2020-27932", - "vendorProject": "Apple", - "product": "iOS and macOS", - "vulnerabilityName": "Apple iOS and macOS Kernel Type Confusion Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "A malicious application may be able to execute arbitrary code with kernel privileges.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2020-9818", - "vendorProject": "Apple", - "product": "iOS Mail", - "vulnerabilityName": "Apple iOS Mail OOB Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Processing a maliciously crafted mail message may lead to unexpected memory modification or application termination.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2020-9819", - "vendorProject": "Apple", - "product": "iOS Mail", - "vulnerabilityName": "Apple iOS Mail Heap Overflow Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Processing a maliciously crafted mail message may lead to heap corruption.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2021-30762", - "vendorProject": "Apple", - "product": "iOS", - "vulnerabilityName": "Apple WebKit Browser Engine Use-After-Free Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Use after free issue. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2021-1782", - "vendorProject": "Apple", - "product": "iOS", - "vulnerabilityName": "Apple iOS Privilege Escalation and Code Execution Chain", - "dateAdded": "2021-11-03", - "shortDescription": "A malicious application may be able to elevate privileges. Apple is aware of a report that this issue may have been actively exploited.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2021-1870", - "vendorProject": "Apple", - "product": "iOS", - "vulnerabilityName": "Apple iOS Privilege Escalation and Code Execution Chain", - "dateAdded": "2021-11-03", - "shortDescription": "A remote attacker may be able to cause arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2021-1871", - "vendorProject": "Apple", - "product": "iOS", - "vulnerabilityName": "Apple iOS Privilege Escalation and Code Execution Chain", - "dateAdded": "2021-11-03", - "shortDescription": "A remote attacker may be able to cause arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2021-1879", - "vendorProject": "Apple", - "product": "iOS", - "vulnerabilityName": "Apple iOS Webkit Browser Engine XSS", - "dateAdded": "2021-11-03", - "shortDescription": "Processing maliciously crafted web content may lead to universal cross site scripting. Apple is aware of a report that this issue may have been actively exploited.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2021-30661", - "vendorProject": "Apple", - "product": "iOS", - "vulnerabilityName": "Apple iOS Webkit Storage Use-After-Free Remote Code Execution Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2021-30666", - "vendorProject": "Apple", - "product": "iOS", - "vulnerabilityName": "Apple iOS12.x Buffer Overflow", - "dateAdded": "2021-11-03", - "shortDescription": "Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2021-30713", - "vendorProject": "Apple", - "product": "macOS", - "vulnerabilityName": "Apple macOS Input Validation Error", - "dateAdded": "2021-11-03", - "shortDescription": "A malicious application may be able to bypass Privacy preferences. Apple is aware of a report that this issue may have been actively exploited.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2021-30657", - "vendorProject": "Apple", - "product": "macOS", - "vulnerabilityName": "Apple macOS Policy Subsystem Gatekeeper Bypass", - "dateAdded": "2021-11-03", - "shortDescription": "A malicious application may bypass Gatekeeper checks. Apple is aware of a report that this issue may have been actively exploited.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2021-30665", - "vendorProject": "Apple", - "product": "Safari", - "vulnerabilityName": "Apple Safari Webkit Browser Engine Buffer Overflow Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2021-30663", - "vendorProject": "Apple", - "product": "Safari", - "vulnerabilityName": "Apple Safari Webkit Browser Engine Integer Overflow Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Integer overflow. Processing maliciously crafted web content may lead to arbitrary code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2021-30761", - "vendorProject": "Apple", - "product": "iOS", - "vulnerabilityName": "Apple WebKit Browser Engine Memory Corruption Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Memory corruption issue. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2021-30869", - "vendorProject": "Apple", - "product": "iOS, macOS, and iPadOS", - "vulnerabilityName": "Apple XNU Kernel Type Confusion", - "dateAdded": "2021-11-03", - "shortDescription": "Apple XNU kernel contains a type confusion vulnerability which allows a malicious application to execute arbitrary code with kernel privileges.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2020-9859", - "vendorProject": "Apple", - "product": "iOS and iPadOS", - "vulnerabilityName": "Apple 11-13.5 XNU Kernel Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "A memory consumption issue was addressed with improved memory handling. An application may be able to execute arbitrary code with kernel privileges.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2021-20090", - "vendorProject": "Arcadyan", - "product": "Buffalo WSR-2533DHPL2 and WSR-2533DHP3 firmware", - "vulnerabilityName": "Arcadyan Buffalo Firmware Multiple Versions Path Traversal", - "dateAdded": "2021-11-03", - "shortDescription": "A path traversal vulnerability in Arcadyan firmware could allow unauthenticated remote attackers to bypass authentication. It impacts many routers.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2021-27562", - "vendorProject": "Arm", - "product": "Arm Trusted Firmware", - "vulnerabilityName": "Arm Trusted Firmware M through 1.2 Denial-of-Service", - "dateAdded": "2021-11-03", - "shortDescription": "In Arm Trusted Firmware M through 1.2, the NS world may trigger a system halt, an overwrite of secure data, or the printing out of secure data when calling secure functions under the NSPE handler mode. This vulnerability has known active exploitation against Yealink Device Management servers. It is assessed this product utilizes the affected Arm firmware.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2021-28664", - "vendorProject": "Arm", - "product": "Mali Graphics Processing Unit (GPU)", - "vulnerabilityName": "Arm Mali GPU Kernel Boundary Error Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "The Arm Mali GPU kernel driver allows privilege escalation or a denial of service (memory corruption) because an unprivileged user can achieve read/write access to read-only pages. This affects Bifrost r0p0 through r28p0 before r29p0, Valhall r19p0 through r28p0 before r29p0, and Midgard r8p0 through r30p0.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2021-28663", - "vendorProject": "Arm", - "product": "Mali Graphics Processing Unit (GPU)", - "vulnerabilityName": "Arm Mali GPU Kernel Use-After-Free Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "The Arm Mali GPU kernel driver allows privilege escalation or information disclosure because GPU memory operations are mishandled, leading to a use-after-free. This affects Bifrost r0p0 through r28p0 before r29p0, Valhall r19p0 through r28p0 before r29p0, and Midgard r4p0 through r30p0.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2019-3398", - "vendorProject": "Atlassian", - "product": "Confluence", - "vulnerabilityName": "Atlassian Confluence Path Traversal Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Confluence Server and Data Center had a path traversal vulnerability in the downloadallattachments resource. A remote attacker who has permission to add attachments to pages and / or blogs or to create a new space or a personal space or who has \u0027Admin\u0027 permissions for a space can exploit this path traversal vulnerability to write files to arbitrary locations which can lead to remote code execution on systems that run a vulnerable version of Confluence Server or Data Center. All versions of Confluence Server from 2.0.0 before 6.6.13 (the fixed version for 6.6.x), from 6.7.0 before 6.12.4 (the fixed version for 6.12.x), from 6.13.0 before 6.13.4 (the fixed version for 6.13.x), from 6.14.0 before 6.14.3 (the fixed version for 6.14.x), and from 6.15.0 before 6.15.2 are affected by this vulnerability.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2021-26084", - "vendorProject": "Atlassian", - "product": "Confluence Server", - "vulnerabilityName": "Atlassian Confluence Server \u003c 6.13.23, 6.14.0 - 7.12.5 Arbitrary Code Execution", - "dateAdded": "2021-11-03", - "shortDescription": "Atlassian Confluence Server The affected versions are before version 6.13.23, from version 6.14.0 before 7.4.11, from version 7.5.0 before 7.11.6, and from version 7.12.0 before 7.12.5 contains an OGNL injection vulnerability which allows an attacker to execute arbitrary code.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2019-11580", - "vendorProject": "Atlassian", - "product": "Crowd and Crowd Data Center", - "vulnerabilityName": "Atlassian Crowd and Crowd Data Center Remote Code Execution Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Atlassian Crowd and Crowd Data Center had the pdkinstall development plugin incorrectly enabled in release builds. Attackers who can send unauthenticated or authenticated requests to a Crowd or Crowd Data Center instance can exploit this vulnerability to install arbitrary plugins, which permits remote code execution on systems running a vulnerable version of Crowd or Crowd Data Center. All versions of Crowd from version 2.1.0 before 3.0.5, from version 3.1.0 before 3.1.6, from version 3.2.0 before 3.2.8, from version 3.3.0 before 3.3.5, and from version 3.4.0 before 3.4.4 are affected by this vulnerability.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2019-3396", - "vendorProject": "Atlassian", - "product": "Atlassian Confluence Server", - "vulnerabilityName": "Remote code execution via Widget Connector macro Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Allows remote attackers to achieve path traversal and remote code execution on a Confluence Server or Data Center instance via server-side template injection.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2021-42258", - "vendorProject": "BQE", - "product": "BillQuick Web Suite", - "vulnerabilityName": "BQE BillQuick Web Suite Versions Prior to 22.0.9.1 (from 2018 through 2021) Remote Code Execution Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "BQE BillQuick Web Suite 2018 through 2021 prior to 22.0.9.1 allows SQL injection for unauthenticated remote code execution, as exploited in the wild in October 2021 for ransomware installation.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2020-3452", - "vendorProject": "Cisco", - "product": "Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)", - "vulnerabilityName": "Cisco Adaptive Security Appliance and Cisco Fire Power Threat Defense directory traversal sensitive file read", - "dateAdded": "2021-11-03", - "shortDescription": "A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct directory traversal attacks and read sensitive files on a targeted system. The vulnerability is due to a lack of proper input validation of URLs in HTTP requests processed by an affected device. An attacker could exploit this vulnerability by sending a crafted HTTP request containing directory traversal character sequences to an affected device. A successful exploit could allow the attacker to view arbitrary files within the web services file system on the targeted device. The web services file system is enabled when the affected device is configured with either WebVPN or AnyConnect features. This vulnerability cannot be used to obtain access to ASA or FTD system files or underlying operating system (OS) files.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2020-3580", - "vendorProject": "Cisco", - "product": "Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)", - "vulnerabilityName": "Cisco ASA and FTD XSS Vulnerabilities", - "dateAdded": "2021-11-03", - "shortDescription": "Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the web services interface of an affected device. The vulnerabilities are due to insufficient validation of user-supplied input by the web services interface of an affected device. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive, browser-based information. Note: These vulnerabilities affect only specific AnyConnect and WebVPN configurations.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2021-1497", - "vendorProject": "Cisco", - "product": "HyperFlex HX", - "vulnerabilityName": "Cisco HyperFlex HX Command Injection Vulnerabilities", - "dateAdded": "2021-11-03", - "shortDescription": "Multiple vulnerabilities in the web-based management interface of Cisco HyperFlex HX could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2021-1498", - "vendorProject": "Cisco", - "product": "HyperFlex HX", - "vulnerabilityName": "Cisco HyperFlex HX Command Injection Vulnerabilities", - "dateAdded": "2021-11-03", - "shortDescription": "Multiple vulnerabilities in the web-based management interface of Cisco HyperFlex HX could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2018-0171", - "vendorProject": "Cisco", - "product": "IOS and IOS XE", - "vulnerabilityName": "Cisco IOS and IOS XE Software Smart Install Remote Code Execution Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition, or to execute arbitrary code on an affected device. The vulnerability is due to improper validation of packet data. An attacker could exploit this vulnerability by sending a crafted Smart Install message to an affected device on TCP port 4786. A successful exploit could allow the attacker to cause a buffer overflow on the affected device, which could have the following impacts: Triggering a reload of the device, Allowing the attacker to execute arbitrary code on the device, Causing an indefinite loop on the affected device that triggers a watchdog crash. Cisco Bug IDs: CSCvg76186.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2020-3118", - "vendorProject": "Cisco", - "product": "IOS XR", - "vulnerabilityName": "Cisco IOS XR Software Cisco Discovery Protocol Format String Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "A vulnerability in the Cisco Discovery Protocol implementation for Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to execute arbitrary code or cause a reload on an affected device. The vulnerability is due to improper validation of string input from certain fields in Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to cause a stack overflow, which could allow the attacker to execute arbitrary code with administrative privileges on an affected device. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2020-3566", - "vendorProject": "Cisco", - "product": "IOS XR", - "vulnerabilityName": "Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "A vulnerability in the Distance Vector Multicast Routing Protocol (DVMRP) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to exhaust process memory of an affected device. The vulnerability is due to insufficient queue management for Internet Group Management Protocol (IGMP) packets. An attacker could exploit this vulnerability by sending crafted IGMP traffic to an affected device. A successful exploit could allow the attacker to cause memory exhaustion, resulting in instability of other processes. These processes may include, but are not limited to, interior and exterior routing protocols.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2020-3569", - "vendorProject": "Cisco", - "product": "IOS XR", - "vulnerabilityName": "Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Multiple vulnerabilities in the Distance Vector Multicast Routing Protocol (DVMRP) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to either immediately crash the Internet Group Management Protocol (IGMP) process or make it consume available memory and eventually crash. The memory consumption may negatively impact other processes that are running on the device. These vulnerabilities are due to the incorrect handling of IGMP packets. An attacker could exploit these vulnerabilities by sending crafted IGMP traffic to an affected device. A successful exploit could allow the attacker to immediately crash the IGMP process or cause memory exhaustion, resulting in other processes becoming unstable. These processes may include, but are not limited to, interior and exterior routing protocols.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2020-3161", - "vendorProject": "Cisco", - "product": "IP Phones", - "vulnerabilityName": "Cisco IP Phones Web Server DoS and Remote Code Execution Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "A vulnerability in the web server for Cisco IP Phones could allow an unauthenticated, remote attacker to execute code with root privileges or cause a reload of an affected IP phone, resulting in a denial of service (DoS) condition. The vulnerability is due to a lack of proper input validation of HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web server of a targeted device. A successful exploit could allow the attacker to remotely execute code with root privileges or cause a reload of an affected IP phone, resulting in a DoS condition.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2019-1653", - "vendorProject": "Cisco", - "product": "RV320 and RV325 Routers", - "vulnerabilityName": "Cisco RV320 and RV325 Routers Improper Access Control Vulnerability (COVID-19-CTI list)", - "dateAdded": "2021-11-03", - "shortDescription": "A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an unauthenticated, remote attacker to retrieve sensitive information. The vulnerability is due to improper access controls for URLs. An attacker could exploit this vulnerability by connecting to an affected device via HTTP or HTTPS and requesting specific URLs. A successful exploit could allow the attacker to download the router configuration or detailed diagnostic information.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2018-0296", - "vendorProject": "Cisco", - "product": "Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)", - "vulnerabilityName": "Cisco Adaptive Security Appliance Firepower Threat Defense Denial-of-Service/Directory Traversal vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "A vulnerability in the web interface of the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. It is also possible on certain software releases that the ASA will not reload, but an attacker could view sensitive system information without authentication by using directory traversal techniques. The vulnerability is due to lack of proper input validation of the HTTP URL. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. An exploit could allow the attacker to cause a DoS condition or unauthenticated disclosure of information. This vulnerability applies to IPv4 and IPv6 HTTP traffic. This vulnerability affects Cisco ASA Software and Cisco Firepower Threat Defense (FTD) Software that is running on the following Cisco products: 3000 Series Industrial Security Appliance (ISA), ASA 1000V Cloud Firewall, ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Adaptive Security Virtual Appliance (ASAv), Firepower 2100 Series Security Appliance, Firepower 4100 Series Security Appliance, Firepower 9300 ASA Security Module, FTD Virtual (FTDv). Cisco Bug IDs: CSCvi16029.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2019-13608", - "vendorProject": "Citrix", - "product": "StoreFront Server", - "vulnerabilityName": "Citrix StoreFront Server Multiple Versions XML External Entity (XXE)", - "dateAdded": "2021-11-03", - "shortDescription": "Citrix StoreFront Server contains a XXE processing vulnerability that could allow an unauthenticated attacker to retrieve potentially sensitive information.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2020-8193", - "vendorProject": "Citrix", - "product": "Application Delivery Controller (ADC), Gateway, and SDWAN WANOP", - "vulnerabilityName": "Citrix ADC, Citrix Gateway, Citrix SDWAN WANOP Unauthenticated Authorization Bypass", - "dateAdded": "2021-11-03", - "shortDescription": "Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 allows unauthenticated access to certain URL endpoints.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2020-8195", - "vendorProject": "Citrix", - "product": "Application Delivery Controller (ADC), Gateway, and SDWAN WANOP", - "vulnerabilityName": "Citrix ADC, Citrix Gateway, Citrix SDWAN WANOP Unauthenticated Authorization Bypass", - "dateAdded": "2021-11-03", - "shortDescription": "Application Delivery Controller (ADC), Gateway, and SDWAN WANOP", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2020-8196", - "vendorProject": "Citrix", - "product": "Application Delivery Controller (ADC), Gateway, and SDWAN WANOP", - "vulnerabilityName": "Citrix ADC, Citrix Gateway, Citrix SDWAN WANOP Unauthenticated Authorization Bypass", - "dateAdded": "2021-11-03", - "shortDescription": "Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 resulting in limited information disclosure to low privileged users.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2019-19781", - "vendorProject": "Citrix", - "product": "Application Delivery Controller (ADC) and Gateway", - "vulnerabilityName": "Citrix Application Delivery Controller and Citrix Gateway Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Issue in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0 allowing Directory Traversal.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2019-11634", - "vendorProject": "Citrix", - "product": "Workspace (for Windows)", - "vulnerabilityName": "Citrix Workspace (for Windows) Prior to 1904 Improper Access Control", - "dateAdded": "2021-11-03", - "shortDescription": "Citrix Workspace app and Receiver for Windows prior to version 1904 contains an incorrect access control vulnerability which allows for code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2020-29557", - "vendorProject": "D-Link", - "product": "DIR-825 R1", - "vulnerabilityName": "D-Link DIR-825 R1 Through 3.0.1 Before 11/2020 Buffer Overflow", - "dateAdded": "2021-11-03", - "shortDescription": "D-Link DIR-825 R1 devices through 3.0.1 before 2020-11-20 contain a vulnerability in the web interface allowing for remote code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2020-25506", - "vendorProject": "D-Link", - "product": "DNS-320", - "vulnerabilityName": "D-Link DNS-320 Command Injection Remote Code Execution Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "D-Link DNS-320 FW v2.06B01 Revision Ax is affected by command injection in the system_mgr.cgi component, which can lead to remote arbitrary code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2018-15811", - "vendorProject": "DNN", - "product": "DotNetNuke (DNN)", - "vulnerabilityName": "DotNetNuke 9.2-9.2.2 Encryption Algorithm Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "DNN (aka DotNetNuke) 9.2 through 9.2.1 uses a weak encryption algorithm to protect input parameters.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2018-18325", - "vendorProject": "DNN", - "product": "DotNetNuke (DNN)", - "vulnerabilityName": "DotNetNuke 9.2-9.2.2 Encryption Algorithm Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "DNN (aka DotNetNuke) 9.2 through 9.2.2 uses a weak encryption algorithm to protect input parameters. NOTE: this issue exists because of an incomplete fix for CVE-2018-15811.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2017-9822", - "vendorProject": "DNN", - "product": "DotNetNuke (DNN)", - "vulnerabilityName": "DotNetNuke before 9.1.1 Remote Code Execution Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "DNN (aka DotNetNuke) before 9.1.1 has Remote Code Execution via a cookie, aka \"2017-08 (Critical) Possible remote code execution on DNN sites.\"", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2019-15752", - "vendorProject": "Docker", - "product": "Desktop Community Edition", - "vulnerabilityName": "Docker Desktop Community Edition Privilege Escalation Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Docker Desktop Community Edition before 2.1.0.1 allows local users to gain privileges by placing a Trojan horse docker-credential-wincred.exe file in %PROGRAMDATA%\\DockerDesktop\\version-bin\\ as a low-privilege user, and then waiting for an admin or service user to authenticate with Docker, restart Docker, or run \u0027docker login\u0027 to force the command.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2020-8515", - "vendorProject": "DrayTek", - "product": "Vigor Router(s)", - "vulnerabilityName": "DrayTek Vigor Router Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "DrayTek Vigor2960 1.3.1_Beta, Vigor3900 1.4.4_Beta, and Vigor300B 1.3.3_Beta, 1.4.2.1_Beta, and 1.4.4_Beta devices allow remote code execution as root (without authentication) via shell metacharacters to the cgi-bin/mainfunction.cgi URI.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2018-7600", - "vendorProject": "Drupal", - "product": "Drupal", - "vulnerabilityName": "Drupal module configuration vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbitrary code because of an issue affecting multiple subsystems with default or common module configurations.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2021-22205", - "vendorProject": "ExifTool", - "product": "ExifTool", - "vulnerabilityName": "GitLab Community and Enterprise Editions From 11.9 Remote Code Execution Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Anyone with the ability to upload an image that goes through the GitLab Workhorse could achieve Remote Code Execution via a specially crafted file.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2018-6789", - "vendorProject": "Exim", - "product": "Exim", - "vulnerabilityName": "Exim Buffer Overflow Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Issue in the base64d function in the SMTP listener in Exim before 4.90.1. By sending a handcrafted message, a buffer overflow may happen. This can be used to execute code remotely.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2020-8657", - "vendorProject": "EyesOfNetwork", - "product": "EyesOfNetwork", - "vulnerabilityName": "EyesOfNetwork 5.3 Insufficient Credential Protection", - "dateAdded": "2021-11-03", - "shortDescription": "Issue in EyesOfNetwork 5.3. The installation uses the same API key (hardcoded as EONAPI_KEY in include/api_functions.php for API version 2.4.2) by default for all installations, hence allowing an attacker to calculate/guess the admin access token.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2020-8655", - "vendorProject": "EyesOfNetwork", - "product": "EyesOfNetwork", - "vulnerabilityName": "EyesOfNetwork 5.3 Privilege Escalation Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Issue in EyesOfNetwork 5.3. The sudoers configuration is prone to a privilege escalation vulnerability, allowing the apache user to run arbitrary commands as root via a crafted NSE script for nmap 7.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2020-5902", - "vendorProject": "F5", - "product": "BIG-IP", - "vulnerabilityName": "F5 BIG-IP Traffic Management User Interface Remote Code Execution Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has a Remote Code Execution (RCE) vulnerability in undisclosed pages.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2021-22986", - "vendorProject": "F5", - "product": "BIG-IP", - "vulnerabilityName": "F5 iControl REST unauthenticated Remote Code Execution Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "The iControl REST interface has an unauthenticated remote command execution vulnerability.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2021-35464", - "vendorProject": "ForgeRock", - "product": "Access Management server", - "vulnerabilityName": "ForgeRock Access Management Remote Code Execution Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "ForgeRock AM server before 7.0 has a Java deserialization vulnerability in the jato.pageSession parameter on multiple pages. The exploitation does not require authentication, and remote code execution can be triggered by sending a single crafted /ccversion/* request to the server.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2019-5591", - "vendorProject": "Fortinet", - "product": "FortiOS", - "vulnerabilityName": "Fortinet FortiOS Default Configuration Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "A Default Configuration vulnerability in FortiOS may allow an unauthenticated attacker on the same subnet to intercept sensitive information by impersonating the LDAP server.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2020-12812", - "vendorProject": "Fortinet", - "product": "FortiOS", - "vulnerabilityName": "Fortinet FortiOS SSL VPN 2FA Authentication Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "An improper authentication vulnerability in SSL VPN in FortiOS 6.4.0, 6.2.0 to 6.2.3, 6.0.9 and below may result in a user being able to log in successfully without being prompted for the second factor of authentication (FortiToken) if they changed the case of their username.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2018-13379", - "vendorProject": "Fortinet", - "product": "FortiOS", - "vulnerabilityName": "Fortinet FortiOS SSL VPN credential exposure vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "An Improper Limitation of a Pathname to a Restricted Directory (\"Path Traversal\") in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.3 to 5.6.7 and 5.4.6 to 5.4.12 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal allows an unauthenticated attacker to download system files via special crafted HTTP resource requests.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2020-16010", - "vendorProject": "Google", - "product": "Chrome for Android", - "vulnerabilityName": "Google Chrome for Android Heap Overflow Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Heap buffer overflow in UI in Google Chrome on Android prior to 86.0.4240.185 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2020-15999", - "vendorProject": "Google", - "product": "Chrome", - "vulnerabilityName": "Google Chrome FreeType Memory Corruption", - "dateAdded": "2021-11-03", - "shortDescription": "Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2021-21166", - "vendorProject": "Google", - "product": "Chrome", - "vulnerabilityName": "Google Chrome Heap Buffer Overflow in WebAudio Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Data race in audio in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2020-16017", - "vendorProject": "Google", - "product": "Chrome", - "vulnerabilityName": "Google Chrome Site Isolation Component Use-After-Free Remote Code Execution vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Use after free in site isolation in Google Chrome prior to 86.0.4240.198 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2021-37976", - "vendorProject": "Google", - "product": "Chrome", - "vulnerabilityName": "Google Chrome Information Leakage", - "dateAdded": "2021-11-03", - "shortDescription": "Information disclosure in Google Chrome that exists due to excessive data output in core.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2020-16009", - "vendorProject": "Google", - "product": "Chromium V8 Engine", - "vulnerabilityName": "Chromium V8 Implementation Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2021-30632", - "vendorProject": "Google", - "product": "Chrome", - "vulnerabilityName": "Google Chrome Out-of-bounds write", - "dateAdded": "2021-11-03", - "shortDescription": "Google Chrome out-of-bounds write that allows to execute arbitrary code on the target system.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2020-16013", - "vendorProject": "Google", - "product": "Chromium V8 Engine", - "vulnerabilityName": "Chromium V8 Incorrect Implementation Vulnerabililty", - "dateAdded": "2021-11-03", - "shortDescription": "Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.198 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2021-30633", - "vendorProject": "Google", - "product": "Chrome", - "vulnerabilityName": "Google Chrome Use-After-Free Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Google Chrome Use-After-Free vulnerability", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2021-21148", - "vendorProject": "Google", - "product": "Chromium V8 Engine", - "vulnerabilityName": "Chromium V8 JavaScript Rendering Engine Heap Buffer Overflow Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Heap buffer overflow in V8 in Google Chrome prior to 88.0.4324.150 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2021-37973", - "vendorProject": "Google", - "product": "Chrome", - "vulnerabilityName": "Google Chrome Use-After-Free Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Use-after-free weakness in Portals, Google\u0027s new web page navigation system for Chrome. Successful exploitation can let attackers to execute code.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2021-30551", - "vendorProject": "Google", - "product": "Chromium V8 Engine", - "vulnerabilityName": "Chromium V8 Type Confusion Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Type confusion in V8 in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2021-37975", - "vendorProject": "Google", - "product": "Chrome", - "vulnerabilityName": "Google Chrome Use-After-Free Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Google Chrome use-after-free error within the V8 browser engine.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2020-6418", - "vendorProject": "Google", - "product": "Chromium V8 Engine", - "vulnerabilityName": "Chromium V8 Type Confusion Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Type confusion in V8 in Google Chrome prior to 80.0.3987.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2021-30554", - "vendorProject": "Google", - "product": "Chrome", - "vulnerabilityName": "Google Chrome WebGL Use-After-Free Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Use after free in WebGL in Google Chrome prior to 91.0.4472.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2021-21206", - "vendorProject": "Google", - "product": "Chromium Blink", - "vulnerabilityName": "Chromium Blink Use-After-Free Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Use after free in Blink in Google Chrome prior to 89.0.4389.128 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2021-38000", - "vendorProject": "Google", - "product": "Chromium", - "vulnerabilityName": "Google Chromium Improper Input Validation Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Google Chromium Intents contains an improper input validation vulnerability that allows a remote attacker to navigate to a malicious URL via a crafted HTML page.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2021-38003", - "vendorProject": "Google", - "product": "Chromium V8 Engine", - "vulnerabilityName": "Google Chromium V8 Engine Memory Corruption Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Google Chromium V8 Engine contains a memory corruption vulnerability due to a bug in JSON.stringify.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2021-21224", - "vendorProject": "Google", - "product": "Chromium V8 Engine", - "vulnerabilityName": "Chromium V8 JavaScript Engine Remote Code Execution Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Type confusion in V8 in Google Chrome prior to 90.0.4430.85 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2021-21193", - "vendorProject": "Google", - "product": "Chromium V8 Engine", - "vulnerabilityName": "Chromium V8 Use-After-Free Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Use after free in Blink in Google Chrome prior to 89.0.4389.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2021-21220", - "vendorProject": "Google", - "product": "Chromium V8 Engine", - "vulnerabilityName": "Chromium V8 Input Validation Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Insufficient validation of untrusted input in V8 in Google Chrome prior to 89.0.4389.128 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2021-30563", - "vendorProject": "Google", - "product": "Chrome", - "vulnerabilityName": "Google Chrome Browser V8 Arbitrary Code Execution", - "dateAdded": "2021-11-03", - "shortDescription": "Type Confusion in V8 in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2020-4430", - "vendorProject": "IBM", - "product": "IBM Data Risk Manager", - "vulnerabilityName": "IBM Data Risk Manager Arbritary File Download", - "dateAdded": "2021-11-03", - "shortDescription": "IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, and 2.0.4 could allow a remote authenticated attacker to traverse directories on the system. An attacker could send a specially-crafted URL request to download arbitrary files from the system. IBM X-Force ID: 180535.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2020-4427", - "vendorProject": "IBM", - "product": "IBM Data Risk Manager", - "vulnerabilityName": "IBM Data Risk Manager Authentication Bypass", - "dateAdded": "2021-11-03", - "shortDescription": "IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and 2.0.6 could allow a remote attacker to bypass security restrictions when configured with SAML authentication. By sending a specially crafted HTTP request, an attacker could exploit this vulnerability to bypass the authentication process and gain full administrative access to the system. IBM X-Force ID: 180532.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2020-4428", - "vendorProject": "IBM", - "product": "IBM Data Risk Manager", - "vulnerabilityName": "IBM Data Risk Manager Command Injection", - "dateAdded": "2021-11-03", - "shortDescription": "IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, and 2.0.4 could allow a remote authenticated attacker to execute arbitrary commands on the system. IBM X-Force ID: 180533.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2019-4716", - "vendorProject": "IBM", - "product": "IBM Planning Analytics", - "vulnerabilityName": "IBM Planning Analytics configuration overwrite vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "IBM Planning Analytics 2.0.0 through 2.0.8 is vulnerable to a configuration overwrite that allows an unauthenticated user to login as \"admin\", and then execute code as root or SYSTEM via TM1 scripting. IBM X-Force ID: 172094.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2016-3715", - "vendorProject": "ImageMagick", - "product": "ImageMagick", - "vulnerabilityName": "ImageMagick Ephemeral Coder Arbitrary File Deletion Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2016-3718", - "vendorProject": "ImageMagick", - "product": "ImageMagick", - "vulnerabilityName": "ImageMagick SSRF Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted image.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2020-15505", - "vendorProject": "Ivanti", - "product": "MobileIron Core \u0026 Connector", - "vulnerabilityName": "MobileIron Core, Connector, Sentry, and RDM Remote Code Execution Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "A remote code execution vulnerability that allows remote attackers to execute arbitrary code via unspecified vectors.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2021-30116", - "vendorProject": "Kaseya", - "product": "Kaseya VSA", - "vulnerabilityName": "Kaseya VSA Remote Code Execution Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Kaseya VSA before 9.5.7 allows credential disclosure, as exploited in the wild in July 2021.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2020-7961", - "vendorProject": "LifeRay", - "product": "Liferay Portal", - "vulnerabilityName": "Liferay Portal prior to 7.2.1 CE GA2 Remote Code Execution Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Deserialization of Untrusted Data in Liferay Portal prior to 7.2.1 CE GA2 allows remote attackers to execute arbitrary code via JSON web services (JSONWS).", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2021-23874", - "vendorProject": "McAfee", - "product": "McAfee Total Protection (MTP)", - "vulnerabilityName": "McAfee Total Protection MTP Arbitrary Process Execution", - "dateAdded": "2021-11-03", - "shortDescription": "Arbitrary Process Execution vulnerability in McAfee Total Protection (MTP) prior to 16.0.30 allows a local user to gain elevated privileges and execute arbitrary code bypassing MTP self-defense.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2021-22506", - "vendorProject": "Micro Focus", - "product": "Micro Focus Access Manager", - "vulnerabilityName": "Micro Focus Access Manager Earlier Than 5.0 Information Leakage", - "dateAdded": "2021-11-03", - "shortDescription": "Micro Focus Access Manager versions prior to 5.0 contain a vulnerability which allows for information leakage.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2021-22502", - "vendorProject": "Micro Focus", - "product": "Micro Focus Operation Bridge Reporter (OBR)", - "vulnerabilityName": "Micro Focus Operation Bridge Report (OBR) Server Remote Code Execution Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Remote Code execution vulnerability in Micro Focus Operation Bridge Reporter (OBR) product, affecting version 10.40. The vulnerability could be exploited to allow Remote Code Execution on the OBR server.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2014-1812", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows Group Policy Privilege Escalation", - "dateAdded": "2021-11-03", - "shortDescription": "Allows remote authenticated users to obtain sensitive credential information and consequently gain privileges by leveraging access to the SYSVOL share, as exploited in the wild in May 2014, aka \"Group Policy Preferences Password Elevation of Privilege Vulnerability.\"", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2021-38647", - "vendorProject": "Microsoft", - "product": "Microsoft Azure Open Management Infrastructure (OMI)", - "vulnerabilityName": "Microsoft Azure Open Management Infrastructure (OMI) Remote Code Execution Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Azure Open Management Infrastructure Remote Code Execution Vulnerability", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2016-0167", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows Kernel \u0027Win32k.sys\u0027 Local Privilege Escalation Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "The kernel-mode driver allows local users to gain privileges via a crafted application, aka \"Win32k Elevation of Privilege Vulnerability,\" a different vulnerability than CVE-2016-0143 and CVE-2016-0165.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2020-0878", - "vendorProject": "Microsoft", - "product": "Microsoft Edge, Internet Explorer", - "vulnerabilityName": "Microsoft Browser Memory Corruption Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2021-31955", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows Kernel Information Disclosure Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Windows Kernel Information Disclosure Vulnerability", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2021-1647", - "vendorProject": "Microsoft", - "product": "Microsoft Defender", - "vulnerabilityName": "Microsoft Defender Remote Code Execution Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Microsoft Defender Remote Code Execution Vulnerability", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2021-33739", - "vendorProject": "Microsoft", - "product": "Microsoft Desktop Window Manager (DWM)", - "vulnerabilityName": "Microsoft DWM Core Library Privilege Escalation Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Microsoft Desktop Window Manager (DWM) Core Library Privilege Escalation Vulnerability", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2016-0185", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows Media Center Remote Code Execution vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Media Center allows remote attackers to execute arbitrary code via a crafted Media Center link (aka .mcl) file, aka \"Windows Media Center Remote Code Execution Vulnerability.\"", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2020-0683", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows Installer Privilege Escalation Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "A privilege escalation vulnerability exists in the Windows Installer when MSI packages process symbolic links, aka \u0027Windows Installer Elevation of Privilege Vulnerability\u0027. This CVE ID is unique from CVE-2020-0686.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2020-17087", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows Kernel Cryptography Driver Privilege Escalation Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Windows Kernel Local Privilege Escalation Vulnerability", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2021-33742", - "vendorProject": "Microsoft", - "product": "Microsoft MSHTML", - "vulnerabilityName": "Microsoft MSHTML Platform Remote Code Execution Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Microsoft MSHTML Remote Code Execution Vulnerability", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2021-31199", - "vendorProject": "Microsoft", - "product": "Microsoft Enhanced Cryptographic Provider", - "vulnerabilityName": "Microsoft Enhanced Cryptographic Provider Privilege Escalation Vulnerabilities", - "dateAdded": "2021-11-03", - "shortDescription": "Microsoft Enhanced Cryptographic Provider Privilege Escalation Vulnerability. This CVE ID is unique from CVE-2021-31201.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2021-33771", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows Kernel Privilege Escalation Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Windows Kernel Privilege Escalation Vulnerability. This CVE ID is unique from CVE-2021-31979, CVE-2021-34514.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2021-31956", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows NTFS Privilege Escalation Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Windows NTFS Privilege Escalation Vulnerability", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2021-31201", - "vendorProject": "Microsoft", - "product": "Microsoft Enhanced Cryptographic Provider", - "vulnerabilityName": "Microsoft Enhanced Cryptographic Provider Privilege Escalation Vulnerabilities", - "dateAdded": "2021-11-03", - "shortDescription": "Microsoft Enhanced Cryptographic Provider Privilege Escalation Vulnerability. This CVE ID is unique from CVE-2021-31199.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2021-31979", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows Kernel Privilege Escalation Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Windows Kernel Privilege Escalation Vulnerability. This CVE ID is unique from CVE-2021-33771, CVE-2021-34514.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2020-0938", - "vendorProject": "Microsoft", - "product": "Windows, Windows Adobe Type Manager Library", - "vulnerabilityName": "Microsoft Windows Type 1 Font Parsing Remote Code Execution Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles a specially-crafted multi-master font - Adobe Type 1 PostScript format. This CVE ID is unique from CVE-2020-1020.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2020-17144", - "vendorProject": "Microsoft", - "product": "Microsoft Exchange Server", - "vulnerabilityName": "Microsoft Exchange Remote Code Execution Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Microsoft Exchange Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2020-17117, CVE-2020-17132, CVE-2020-17141, CVE-2020-17142.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2020-0986", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows Kernel Privilege Escalation Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "A privilege escalation vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka \u0027Windows Kernel Elevation of Privilege Vulnerability\u0027. This CVE ID is unique from CVE-2020-1237, CVE-2020-1246, CVE-2020-1262, CVE-2020-1264, CVE-2020-1266, CVE-2020-1269, CVE-2020-1273, CVE-2020-1274, CVE-2020-1275, CVE-2020-1276, CVE-2020-1307, CVE-2020-1316.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2020-1020", - "vendorProject": "Microsoft", - "product": "Windows, Windows Adobe Type Manager Library", - "vulnerabilityName": "Microsoft Windows Type 1 Font Parsing Remote Code Execution Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles a specially-crafted multi-master font - Adobe Type 1 PostScript format. This CVE ID is unique from CVE-2020-0938.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2021-38645", - "vendorProject": "Microsoft", - "product": "Microsoft Azure Open Management Infrastructure (OMI)", - "vulnerabilityName": "Microsoft Azure Open Management Infrastructure (OMI) Privilege Escalation Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Open Management Infrastructure Privilege Escalation Vulnerability", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2021-34523", - "vendorProject": "Microsoft", - "product": "Microsoft Exchange Server", - "vulnerabilityName": "Microsoft Exchange Server Privilege Escalation Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Microsoft Exchange Server Privilege Escalation Vulnerability. This CVE ID is unique from CVE-2021-33768, CVE-2021-34470.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2017-7269", - "vendorProject": "Microsoft", - "product": "Internet Information Services (IIS)", - "vulnerabilityName": "Microsft Windows Server 2003 R2 IIS WEBDAV buffer overflow Remote Code Execution vulnerability (COVID-19-CTI list)", - "dateAdded": "2021-11-03", - "shortDescription": "Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via a long header beginning with \"If: \u003chttp://\" in a PROPFIND request.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2021-36948", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows Update Medic Service Privilege Escalation Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Windows Update Medic Service Privilege Escalation Vulnerability", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2021-38649", - "vendorProject": "Microsoft", - "product": "Microsoft Azure Open Management Infrastructure (OMI)", - "vulnerabilityName": "Microsoft Azure Open Management Infrastructure (OMI) Privilege Escalation Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Open Management Infrastructure Privilege Escalation Vulnerability", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2020-0688", - "vendorProject": "Microsoft", - "product": "Microsoft Exchange Server", - "vulnerabilityName": "Microsoft Exchange Server Key Validation Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka \u0027Microsoft Exchange Memory Corruption Vulnerability\u0027.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2017-0143", - "vendorProject": "Microsoft", - "product": "SMBv1 server", - "vulnerabilityName": "Microsoft Windows SMBv1 Remote Code Execution Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "The SMBv1 server allows remote attackers to execute arbitrary code via crafted packets, aka \"Windows SMB Remote Code Execution Vulnerability.\" This vulnerability is different from those described in CVE-2017-0144, CVE-2017-0145, CVE-2017-0146, and CVE-2017-0148.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2016-7255", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows Vista, 7, 8.1, 10 and Windows Server 2008, 2012, and 2016 Win32k Privilege Escalation Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "The kernel-mode drivers allow local users to gain privileges via a crafted application, aka \"Win32k Elevation of Privilege Vulnerability\"", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2019-0708", - "vendorProject": "Microsoft", - "product": "Remote Desktop Services", - "vulnerabilityName": "\"BlueKeep\" Microsoft Windows Remote Desktop Remote Code Execution Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2021-34473", - "vendorProject": "Microsoft", - "product": "Microsoft Exchange Server", - "vulnerabilityName": "Microsoft Exchange Server Remote Code Execution Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Microsoft Exchange Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2021-31196, CVE-2021-31206.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2020-1464", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows Spoofing Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "A spoofing vulnerability exists when Windows incorrectly validates file signatures.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2021-1732", - "vendorProject": "Microsoft", - "product": "Win32k", - "vulnerabilityName": "Microsoft Win32k Privilege Escalation Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Windows Win32k Privilege Escalation Vulnerability. This CVE ID is unique from CVE-2021-1698.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2021-34527", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "\"PrintNightmare\" - Microsoft Windows Print Spooler Remote Code Execution Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Windows Print Spooler Remote Code Execution Vulnerability", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-07-20", - "notes": "Reference CISA\u0027s ED 21-04 (https://www.cisa.gov/emergency-directive-21-04) for further guidance and requirements." - }, - { - "cveID": "CVE-2021-31207", - "vendorProject": "Microsoft", - "product": "Microsoft Exchange Server", - "vulnerabilityName": "Microsoft Exchange Server Security Feature Bypass Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Microsoft Exchange Server Security Feature Bypass Vulnerability", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2019-0803", - "vendorProject": "Microsoft", - "product": "Win32k", - "vulnerabilityName": "Microsoft Win32k Escalation Kernel Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka \u0027Win32k Elevation of Privilege Vulnerability\u0027. This CVE ID is unique from CVE-2019-0685, CVE-2019-0859.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2020-1040", - "vendorProject": "Microsoft", - "product": "Hyper-V RemoteFX vGPU", - "vulnerabilityName": "Hyper-V RemoteFX vGPU Remote Code Execution Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "A remote code execution vulnerability exists when Hyper-V RemoteFX vGPU on a host server fails to properly validate input from an authenticated user on a guest operating system. This CVE ID is unique from CVE-2020-1032, CVE-2020-1036, CVE-2020-1041, CVE-2020-1042, CVE-2020-1043.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2021-28310", - "vendorProject": "Microsoft", - "product": "Win32k", - "vulnerabilityName": "Microsoft Win32k Privilege Escalation Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Win32k Privilege Escalation Vulnerability. This CVE ID is unique from CVE-2021-27072.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2020-1350", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "\"SigRed\" - Microsoft Windows Domain Name System (DNS) Server Remote Code Execution Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "A remote code execution vulnerability exists in Windows Domain Name System servers when they fail to properly handle requests.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2020-07-24", - "notes": "Reference CISA\u0027s ED 20-03 (https://www.cisa.gov/emergency-directive-20-03) for further guidance and requirements." - }, - { - "cveID": "CVE-2021-26411", - "vendorProject": "Microsoft", - "product": "Microsoft Edge, Internet Explorer", - "vulnerabilityName": "Microsoft Internet Explorer and Edge Memory Corruption Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Internet Explorer Memory Corruption Vulnerability", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2019-0859", - "vendorProject": "Microsoft", - "product": "Win32k", - "vulnerabilityName": "Microsoft Win32k Escalation Kernel Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka \u0027Win32k Elevation of Privilege Vulnerability\u0027. This CVE ID is unique from CVE-2019-0685, CVE-2019-0803.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2021-40444", - "vendorProject": "Microsoft", - "product": "Microsoft MSHTML", - "vulnerabilityName": "Microsoft Windows, Server (spec. IE) All Arbitrary Code Execution", - "dateAdded": "2021-11-03", - "shortDescription": "Microsoft MSHTML Remote Code Execution Vulnerability", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2017-8759", - "vendorProject": "Microsoft", - "product": "Microsoft .NET Framework", - "vulnerabilityName": ".NET Framework Remote Code Execution vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Microsoft .NET Framework 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allow an attacker to execute code remotely via a malicious document or application.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2018-8653", - "vendorProject": "Microsoft", - "product": "Internet Explorer Scripting Engine", - "vulnerabilityName": "Microsoft Internet Explorer Scripting Engine JScript Memory Corruption Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka \"Scripting Engine Memory Corruption Vulnerability.\" This CVE ID is unique from CVE-2018-8643.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2019-0797", - "vendorProject": "Microsoft", - "product": "Win32k", - "vulnerabilityName": "Microsoft Win32k.sys Driver Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka \u0027Win32k Elevation of Privilege Vulnerability\u0027. This CVE ID is unique from CVE-2019-0808.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2021-36942", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows Local Security Authority (LSA) Spoofing", - "dateAdded": "2021-11-03", - "shortDescription": "Windows Local Security Authority (LSA) Spoofing Vulnerability \"PetitPotam\"", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2019-1215", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows Winsock (ws2ifsl.sys) Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "A privilege escalation vulnerability exists in the way that ws2ifsl.sys (Winsock) handles objects in memory, aka \u0027Windows Elevation of Privilege Vulnerability\u0027. This CVE ID is unique from CVE-2019-1253, CVE-2019-1278, CVE-2019-1303.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2018-0798", - "vendorProject": "Microsoft", - "product": "Office", - "vulnerabilityName": "Microsoft Office 2007 - 2016 Backdoor Exploitation Chain", - "dateAdded": "2021-11-03", - "shortDescription": "Allows a remote code execution vulnerability due to the way objects are handled in memory, aka \"Microsoft Office Memory Corruption Vulnerability\".", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2018-0802", - "vendorProject": "Microsoft", - "product": "Office", - "vulnerabilityName": "Microsoft Office 2007 - 2016 Backdoor Exploitation Chain", - "dateAdded": "2021-11-03", - "shortDescription": "Allows a remote code execution vulnerability due to the way objects are handled in memory, aka \"Microsoft Office Memory Corruption Vulnerability\". This CVE is unique from CVE-2018-0797 and CVE-2018-0812.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2012-0158", - "vendorProject": "Microsoft", - "product": "MSCOMCTL.OCX", - "vulnerabilityName": "Microsoft MSCOMCTL.OCX Remote Code Execution Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Allows remote attackers to execute arbitrary code via a crafted (a) web site, (b) Office document, or (c) .rtf file that triggers \"system state\" corruption, as exploited in the wild in April 2012, aka \"MSCOMCTL.OCX Remote Code Execution Vulnerability.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2015-1641", - "vendorProject": "Microsoft", - "product": "Office", - "vulnerabilityName": "Microsoft Office Memory Corruption vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Allows remote attackers to execute arbitrary code via a crafted RTF document, aka \"Microsoft Office Memory Corruption Vulnerability.\"", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2021-27085", - "vendorProject": "Microsoft", - "product": "Internet Explorer", - "vulnerabilityName": "Internet Explorer 11 Remote Code Execution Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Internet Explorer Remote Code Execution Vulnerability", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2019-0541", - "vendorProject": "Microsoft", - "product": "MSHTML engine", - "vulnerabilityName": "Microsoft MSHTML Engine Remote Code Execution Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "A remote code execution vulnerability exists in the way that the MSHTML engine improperly validates input, aka \"MSHTML Engine Remote Code Execution Vulnerability.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2017-11882", - "vendorProject": "Microsoft", - "product": "Office", - "vulnerabilityName": "Microsoft Office memory corruption vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Allows an attacker to run arbitrary code in the context of the current user by failing to properly handle objects in memory, aka \"Microsoft Office Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2017-11884.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2020-0674", - "vendorProject": "Microsoft", - "product": "Internet Explorer Scripting Engine", - "vulnerabilityName": "Internet Explorer 9-11 Scripting Engine Memory Corruption Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. This CVE ID is unique from CVE-2020-0673, CVE-2020-0710, CVE-2020-0711, CVE-2020-0712, CVE-2020-0713, CVE-2020-0767.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2021-27059", - "vendorProject": "Microsoft", - "product": "Office", - "vulnerabilityName": "Microsoft Office Remote Code Execution Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Microsoft Office Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2021-24108, CVE-2021-27057.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2019-1367", - "vendorProject": "Microsoft", - "product": "Internet Explorer Scripting Engine", - "vulnerabilityName": "Internet Explorer 9-11 Scripting Engine Memory Corruption Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. This CVE ID is unique from CVE-2019-1221.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2017-0199", - "vendorProject": "Microsoft", - "product": "Windows, Windows Server, Office", - "vulnerabilityName": "Microsoft Office/WordPad Remote Code Execution Vulnerability with Windows API", - "dateAdded": "2021-11-03", - "shortDescription": "Allows remote attackers to execute arbitrary code via a crafted document, aka \"Microsoft Office/WordPad Remote Code Execution Vulnerability w/Windows API.\"", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2020-1380", - "vendorProject": "Microsoft", - "product": "Internet Explorer", - "vulnerabilityName": "Scripting Engine Memory Corruption Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2020-1555, CVE-2020-1570.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2019-1429", - "vendorProject": "Microsoft", - "product": "Internet Explorer Scripting Engine", - "vulnerabilityName": "Internet Explorer 9-11 Scripting Engine Memory Corruption Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. This CVE ID is unique from CVE-2019-1426, CVE-2019-1427, CVE-2019-1428.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2017-11774", - "vendorProject": "Microsoft", - "product": "Microsoft Outlook", - "vulnerabilityName": "Microsoft Outlook Security Feature Bypass Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Allows an attacker to execute arbitrary commands, due to how Microsoft Office handles objects in memory, aka \"Microsoft Outlook Security Feature Bypass Vulnerability.\"", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2020-0968", - "vendorProject": "Microsoft", - "product": "Internet Explorer Scripting Engine", - "vulnerabilityName": "Internet Explorer Scripting Engine Memory Corruption Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. This CVE ID is unique from CVE-2020-0970.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2020-1472", - "vendorProject": "Microsoft", - "product": "Netlogon Remote Protocol (MS-NRPC)", - "vulnerabilityName": "NetLogon Privilege Escalation Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "A privilege escalation vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC), aka \u0027Netlogon Elevation of Privilege Vulnerability\u0027.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2020-09-21", - "notes": "Reference CISA\u0027s ED 20-03 (https://www.cisa.gov/emergency-directive-20-03) for further guidance and requirements." - }, - { - "cveID": "CVE-2021-26855", - "vendorProject": "Microsoft", - "product": "Microsoft Exchange Server", - "vulnerabilityName": "Microsoft OWA Exchange Control Panel (ECP) Exploit Chain", - "dateAdded": "2021-11-03", - "shortDescription": "Microsoft Exchange Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2021-26412, CVE-2021-26854, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065, CVE-2021-27078.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-04-16", - "notes": "Reference CISA\u0027s ED 21-02 (https://www.cisa.gov/emergency-directive-21-02) for further guidance and requirements." - }, - { - "cveID": "CVE-2021-26858", - "vendorProject": "Microsoft", - "product": "Microsoft Exchange Server", - "vulnerabilityName": "Microsoft OWA Exchange Control Panel (ECP) Exploit Chain", - "dateAdded": "2021-11-03", - "shortDescription": "Microsoft Exchange Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2021-26412, CVE-2021-26854, CVE-2021-26855, CVE-2021-26857, CVE-2021-27065, CVE-2021-27078.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-04-16", - "notes": "Reference CISA\u0027s ED 21-02 (https://www.cisa.gov/emergency-directive-21-02) for further guidance and requirements." - }, - { - "cveID": "CVE-2021-27065", - "vendorProject": "Microsoft", - "product": "Microsoft Exchange Server", - "vulnerabilityName": "Microsoft OWA Exchange Control Panel (ECP) Exploit Chain", - "dateAdded": "2021-11-03", - "shortDescription": "Microsoft Exchange Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2021-26412, CVE-2021-26854, CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27078.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-04-16", - "notes": "Reference CISA\u0027s ED 21-02 (https://www.cisa.gov/emergency-directive-21-02) for further guidance and requirements." - }, - { - "cveID": "CVE-2020-1054", - "vendorProject": "Microsoft", - "product": "Win32k", - "vulnerabilityName": "Microsoft Win32k Privilege Escalation Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "A privilege escalation vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2021-1675", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows Print Spooler Remote Code Execution Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Windows Print Spooler Privilege Escalation Vulnerability", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2021-34448", - "vendorProject": "Microsoft", - "product": "Scripting Engine", - "vulnerabilityName": "Microsoft Scripting Engine Memory Corruption Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Scripting Engine Memory Corruption Vulnerability", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2020-0601", - "vendorProject": "Microsoft", - "product": "Windows CryptoAPI", - "vulnerabilityName": "Microsoft Windows 10 API/ECC Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates. An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source, aka \u0027Windows CryptoAPI Spoofing Vulnerability\u0027.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2020-01-29", - "notes": "Reference CISA\u0027s ED 20-02 (https://www.cisa.gov/emergency-directive-20-02) for further guidance and requirements." - }, - { - "cveID": "CVE-2019-0604", - "vendorProject": "Microsoft", - "product": "SharePoint", - "vulnerabilityName": "Microsoft SharePoint Remote Code Execution Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka \u0027Microsoft SharePoint Remote Code Execution Vulnerability\u0027. This CVE ID is unique from CVE-2019-0594.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2020-0646", - "vendorProject": "Microsoft", - "product": "Microsoft .NET Framework", - "vulnerabilityName": "Microsoft .NET Framework Remote Code Execution Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly, aka \u0027.NET Framework Remote Code Execution Injection Vulnerability\u0027.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2019-0808", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows 7 win32k.sys Driver Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka \u0027Win32k Elevation of Privilege Vulnerability\u0027. This CVE ID is unique from CVE-2019-0797.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2021-26857", - "vendorProject": "Microsoft", - "product": "Microsoft Exchange Server", - "vulnerabilityName": "Microsoft Unified Messaging Deserialization Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Microsoft Exchange Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2021-26412, CVE-2021-26854, CVE-2021-26855, CVE-2021-26858, CVE-2021-27065, CVE-2021-27078.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-04-16", - "notes": "Reference CISA\u0027s ED 21-02 (https://www.cisa.gov/emergency-directive-21-02) for further guidance and requirements." - }, - { - "cveID": "CVE-2020-1147", - "vendorProject": "Microsoft", - "product": "Microsoft .NET Framework, Microsoft SharePoint, Visual Studio", - "vulnerabilityName": "Microsoft .NET Framework, SharePoint Server, and Visual Studio Remote Code Execution Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "A remote code execution vulnerability exists in .NET Framework, Microsoft SharePoint, and Visual Studio when the software fails to check the source markup of XML file input.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2019-1214", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows Common Log File System (CLFS) Driver Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "A privilege escalation vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory, aka \u0027Windows Common Log File System Driver Elevation of Privilege Vulnerability\u0027.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2016-3235", - "vendorProject": "Microsoft", - "product": "Microsoft Visio/Office", - "vulnerabilityName": "Microsoft Visio/Office OLE DLL Side Loading vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Allows local users to gain privileges via a crafted application, aka \"Microsoft Office OLE DLL Side Loading Vulnerability.\"", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2019-0863", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows Error Reporting (WER) Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "A privilege escalation vulnerability exists in the way Windows Error Reporting (WER) handles files, aka \u0027Windows Error Reporting Elevation of Privilege Vulnerability\u0027.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2021-36955", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows Common Log File System (CLFS) Driver Privilege Escalation Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Microsoft Windows Common Log File System Driver contains an unspecified vulnerability which allows for privilege escalation.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2021-38648", - "vendorProject": "Microsoft", - "product": "Microsoft Azure Open Management Infrastructure (OMI)", - "vulnerabilityName": "Microsoft Azure Open Management Infrastructure (OMI) Privilege Escalation Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Open Management Infrastructure Privilege Escalation Vulnerability", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2020-6819", - "vendorProject": "Mozilla", - "product": "nsDocShell destructor", - "vulnerabilityName": "Mozilla Firefox 74 and Firefox ESR 68.6 nsDocShell vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "A race condition can cause a use-after-free when running the nsDocShell destructor. This vulnerability affects Thunderbird \u003c 68.7.0, Firefox \u003c 74.0.1, and Firefox ESR \u003c 68.6.1.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2020-6820", - "vendorProject": "Mozilla", - "product": "ReadableStream", - "vulnerabilityName": "Mozilla Firefox 74 and Firefox ESR 68.6 ReadableStream vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "A race condition can cause a use-after-free when handling a ReadableStream. This vulnerability affects Thunderbird \u003c 68.7.0, Firefox \u003c 74.0.1, and Firefox ESR \u003c 68.6.1.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2019-17026", - "vendorProject": "Mozilla", - "product": "IonMonkey JIT compiler", - "vulnerabilityName": "Mozilla Firefox IonMonkey JIT compiler Type Confusion Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Incorrect alias information in IonMonkey JIT compiler for setting array elements could lead to a type confusion. This vulnerability affects Firefox ESR \u003c 68.4.1, Thunderbird \u003c 68.4.1, and Firefox \u003c 72.0.1", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2019-15949", - "vendorProject": "Nagios", - "product": "Nagios XI", - "vulnerabilityName": "Nagios XI Remote Code Execution Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "The exploit requires access to the server as the nagios user, or access as the admin user via the web interface. The getprofile.sh script, invoked by downloading a system profile (profile.php?cmd=download), is executed as root via a passwordless sudo entry; the script executes check_plugin, which is owned by the nagios user", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2020-26919", - "vendorProject": "Netgear", - "product": "NETGEAR JGS516PE devices", - "vulnerabilityName": "Netgear ProSAFE Plus JGS516PE Remote Code Execution vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "NETGEAR JGS516PE devices before 2.6.0.43 are affected by lack of access control at the function level.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2019-19356", - "vendorProject": "Netis", - "product": "Netis WF2419", - "vulnerabilityName": "Netis WF2419 Router Tracert Remote Code Execution vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Netis WF2419 is vulnerable to authenticated Remote Code Execution (RCE) as root through the router Web management page. The vulnerability has been found in firmware version V1.2.31805 and V2.2.36123", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2020-2555", - "vendorProject": "Oracle", - "product": "Oracle Coherence", - "vulnerabilityName": "Oracle Coherence Deserialization Remote Code Execution", - "dateAdded": "2021-11-03", - "shortDescription": "Allows unauthenticated attacker with network access via T3 to compromise Oracle Coherence. Successful attacks of this vulnerability can result in takeover of Oracle Coherence", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2012-3152", - "vendorProject": "Oracle", - "product": "Oracle Reports Developer", - "vulnerabilityName": "Oracle Reports Developer Arbitrary File Read and Upload vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Allows remote attackers to affect confidentiality and integrity via unknown vectors related to Report Server Component.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2020-14871", - "vendorProject": "Oracle", - "product": "Oracle Solaris", - "vulnerabilityName": "Oracle Solaris Pluggable Authentication Module vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Solaris.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2015-4852", - "vendorProject": "Oracle", - "product": "Oracle WebLogic Server", - "vulnerabilityName": "Oracle WebLogic Server Remote Code Execution Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Allows remote attackers to execute arbitrary commands via a crafted serialized Java object in T3 protocol traffic to TCP port 7001, related to oracle_common/modules/com.bea.core.apache.commons.collections.jar.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2020-14750", - "vendorProject": "Oracle", - "product": "Oracle WebLogic Server", - "vulnerabilityName": "Oracle WebLogic Server Remote Code Execution Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2020-14882", - "vendorProject": "Oracle", - "product": "Oracle WebLogic Server", - "vulnerabilityName": "Oracle WebLogic Server Remote Code Execution Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2020-14883", - "vendorProject": "Oracle", - "product": "Oracle WebLogic Server", - "vulnerabilityName": "Oracle WebLogic Server Remote Code Execution Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle WebLogic Server.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2020-8644", - "vendorProject": "PlaySMS", - "product": "PlaySMS", - "vulnerabilityName": "PlaySMS Remote Code Execution Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "PlaySMS before 1.4.3 does not sanitize inputs from a malicious string.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2019-18935", - "vendorProject": "Progess", - "product": "ASP.NET AJAX", - "vulnerabilityName": "Progress Telerik UI for ASP.NET deserialization bug", - "dateAdded": "2021-11-03", - "shortDescription": "Contains a .NET deserialization vulnerability in the RadAsyncUpload function that can result in remote code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2021-22893", - "vendorProject": "Pulse Secure", - "product": "Pulse Connect Secure", - "vulnerabilityName": "Pulse Connect Secure Remote Code Execution Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Vulnerability to an authentication bypass vulnerability exposed by the Windows File Share Browser and Pulse Secure Collaboration features of Pulse Connect Secure that can allow an unauthenticated user to perform remote arbitrary code execution on the Pulse Connect Secure gateway.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-04-23", - "notes": "Reference CISA\u0027s ED 21-03 (https://www.cisa.gov/emergency-directive-21-03) for further guidance and requirements." - }, - { - "cveID": "CVE-2020-8243", - "vendorProject": "Pulse Secure", - "product": "Pulse Connect Secure", - "vulnerabilityName": "Pulse Connect Secure Arbitrary Code Execution", - "dateAdded": "2021-11-03", - "shortDescription": "A vulnerability in the Pulse Connect Secure \u003c 9.1R8.2 admin web interface could allow an authenticated attacker to upload custom template to perform an arbitrary code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-04-23", - "notes": "Reference CISA\u0027s ED 21-03 (https://www.cisa.gov/emergency-directive-21-03) for further guidance and requirements." - }, - { - "cveID": "CVE-2021-22900", - "vendorProject": "Pulse Secure", - "product": "Pulse Connect Secure", - "vulnerabilityName": "Pulse Connect Secure Arbitrary File Upload Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "A vulnerability allowed multiple unrestricted uploads in Pulse Connect Secure before 9.1R11.4 that could lead to an authenticated administrator to perform a file write via a maliciously crafted archive upload in the administrator web interface.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-04-23", - "notes": "Reference CISA\u0027s ED 21-03 (https://www.cisa.gov/emergency-directive-21-03) for further guidance and requirements." - }, - { - "cveID": "CVE-2021-22894", - "vendorProject": "Pulse Secure", - "product": "Pulse Connect Secure", - "vulnerabilityName": "Pulse Connect Secure Collaboration Suite Remote Code Execution Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "A buffer overflow vulnerability exists in Pulse Connect Secure before 9.1R11.4 allows a remote authenticated attacker to execute arbitrary code as the root user via maliciously crafted meeting room.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-04-23", - "notes": "Reference CISA\u0027s ED 21-03 (https://www.cisa.gov/emergency-directive-21-03) for further guidance and requirements." - }, - { - "cveID": "CVE-2020-8260", - "vendorProject": "Pulse Secure", - "product": "Pulse Connect Secure", - "vulnerabilityName": "Pulse Connect Secure Remote Code Execution Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "A vulnerability in the Pulse Connect Secure \u003c 9.1R9 admin web interface could allow an authenticated attacker to perform an arbitrary code execution using uncontrolled gzip extraction.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-04-23", - "notes": "Reference CISA\u0027s ED 21-03 (https://www.cisa.gov/emergency-directive-21-03) for further guidance and requirements." - }, - { - "cveID": "CVE-2021-22899", - "vendorProject": "Pulse Secure", - "product": "Pulse Connect Secure", - "vulnerabilityName": "Pulse Connect Secure Remote Code Execution Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Allows a remote authenticated attacker to perform remote code execution via Windows Resource Profiles Feature.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-04-23", - "notes": "Reference CISA\u0027s ED 21-03 (https://www.cisa.gov/emergency-directive-21-03) for further guidance and requirements." - }, - { - "cveID": "CVE-2019-11510", - "vendorProject": "Pulse Secure", - "product": "Pulse Connect Secure", - "vulnerabilityName": "Pulse Connect Secure VPN Arbitrary File Reading Vulnerability (COVID-19-CTI List)", - "dateAdded": "2021-11-03", - "shortDescription": "An unauthenticated remote attacker can send a specially crafted URI to perform an arbitrary file reading vulnerability.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-04-23", - "notes": "Reference CISA\u0027s ED 21-03 (https://www.cisa.gov/emergency-directive-21-03) for further guidance and requirements." - }, - { - "cveID": "CVE-2019-11539", - "vendorProject": "Pulse Secure", - "product": "Pulse Connect Secure, Policy Secure", - "vulnerabilityName": "Pulse Connect Secure and Policy Secure Multiple Versions Code Execution", - "dateAdded": "2021-11-03", - "shortDescription": "Pulse Secure\u0027s Connect and Policy secure platforms contain a vulnerability in the admin web interface which allows an attacker to inject and execute commands.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2021-1906", - "vendorProject": "Qualcomm", - "product": "Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables", - "vulnerabilityName": "Qualcomm Improper Error Handling Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Improper handling of address deregistration on failure can lead to new GPU address allocation failure.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2021-1905", - "vendorProject": "Qualcomm", - "product": "Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables", - "vulnerabilityName": "Qualcomm Use-After-Free Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Possible use after free due to improper handling of memory mapping of multiple processes simultaneously", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2020-10221", - "vendorProject": "rConfig", - "product": "rConfig", - "vulnerabilityName": "rConfig Remote Code Execution Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "lib/ajaxHandlers/ajaxAddTemplate.php in rConfig through 3.94 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the fileName POST parameter.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2021-35395", - "vendorProject": "Realtek", - "product": "Jungle Software Development Kit (SDK)", - "vulnerabilityName": "Realtek SDK Arbitrary Code Execution", - "dateAdded": "2021-11-03", - "shortDescription": "Realtek Jungle SDK version v2.x up to v3.4.14B arbitrary code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2017-16651", - "vendorProject": "Roundcube", - "product": "Roundcube Webmail", - "vulnerabilityName": "Roundcube Webmail File Disclosure Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Allows unauthorized access to arbitrary files on the host\u0027s filesystem, including configuration files. The issue is related to file-based attachment plugins and _task=settings\u0026_action=upload-display\u0026_from=timezone requests.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2020-11652", - "vendorProject": "SaltStack", - "product": "Salt", - "vulnerabilityName": "SaltStack directory traversal failure to sanitize untrusted input", - "dateAdded": "2021-11-03", - "shortDescription": "The salt-master process ClearFuncs class allows access to some methods that improperly sanitize paths. These methods allow arbitrary directory access to authenticated users.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2020-11651", - "vendorProject": "SaltStack", - "product": "Salt", - "vulnerabilityName": "SaltStack Salt Authentication Bypass", - "dateAdded": "2021-11-03", - "shortDescription": "The salt-master process ClearFuncs class does not properly validate method calls. This allows a remote user to access some methods without authentication.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2020-16846", - "vendorProject": "SaltStack", - "product": "Salt", - "vulnerabilityName": "SaltStack Through 3002 Shell Injection Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "An issue was discovered in SaltStack Salt through 3002. Sending crafted web requests to the Salt API, with the SSH client enabled, can result in shell injection.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2018-2380", - "vendorProject": "SAP", - "product": "SAP CRM", - "vulnerabilityName": "SAP NetWeaver AS JAVA CRM Remote Code Execution Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "SAP CRM, 7.01, 7.02,7.30, 7.31, 7.33, 7.54, allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing \"traverse to parent directory\" are passed through to the file APIs.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2010-5326", - "vendorProject": "SAP", - "product": "SAP NetWeaver Application Server Java platforms", - "vulnerabilityName": "SAP NetWeaver AS JAVA Remote Code Execution Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "The Invoker Servlet on SAP NetWeaver Application Server Java platforms, possibly before 7.3, does not require authentication, which allows remote attackers to execute arbitrary code via an HTTP or HTTPS request.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2016-9563", - "vendorProject": "SAP", - "product": "SAP NetWeaver AS JAVA", - "vulnerabilityName": "SAP NetWeaver AS JAVA XXE Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "BC-BMT-BPM-DSK in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to conduct XML External Entity (XXE) attacks via the sap.com~tc~bpem~him~uwlconn~provider~web/bpemuwlconn URI, aka SAP Security Note 2296909.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2020-6287", - "vendorProject": "SAP", - "product": "SAP NetWeaver AS JAVA (LM Configuration Wizard)", - "vulnerabilityName": "SAP Netweaver JAVA remote unauthenticated access vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "SAP NetWeaver AS JAVA (LM Configuration Wizard), versions - 7.30, 7.31, 7.40, 7.50, does not perform an authentication check which allows an attacker without prior authentication to execute configuration tasks to perform critical actions against the SAP Java system.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2020-6207", - "vendorProject": "SAP", - "product": "SAP Solution Manager (User Experience Monitoring)", - "vulnerabilityName": "SAP Solution Manager Missing Authentication Check Complete Compromise of SMD Agents vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "SAP Solution Manager (User Experience Monitoring), version- 7.2, due to Missing Authentication Check does not perform any authentication for a service resulting in complete compromise of all SMDAgents connected to the Solution Manager.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2016-3976", - "vendorProject": "SAP", - "product": "SAP NetWeaver AS Java", - "vulnerabilityName": "SAP NetWeaver AS Java 7.1 - 7.5 Directory Traversal Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Directory traversal vulnerability in SAP NetWeaver AS Java 7.1 through 7.5 allows remote attackers to read arbitrary files via a ..\\ (dot dot backslash) in the fileName parameter to CrashFileDownloadServlet, aka SAP Security Note 2234971.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2019-16256", - "vendorProject": "SIMalliance", - "product": "SIMalliance Toolbox (S@T) Browser", - "vulnerabilityName": "SIMalliance Toolbox (S@T) Browser Command and Control Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Some Samsung devices include the SIMalliance Toolbox Browser (aka S@T Browser) on the UICC, which might allow remote attackers to retrieve location and IMEI information, or retrieve other data or execute certain commands, via SIM Toolkit (STK) instructions in an SMS message, aka Simjacker.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2020-10148", - "vendorProject": "SolarWinds", - "product": "SolarWinds Orion Platform", - "vulnerabilityName": "SolarWinds Orion API Authentication Bypass Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "The SolarWinds Orion API is vulnerable to an authentication bypass that could allow a remote attacker to execute API commands. SolarWinds Orion Platform versions 2019.4 HF 5, 2020.2 with no hotfix installed, and 2020.2 HF 1 are affected.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2021-35211", - "vendorProject": "SolarWinds", - "product": "SolarWinds nServ-U", - "vulnerabilityName": "SolarWinds Serv-U Remote Memory Escape Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Microsoft discovered a remote code execution (RCE) vulnerability in the SolarWinds Serv-U product utilizing a Remote Memory Escape Vulnerability.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2016-3643", - "vendorProject": "SolarWinds", - "product": "SolarWinds Virtualization Manager", - "vulnerabilityName": "SolarWinds Virtualization Manager Privilege Escalation Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "SolarWinds Virtualization Manager 6.3.1 and earlier allow local users to gain privileges by leveraging a misconfiguration of sudo, as demonstrated by \"sudo cat /etc/passwd.\"", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2020-10199", - "vendorProject": "Sonatype", - "product": "Sonatype Nexus Repository", - "vulnerabilityName": "Nexus Repository Manager 3 Remote Code Execution Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Sonatype Nexus Repository before 3.21.2 allows JavaEL Injection (issue 1 of 2).", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2021-20021", - "vendorProject": "SonicWall", - "product": "SonicWall Email Security", - "vulnerabilityName": "SonicWall Email Security Privilege Escalation Exploit Chain", - "dateAdded": "2021-11-03", - "shortDescription": "A vulnerability in the SonicWall Email Security version 10.0.9.x allows an attacker to create an administrative account by sending a crafted HTTP request to the remote host.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2019-7481", - "vendorProject": "SonicWall", - "product": "SMA100", - "vulnerabilityName": "SonicWall SMA100 9.0.0.3 and Earlier SQL Injection", - "dateAdded": "2021-11-03", - "shortDescription": "Vulnerability in SonicWall SMA100 versions 9.0.0.3 and earlier allow an unauthenticated user to gain read-only access to unauthorized resources.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2021-20022", - "vendorProject": "SonicWall", - "product": "SonicWall Email Security", - "vulnerabilityName": "SonicWall Email Security Privilege Escalation Exploit Chain", - "dateAdded": "2021-11-03", - "shortDescription": "SonicWall Email Security version 10.0.9.x contains a vulnerability that allows a post-authenticated attacker to upload an arbitrary file to the remote host.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2021-20023", - "vendorProject": "SonicWall", - "product": "SonicWall Email Security", - "vulnerabilityName": "SonicWall Email Security Privilege Escalation Exploit Chain", - "dateAdded": "2021-11-03", - "shortDescription": "SonicWall Email Security version 10.0.9.x contains a vulnerability that allows a post-authenticated attacker to read an arbitrary file on the remote host.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2021-20016", - "vendorProject": "SonicWall", - "product": "SonicWall SSLVPN SMA100", - "vulnerabilityName": "SonicWall SSL VPN SMA100 SQL Injection Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Allows a remote unauthenticated attacker to perform SQL query to access username password and other session related information in SMA100 build version 10.x.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2020-12271", - "vendorProject": "Sophos", - "product": "Sophos XG Firewall devices", - "vulnerabilityName": "Sophos XG Firewall SQL Injection Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "A SQL injection issue that causes affected devices configured with either the administration (HTTPS) service or the User Portal exposed on the WAN zone.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2020-10181", - "vendorProject": "Sumavision", - "product": "Sumavision Enhanced Multimedia Router (EMR)", - "vulnerabilityName": "Sumavision EMR 3.0 CSRF Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "goform/formEMR30 in Sumavision Enhanced Multimedia Router (EMR) 3.0.4.27 allows creation of arbitrary users with elevated privileges (administrator) on a device, as demonstrated by a setString=new_user\u003c*1*\u003eadministrator\u003c*1*\u003e123456 request.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2017-6327", - "vendorProject": "Symantec", - "product": "Symantec Messaging Gateway", - "vulnerabilityName": "Symantec Messaging Gateway Remote Code Execution Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "The Symantec Messaging Gateway before 10.6.3-267 can encounter an issue of remote code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2019-18988", - "vendorProject": "TeamViewer", - "product": "TeamViewer Desktop", - "vulnerabilityName": "TeamViewer Desktop Bypass Remote Login", - "dateAdded": "2021-11-03", - "shortDescription": "Allows a bypass of remote-login access control because the same key is used for different customers\u0027 installations.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2017-9248", - "vendorProject": "Telerik", - "product": "ASP.NET AJAX and Sitefinity", - "vulnerabilityName": "Telerik UI for ASP.NET AJAX and Progress Sitefinity Cryptographic Weakness Vuln", - "dateAdded": "2021-11-03", - "shortDescription": "Telerik.Web.UI.dll in Progress Telerik UI for ASP.NET AJAX before R2 2017 SP1 and Sitefinity before 10.0.6412.0 does not properly protect Telerik.Web.UI.DialogParametersEncryptionKey or the MachineKey.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2021-31755", - "vendorProject": "Tenda", - "product": "Tenda AC11 devices", - "vulnerabilityName": "Tenda AC11 Up to 02.03.01.104_CN Stack Buffer Overflow", - "dateAdded": "2021-11-03", - "shortDescription": "Tenda AC11 devices with firmware through 02.03.01.104_CN contain a stack buffer overflow vulnerability in /goform/setmac which allows for arbitrary execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2020-10987", - "vendorProject": "Tenda", - "product": "Tenda AC15 AC1900", - "vulnerabilityName": "Tenda Router Code Execution", - "dateAdded": "2021-11-03", - "shortDescription": "The goform/setUsbUnload endpoint of Tenda AC15 AC1900 version 15.03.05.19 allows remote attackers to execute arbitrary system commands via the deviceName POST parameter.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2018-14558", - "vendorProject": "Tenda", - "product": "Tenda AC7, AC9, and AC10 devices", - "vulnerabilityName": "Tenda Router Command Injection Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Issue on Tenda AC7 devices with firmware through V15.03.06.44_CN(AC7), AC9 devices with firmware through V15.03.05.19(6318)_CN(AC9), and AC10 devices with firmware through V15.03.06.23_CN(AC10). A command Injection vulnerability allows attackers to execute arbitrary OS commands via a crafted goform/setUsbUnload request. This occurs because the \"formsetUsbUnload\" function executes a dosystemCmd function with untrusted input.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2018-20062", - "vendorProject": "ThinkPHP", - "product": "NoneCms", - "vulnerabilityName": "ThinkPHP Remote Code Execution Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Issue in NoneCms V1.3. thinkphp/library/think/App.php allows remote attackers to execute arbitrary PHP code via crafted use of the filter parameter, as demonstrated by the s=index/\\think\\Request/input\u0026filter=phpinfo\u0026data=1 query string.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2019-9082", - "vendorProject": "ThinkPHP", - "product": "ThinkPHP", - "vulnerabilityName": "ThinkPHP Remote Code Execution Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "ThinkPHP before 3.2.4, as used in Open Source BMS v1.1.1 and other products, allows Remote Command Execution via public//?s=index/\\think\\app/invokefunction\u0026function=call_user_func_array\u0026vars[0]=system\u0026vars[1][]= followed by the command.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2019-18187", - "vendorProject": "Trend Micro", - "product": "Trend Micro OfficeScan", - "vulnerabilityName": "Trend Micro Antivirus 0day Traversal Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Trend Micro OfficeScan versions 11.0 and XG (12.0) could be exploited by an attacker utilizing a directory traversal vulnerability to extract files from an arbitrary zip file to a specific folder on the OfficeScan server, which could potentially lead to remote code execution (RCE).", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2020-8467", - "vendorProject": "Trend Micro", - "product": "Trend Micro Apex One and OfficeScan XG", - "vulnerabilityName": "Trend Micro Apex One (2019) and OfficeScan XG migration tool remote code execution vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "A migration tool component of Trend Micro Apex One (2019) and OfficeScan XG contains a vulnerability which could allow remote attackers to execute arbitrary code on affected installations (RCE).", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2020-8468", - "vendorProject": "Trend Micro", - "product": "Trend Micro Apex One, OfficeScan XG and Worry-Free Business Security", - "vulnerabilityName": "Trend Micro Apex One (2019), OfficeScan XG and Worry-Free Business Security (9.0, 9.5, 10.0) agent content validation escape vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Agents are affected by a content validation escape vulnerability which could allow an attacker to manipulate certain agent client components.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2020-24557", - "vendorProject": "Trend Micro", - "product": "Trend Micro Apex One and Worry-Free Business Security", - "vulnerabilityName": "Trend Micro Apex One and OfficeScan XG Improper Access Control Privilege Escalation Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "A vulnerability in Trend Micro Apex One and Worry-Free Business Security 10.0 SP1 on Microsoft Windows may allow an attacker to manipulate a particular product folder to disable the security temporarily, abuse a specific Windows function and attain privilege escalation", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2020-8599", - "vendorProject": "Trend Micro", - "product": "Trend Micro Apex One and OfficeScan XG server", - "vulnerabilityName": "Trend Micro Apex One and OfficeScan XG Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Server contain a vulnerable EXE file that could allow a remote attacker to write arbitrary data to an arbitrary path on affected installations and bypass ROOT login.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2021-36742", - "vendorProject": "Trend Micro", - "product": "Trend Micro Multiple Products", - "vulnerabilityName": "Trend Micro Systems Multiple Products Improper Input Validation Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "An improper input validation vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG and Worry-Free Business Security allows a local attacker to escalate privileges.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "https://success.trendmicro.com/dcx/s/solution/000287819?language=en_US, https://success.trendmicro.com/dcx/s/solution/000287820?language=en_US" - }, - { - "cveID": "CVE-2021-36741", - "vendorProject": "Trend Micro", - "product": "Trend Micro Multiple Products", - "vulnerabilityName": "Trend Micro Systems Multiple Products Improper Input Validation Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "An improper input validation vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG, and Worry-Free Business Security allows for upload of arbitrary files.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "https://success.trendmicro.com/dcx/s/solution/000287819?language=en_US, https://success.trendmicro.com/dcx/s/solution/000287820?language=en_US" - }, - { - "cveID": "CVE-2019-20085", - "vendorProject": "TVT", - "product": "NVMS-1000", - "vulnerabilityName": "TVT NVMS-1000 Directory Traversal", - "dateAdded": "2021-11-03", - "shortDescription": "TVT NVMS-1000 devices allow GET /.. Directory Traversal", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2020-5849", - "vendorProject": "Unraid", - "product": "Unraid", - "vulnerabilityName": "Unraid 6.8.0 Authentication Bypass", - "dateAdded": "2021-11-03", - "shortDescription": "Unraid 6.8.0 allows authentication bypass.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2020-5847", - "vendorProject": "Unraid", - "product": "Unraid", - "vulnerabilityName": "Unraid 6.8.0 Remote Code Execution Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Unraid through 6.8.0 allows Remote Code Execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2019-16759", - "vendorProject": "vBulletin", - "product": "vBulletin", - "vulnerabilityName": "vBulletin PHP Module Remote Code Execution Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "vBulletin 5.x through 5.5.4 allows remote command execution via the widgetConfig[code] parameter in an ajax/render/widget_php routestring request.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2020-17496", - "vendorProject": "vBulletin", - "product": "vBulletin", - "vulnerabilityName": "vBulletin PHP Module Remote Code Execution Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "vBulletin 5.5.4 through 5.6.2 allows remote command execution via crafted subWidgets data in an ajax/render/widget_tabbedcontainer_tab_panel request. NOTE: this issue exists because of an incomplete fix for CVE-2019-16759.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2019-5544", - "vendorProject": "VMware", - "product": "ESXi, Horizon DaaS Appliances", - "vulnerabilityName": "VMware ESXi/Horizon DaaS Appliances Heap-Overwrite Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "OpenSLP as used in ESXi and the Horizon DaaS appliances have a heap overwrite issue. A malicious actor with network access to port 427 on an ESXi host or on any Horizon DaaS management appliance may be able to overwrite the heap of the OpenSLP service resulting in remote code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2020-3992", - "vendorProject": "VMware", - "product": "ESXi", - "vulnerabilityName": "OpenSLP as used in VMware ESXi", - "dateAdded": "2021-11-03", - "shortDescription": "OpenSLP as used in VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-202010401-SG, 6.5 before ESXi650-202010401-SG) has a use-after-free issue. A malicious actor residing in the management network who has access to port 427 on an ESXi machine may be able to trigger a use-after-free in the OpenSLP service resulting in remote code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2020-3950", - "vendorProject": "VMware", - "product": "VMware Fusion, VMware Remote Console for Mac, and Horizon Client for Mac", - "vulnerabilityName": "VMware Privilege escalation vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Privilege escalation vulnerability due to improper use of setuid binaries.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2021-22005", - "vendorProject": "VMware", - "product": "vCenter Server", - "vulnerabilityName": "VMware vCenter Server File Upload", - "dateAdded": "2021-11-03", - "shortDescription": "VMware vCenter Server file upload vulnerability in the VMware-analytics service that allows to execute code on vCenter Server.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2020-3952", - "vendorProject": "VMware", - "product": "vCenter Server", - "vulnerabilityName": "VMware vCenter Server Info Disclosure Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Under certain conditions, vmdir that ships with VMware vCenter Server, as part of an embedded or external Platform Services Controller (PSC), does not correctly implement access controls.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2021-21972", - "vendorProject": "VMware", - "product": "vCenter Server", - "vulnerabilityName": "VMware vCenter Server Remote Code Execution Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "The vSphere Client (HTML5) contains a remote code execution vulnerability in a vCenter Server plugin. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2021-21985", - "vendorProject": "VMware", - "product": "vCenter Server", - "vulnerabilityName": "VMware vCenter Server Remote Code Execution Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "The vSphere Client (HTML5) contains a remote code execution vulnerability due to lack of input validation in the Virtual SAN Health Check plug-in which is enabled by default in vCenter Server. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2020-4006", - "vendorProject": "VMware", - "product": "VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector", - "vulnerabilityName": "VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector Command Injection vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector address have a command injection vulnerability.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2020-25213", - "vendorProject": "WordPress", - "product": "File Manager", - "vulnerabilityName": "WordPress File Manager Remote Code Execution Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "The File Manager (wp-file-manager) plugin before 6.9 for WordPress allows remote attackers to upload and execute arbitrary PHP code because it renames an unsafe example elFinder connector file to have the .php extension.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2020-11738", - "vendorProject": "WordPress", - "product": "Snap Creek Duplicator", - "vulnerabilityName": "WordPress Snap Creek Duplicator and Duplicator Pro plugins Directory Traversal", - "dateAdded": "2021-11-03", - "shortDescription": "The Snap Creek Duplicator plugin before 1.3.28 for WordPress (and Duplicator Pro before 3.8.7.1) allows Directory Traversal via ../ in the file parameter to duplicator_download or duplicator_init.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2019-9978", - "vendorProject": "WordPress", - "product": "Social-Warfare", - "vulnerabilityName": "WordPress Social-Warfare plugin XSS", - "dateAdded": "2021-11-03", - "shortDescription": "The social-warfare plugin before 3.5.3 for WordPress has stored XSS via the wp-admin/admin-post.php?swp_debug=load_options swp_url parameter, as exploited in the wild in March 2019. This affects Social Warfare and Social Warfare Pro.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2021-27561", - "vendorProject": "Yealink", - "product": "Device Management Platform", - "vulnerabilityName": "Yealink Device Management Server Pre-Authorization SSRF", - "dateAdded": "2021-11-03", - "shortDescription": "Yealink Device Management (DM) 3.6.0.20 allows command injection as root via the /sm/api/v1/firewall/zone/services URI, without authentication", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2021-40539", - "vendorProject": "Zoho", - "product": "ManageEngine ADSelfServicePlus", - "vulnerabilityName": "Zoho Corp. ManageEngine ADSelfService Plus Version 6113 and Earlier Authentication Bypass", - "dateAdded": "2021-11-03", - "shortDescription": "Zoho ManageEngine ADSelfService Plus versions 6113 and earlier contain an authentication bypass vulnerability which allows for Remote Code Execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-11-17", - "notes": "" - }, - { - "cveID": "CVE-2020-10189", - "vendorProject": "Zoho", - "product": "ManageEngine Desktop Central", - "vulnerabilityName": "Zoho ManageEngine Desktop Central Remote Code Execution Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Zoho ManageEngine Desktop Central before 10.0.474 allows remote code execution because of deserialization of untrusted data in getChartImage in the FileStorage class. This is related to the CewolfServlet and MDMLogUploaderServlet servlets.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2019-8394", - "vendorProject": "Zoho", - "product": "ManageEngine ServiceDesk Plus (SDP)", - "vulnerabilityName": "Zoho ManageEngine ServiceDesk Plus Arbitrary File Upload Vulnerability", - "dateAdded": "2021-11-03", - "shortDescription": "Zoho ManageEngine ServiceDesk Plus (SDP) before 10.0 build 10012 allows remote attackers to upload arbitrary files via login page customization.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2020-29583", - "vendorProject": "Zyxel", - "product": "Unified Security Gateway (USG)", - "vulnerabilityName": "Zyxel Unified Security Gateway Undocumented Administrator Account with Default Credentials", - "dateAdded": "2021-11-03", - "shortDescription": "Firmware version 4.60 of Zyxel USG devices contains an undocumented account (zyfwp) with an unchangeable password.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-03", - "notes": "" - }, - { - "cveID": "CVE-2021-22204", - "vendorProject": "Perl", - "product": "Exiftool", - "vulnerabilityName": "ExifTool Remote Code Execution Vulnerability", - "dateAdded": "2021-11-17", - "shortDescription": "Improper neutralization of user data in the DjVu file format in Exiftool versions 7.44 and up allows arbitrary code execution when parsing the malicious image", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-12-01", - "notes": "" - }, - { - "cveID": "CVE-2021-40449", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows Win32k Privilege Escalation Vulnerability", - "dateAdded": "2021-11-17", - "shortDescription": "Unspecified vulnerability allows for an authenticated user to escalate privileges.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-12-01", - "notes": "" - }, - { - "cveID": "CVE-2021-42321", - "vendorProject": "Microsoft", - "product": "Exchange", - "vulnerabilityName": "Microsoft Exchange Server Remote Code Execution Vulnerability", - "dateAdded": "2021-11-17", - "shortDescription": "An authenticated attacker could leverage improper validation in cmdlet arguments within Microsoft Exchange and perform remote code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-12-01", - "notes": "" - }, - { - "cveID": "CVE-2021-42292", - "vendorProject": "Microsoft", - "product": "Office", - "vulnerabilityName": "Microsoft Excel Security Feature Bypass", - "dateAdded": "2021-11-17", - "shortDescription": "A security feature bypass vulnerability in Microsoft Excel would allow a local user to perform arbitrary code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-12-01", - "notes": "" - }, - { - "cveID": "CVE-2020-11261", - "vendorProject": "Qualcomm", - "product": "Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables", - "vulnerabilityName": "Qualcomm Multiple Chipsets Improper Input Validation Vulnerability", - "dateAdded": "2021-12-01", - "shortDescription": "Memory corruption due to improper check to return error when user application requests memory allocation of a huge size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-01", - "notes": "" - }, - { - "cveID": "CVE-2018-14847", - "vendorProject": "MikroTik", - "product": "RouterOS", - "vulnerabilityName": "MikroTik Router OS Directory Traversal Vulnerability", - "dateAdded": "2021-12-01", - "shortDescription": "MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files and remote authenticated attackers to write arbitrary files due to a directory traversal vulnerability in the WinBox interface.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-01", - "notes": "" - }, - { - "cveID": "CVE-2021-37415", - "vendorProject": "Zoho", - "product": "ManageEngine ServiceDesk Plus (SDP)", - "vulnerabilityName": "Zoho ManageEngine ServiceDesk Authentication Bypass Vulnerability", - "dateAdded": "2021-12-01", - "shortDescription": "Zoho ManageEngine ServiceDesk Plus before 11302 is vulnerable to authentication bypass that allows a few REST-API URLs without authentication", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-12-15", - "notes": "" - }, - { - "cveID": "CVE-2021-40438", - "vendorProject": "Apache", - "product": "Apache", - "vulnerabilityName": "Apache HTTP Server-Side Request Forgery (SSRF)", - "dateAdded": "2021-12-01", - "shortDescription": "A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-12-15", - "notes": "" - }, - { - "cveID": "CVE-2021-44077", - "vendorProject": "Zoho", - "product": "ManageEngine ServiceDesk Plus (SDP) / SupportCenter Plus", - "vulnerabilityName": "Zoho ManageEngine ServiceDesk Plus Remote Code Execution Vulnerability", - "dateAdded": "2021-12-01", - "shortDescription": "Zoho ManageEngine ServiceDesk Plus before 11306, ServiceDesk Plus MSP before 10530, and SupportCenter Plus before 11014 are vulnerable to unauthenticated remote code execution", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-12-15", - "notes": "" - }, - { - "cveID": "CVE-2021-44515", - "vendorProject": "Zoho", - "product": "Desktop Central", - "vulnerabilityName": "Zoho Desktop Central Authentication Bypass Vulnerability", - "dateAdded": "2021-12-10", - "shortDescription": "Zoho Desktop Central contains an authentication bypass vulnerability that could allow an attacker to execute arbitrary code in the Desktop Central MSP server.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-12-24", - "notes": "" - }, - { - "cveID": "CVE-2019-13272", - "vendorProject": "Linux", - "product": "Kernel", - "vulnerabilityName": "Linux Kernel Improper Privilege Management Vulnerability", - "dateAdded": "2021-12-10", - "shortDescription": "Kernel/ptrace.c in Linux kernel mishandles contains an improper privilege management vulnerability which allows local users to obtain root access.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-10", - "notes": "" - }, - { - "cveID": "CVE-2021-35394", - "vendorProject": "Realtek", - "product": "Jungle Software Development Kit (SDK)", - "vulnerabilityName": "Realtek Jungle SDK Remote Code Execution Vulnerability", - "dateAdded": "2021-12-10", - "shortDescription": "RealTek Jungle SDK contains multiple memory corruption vulnerabilities which can allow an attacker to perform remote code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-12-24", - "notes": "" - }, - { - "cveID": "CVE-2019-7238", - "vendorProject": "Sonatype", - "product": "Nexus Repository Manager", - "vulnerabilityName": "Sonatype Nexus Repository Manager Incorrect Access Control Vulnerability", - "dateAdded": "2021-12-10", - "shortDescription": "Sonatype Nexus Repository Manager before 3.15.0 has an incorrect access control vulnerability. Exploitation allows for remote code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-10", - "notes": "" - }, - { - "cveID": "CVE-2019-0193", - "vendorProject": "Apache", - "product": "Solr", - "vulnerabilityName": "Apache Solr DataImportHandler Code Injection Vulnerability", - "dateAdded": "2021-12-10", - "shortDescription": "The optional Apache Solr module DataImportHandler contains a code injection vulnerability.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-10", - "notes": "" - }, - { - "cveID": "CVE-2021-44168", - "vendorProject": "Fortinet", - "product": "FortiOS", - "vulnerabilityName": "Fortinet FortiOS Arbitrary File Download", - "dateAdded": "2021-12-10", - "shortDescription": "Fortinet FortiOS \"execute restore src-vis\" downloads code without integrity checking, allowing an attacker to arbitrarily download files.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-12-24", - "notes": "" - }, - { - "cveID": "CVE-2017-17562", - "vendorProject": "Embedthis", - "product": "GoAhead", - "vulnerabilityName": "Embedthis GoAhead Remote Code Execution Vulnerability", - "dateAdded": "2021-12-10", - "shortDescription": "Embedthis GoAhead before 3.6.5 allows remote code execution if CGI is enabled and a CGI program is dynamically linked.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-10", - "notes": "" - }, - { - "cveID": "CVE-2017-12149", - "vendorProject": "Red Hat", - "product": "JBoss Application Server", - "vulnerabilityName": "Red Hat JBoss Application Server Remote Code Execution Vulnerability", - "dateAdded": "2021-12-10", - "shortDescription": "The JBoss Application Server, shipped with Red Hat Enterprise Application Platform 5.2, allows an attacker to execute arbitrary code via crafted serialized data.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-10", - "notes": "" - }, - { - "cveID": "CVE-2010-1871", - "vendorProject": "Red Hat", - "product": "JBoss Seam 2", - "vulnerabilityName": "Red Hat Linux JBoss Seam 2 Remote Code Execution Vulnerability", - "dateAdded": "2021-12-10", - "shortDescription": "JBoss Seam 2 (jboss-seam2), as used in JBoss Enterprise Application Platform 4.3.0 for Red Hat Linux, allows attackers to perform remote code execution. This vulnerability can only be exploited when the Java Security Manager is not properly configured.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-10", - "notes": "" - }, - { - "cveID": "CVE-2020-17463", - "vendorProject": "Fuel CMS", - "product": "", - "vulnerabilityName": "Fuel CMS SQL Injection Vulnerability", - "dateAdded": "2021-12-10", - "shortDescription": "FUEL CMS 1.4.7 allows SQL Injection via the col parameter to /pages/items, /permissions/items, or /navigation/items.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-10", - "notes": "" - }, - { - "cveID": "CVE-2020-8816", - "vendorProject": "Pi-hole", - "product": "AdminLTE", - "vulnerabilityName": "Pi-Hole AdminLTE Remote Code Execution Vulnerability", - "dateAdded": "2021-12-10", - "shortDescription": "Pi-hole Web v4.3.2 (aka AdminLTE) allows Remote Code Execution by privileged dashboard users via a crafted DHCP static lease.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-10", - "notes": "" - }, - { - "cveID": "CVE-2019-10758", - "vendorProject": "MongoDB", - "product": "mongo-express", - "vulnerabilityName": "MongoDB mongo-express Remote Code Execution Vulnerability", - "dateAdded": "2021-12-10", - "shortDescription": "mongo-express before 0.54.0 is vulnerable to Remote Code Execution via endpoints that uses the `toBSON` method.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-10", - "notes": "" - }, - { - "cveID": "CVE-2021-44228", - "vendorProject": "Apache", - "product": "Log4j2", - "vulnerabilityName": "Apache Log4j2 Remote Code Execution Vulnerability", - "dateAdded": "2021-12-10", - "shortDescription": "Apache Log4j2 contains a vulnerability where JNDI features do not protect against attacker-controlled JNDI-related endpoints, allowing for remote code execution.", - "requiredAction": "For all affected software assets for which updates exist, the only acceptable remediation actions are: 1) Apply updates; OR 2) remove affected assets from agency networks. Temporary mitigations using one of the measures provided at https://www.cisa.gov/uscert/ed-22-02-apache-log4j-recommended-mitigation-measures are only acceptable until updates are available.", - "dueDate": "2021-12-24", - "notes": "" - }, - { - "cveID": "CVE-2021-43890", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows AppX Installer Spoofing Vulnerability", - "dateAdded": "2021-12-15", - "shortDescription": "Microsoft Windows AppX Installer contains a spoofing vulnerability which has a high impacts to confidentiality, integrity, and availability.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-12-29", - "notes": "" - }, - { - "cveID": "CVE-2021-4102", - "vendorProject": "Google", - "product": "Chromium V8 Engine", - "vulnerabilityName": "Google Chromium V8 Use-After-Free Vulnerability", - "dateAdded": "2021-12-15", - "shortDescription": "Google Chromium V8 Engine contains a use-after-free vulnerability which can allow a remote attacker to execute arbitrary code on the target system.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2021-12-29", - "notes": "" - }, - { - "cveID": "CVE-2021-22017", - "vendorProject": "VMware", - "product": "vCenter Server", - "vulnerabilityName": "VMware vCenter Server Improper Access Control", - "dateAdded": "2022-01-10", - "shortDescription": "Rhttproxy as used in vCenter Server contains a vulnerability due to improper implementation of URI normalization.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-01-24", - "notes": "" - }, - { - "cveID": "CVE-2021-36260", - "vendorProject": "Hikvision", - "product": "Security cameras web server", - "vulnerabilityName": "Hikvision Improper Input Validation", - "dateAdded": "2022-01-10", - "shortDescription": "A command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validation.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-01-24", - "notes": "" - }, - { - "cveID": "CVE-2020-6572", - "vendorProject": "Google", - "product": "Chrome", - "vulnerabilityName": "Google Chrome Prior to 81.0.4044.92 Use-After-Free Vulnerability", - "dateAdded": "2022-01-10", - "shortDescription": "Use-after-free vulnerability in Media in Google Chrome prior to 81.0.4044.92 allowed a Remote attacker to execute arbitrary code via a crafted HTML page.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-07-10", - "notes": "" - }, - { - "cveID": "CVE-2019-1458", - "vendorProject": "Microsoft", - "product": "Win32k", - "vulnerabilityName": "Microsoft Win32k Privilege Escalation Vulnerability", - "dateAdded": "2022-01-10", - "shortDescription": "A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka \u0027Win32k EoP.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-07-10", - "notes": "" - }, - { - "cveID": "CVE-2013-3900", - "vendorProject": "Microsoft", - "product": "WinVerifyTrust function", - "vulnerabilityName": "Microsoft WinVerifyTrust function Remote Code Execution", - "dateAdded": "2022-01-10", - "shortDescription": "A remote code execution vulnerability exists in the way that the WinVerifyTrust function handles Windows Authenticode signature verification for PE files.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-07-10", - "notes": "" - }, - { - "cveID": "CVE-2019-2725", - "vendorProject": "Oracle", - "product": "WebLogic Server", - "vulnerabilityName": "Oracle WebLogic Server, Injection", - "dateAdded": "2022-01-10", - "shortDescription": "Injection vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services).", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-07-10", - "notes": "" - }, - { - "cveID": "CVE-2019-9670", - "vendorProject": "Synacor", - "product": "Zimbra Collaboration (ZCS)", - "vulnerabilityName": "Synacor Zimbra Collaboration (ZCS) Improper Restriction of XML External Entity Reference", - "dateAdded": "2022-01-10", - "shortDescription": "Improper Restriction of XML External Entity Reference vulnerability affecting Synacor Zimbra Collaboration (ZCS).", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-07-10", - "notes": "" - }, - { - "cveID": "CVE-2018-13382", - "vendorProject": "Fortinet", - "product": "FortiOS and FortiProxy", - "vulnerabilityName": "Fortinet FortiOS and FortiProxy Improper Authorization", - "dateAdded": "2022-01-10", - "shortDescription": "An Improper Authorization vulnerability in Fortinet FortiOS and FortiProxy under SSL VPN web portal allows an unauthenticated attacker to modify the password.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-07-10", - "notes": "" - }, - { - "cveID": "CVE-2018-13383", - "vendorProject": "Fortinet", - "product": "FortiOS and FortiProxy", - "vulnerabilityName": "Fortinet FortiOS and FortiProxy Out-of-bounds Write", - "dateAdded": "2022-01-10", - "shortDescription": "A heap buffer overflow in Fortinet FortiOS and FortiProxy may cause the SSL VPN web service termination for logged in users.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-07-10", - "notes": "" - }, - { - "cveID": "CVE-2019-1579", - "vendorProject": "Palo Alto Networks", - "product": "PAN-OS", - "vulnerabilityName": "Palo Alto Networks PAN-OS Remote Code Execution Vulnerability", - "dateAdded": "2022-01-10", - "shortDescription": "Remote Code Execution in PAN-OS with GlobalProtect Portal or GlobalProtect Gateway Interface enabled.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-07-10", - "notes": "" - }, - { - "cveID": "CVE-2019-10149", - "vendorProject": "Exim", - "product": "Mail Transfer Agent (MTA)", - "vulnerabilityName": "Exim Mail Transfer Agent (MTA) Improper Input Validation", - "dateAdded": "2022-01-10", - "shortDescription": "Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-07-10", - "notes": "" - }, - { - "cveID": "CVE-2015-7450", - "vendorProject": "IBM", - "product": "WebSphere Application Server and Server Hypervisor Edition", - "vulnerabilityName": "IBM WebSphere Application Server and Server Hypervisor Edition Code Injection.", - "dateAdded": "2022-01-10", - "shortDescription": "Serialized-object interfaces in certain IBM analytics, business solutions, cognitive, IT infrastructure, and mobile and social products allow remote attackers to execute arbitrary commands", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-07-10", - "notes": "" - }, - { - "cveID": "CVE-2017-1000486", - "vendorProject": "Primetek", - "product": "Primefaces Application", - "vulnerabilityName": "Primetek Primefaces Remote Code Execution Vulnerability", - "dateAdded": "2022-01-10", - "shortDescription": "Primetek Primefaces is vulnerable to a weak encryption flaw resulting in remote code execution", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-07-10", - "notes": "" - }, - { - "cveID": "CVE-2019-7609", - "vendorProject": "Elastic", - "product": "Kibana", - "vulnerabilityName": "Kibana Arbitrary Code Execution", - "dateAdded": "2022-01-10", - "shortDescription": "Kibana contain an arbitrary code execution flaw in the Timelion visualizer.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-07-10", - "notes": "" - }, - { - "cveID": "CVE-2021-27860", - "vendorProject": "FatPipe", - "product": "WARP, IPVPN, and MPVPN software", - "vulnerabilityName": "FatPipe WARP, IPVPN, and MPVPN Configuration Upload exploit", - "dateAdded": "2022-01-10", - "shortDescription": "A vulnerability in the web management interface of FatPipe WARP, IPVPN, and MPVPN software allows a remote, unauthenticated attacker to upload a file to any location on the filesystem.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-01-24", - "notes": "" - }, - { - "cveID": "CVE-2021-32648", - "vendorProject": "October CMS", - "product": "October CMS", - "vulnerabilityName": "October CMS Improper Authentication", - "dateAdded": "2022-01-18", - "shortDescription": "In affected versions of the october/system package an attacker can request an account password reset and then gain access to the account using a specially crafted request.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-02-01", - "notes": "" - }, - { - "cveID": "CVE-2021-25296", - "vendorProject": "Nagios", - "product": "Nagios XI", - "vulnerabilityName": "Nagios XI OS Command Injection", - "dateAdded": "2022-01-18", - "shortDescription": "Nagios XI contains a vulnerability which can lead to OS command injection on the Nagios XI server.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-02-01", - "notes": "" - }, - { - "cveID": "CVE-2021-25297", - "vendorProject": "Nagios", - "product": "Nagios XI", - "vulnerabilityName": "Nagios XI OS Command Injection", - "dateAdded": "2022-01-18", - "shortDescription": "Nagios XI contains a vulnerability which can lead to OS command injection on the Nagios XI server.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-02-01", - "notes": "" - }, - { - "cveID": "CVE-2021-25298", - "vendorProject": "Nagios", - "product": "Nagios XI", - "vulnerabilityName": "Nagios XI OS Command Injection", - "dateAdded": "2022-01-18", - "shortDescription": "Nagios XI contains a vulnerability which can lead to OS command injection on the Nagios XI server.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-02-01", - "notes": "" - }, - { - "cveID": "CVE-2021-40870", - "vendorProject": "Aviatrix", - "product": "Aviatrix Controller", - "vulnerabilityName": "Aviatrix Controller Unrestricted Upload of File", - "dateAdded": "2022-01-18", - "shortDescription": "Unrestricted upload of a file with a dangerous type is possible, which allows an unauthenticated user to execute arbitrary code via directory traversal.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-02-01", - "notes": "" - }, - { - "cveID": "CVE-2021-33766", - "vendorProject": "Microsoft", - "product": "Exchange Server", - "vulnerabilityName": "Microsoft Exchange Server Information Disclosure", - "dateAdded": "2022-01-18", - "shortDescription": "Microsoft Exchange Server contains an information disclosure vulnerability which can allow an unauthenticated attacker to steal email traffic from target.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-02-01", - "notes": "" - }, - { - "cveID": "CVE-2021-21975", - "vendorProject": "VMware", - "product": "vRealize Operations Manager API", - "vulnerabilityName": "VMware Server Side Request Forgery in vRealize Operations Manager API", - "dateAdded": "2022-01-18", - "shortDescription": "Server Side Request Forgery (SSRF) in vRealize Operations Manager API prior to 8.4 may allow a malicious actor with network access to the vRealize Operations Manager API to perform a SSRF attack to steal administrative credentials.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-02-01", - "notes": "" - }, - { - "cveID": "CVE-2021-21315", - "vendorProject": "Npm package", - "product": "System Information Library for Node.JS", - "vulnerabilityName": "System Information Library for Node.JS Command Injection", - "dateAdded": "2022-01-18", - "shortDescription": "In this vulnerability, an attacker can send a malicious payload that will exploit the name parameter. After successful exploitation, attackers can execute remote.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-02-01", - "notes": "" - }, - { - "cveID": "CVE-2021-22991", - "vendorProject": "F5", - "product": "BIG-IP Traffic Management Microkernel", - "vulnerabilityName": "F5 BIG-IP Traffic Management Microkernel Buffer Overflow", - "dateAdded": "2022-01-18", - "shortDescription": "The Traffic Management Microkernel of BIG-IP ASM Risk Engine has a buffer overflow vulnerability, leading to a bypassing of URL-based access controls.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-02-01", - "notes": "" - }, - { - "cveID": "CVE-2020-14864", - "vendorProject": "Oracle", - "product": "Intelligence Enterprise Edition", - "vulnerabilityName": "Oracle Business Intelligence Enterprise Edition Path Transversal", - "dateAdded": "2022-01-18", - "shortDescription": "Path traversal vulnerability, where an attacker can target the preview FilePath parameter of the getPreviewImage function to get access to arbitrary system file.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-07-18", - "notes": "" - }, - { - "cveID": "CVE-2020-13671", - "vendorProject": "Drupal", - "product": "Drupal core", - "vulnerabilityName": "Drupal core Un-restricted Upload of File", - "dateAdded": "2022-01-18", - "shortDescription": "Improper sanitization in the extension file names is present in Drupal core.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-07-18", - "notes": "" - }, - { - "cveID": "CVE-2020-11978", - "vendorProject": "Apache", - "product": "Airflow", - "vulnerabilityName": "Apache Airflow Command Injection", - "dateAdded": "2022-01-18", - "shortDescription": "A remote code/command injection vulnerability was discovered in one of the example DAGs shipped with Airflow.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-07-18", - "notes": "" - }, - { - "cveID": "CVE-2020-13927", - "vendorProject": "Apache", - "product": "Airflow\u0027s Experimental API", - "vulnerabilityName": "Apache Airflow\u0027s Experimental API Authentication Bypass", - "dateAdded": "2022-01-18", - "shortDescription": "The previous default setting for Airflow\u0027s Experimental API was to allow all API requests without authentication.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-07-18", - "notes": "" - }, - { - "cveID": "CVE-2006-1547", - "vendorProject": "Apache", - "product": "Struts 1", - "vulnerabilityName": "Apache Struts 1 ActionForm Denial-of-Service Vulnerability", - "dateAdded": "2022-01-21", - "shortDescription": "ActionForm in Apache Struts versions before 1.2.9 with BeanUtils 1.7 contains a vulnerability which allows for denial-of-service.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-07-21", - "notes": "" - }, - { - "cveID": "CVE-2012-0391", - "vendorProject": "Apache", - "product": "Struts 2", - "vulnerabilityName": "Apache Struts 2 Improper Input Validation Vulnerability", - "dateAdded": "2022-01-21", - "shortDescription": "The ExceptionDelegator component in Apache Struts 2 before 2.2.3.1 contains an improper input validation vulnerability which allows for remote code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-07-21", - "notes": "" - }, - { - "cveID": "CVE-2018-8453", - "vendorProject": "Microsoft", - "product": "Win32k", - "vulnerabilityName": "Microsoft Win32k Privilege Escalation Vulnerability", - "dateAdded": "2022-01-21", - "shortDescription": "Microsoft Windows Win32k contains a vulnerability which allows an attacker to escalate privileges.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-07-21", - "notes": "" - }, - { - "cveID": "CVE-2021-35247", - "vendorProject": "SolarWinds", - "product": "Serv-U", - "vulnerabilityName": "SolarWinds Serv-U Improper Input Validation Vulnerability", - "dateAdded": "2022-01-21", - "shortDescription": "SolarWinds Serv-U versions 15.2.5 and earlier contain an improper input validation vulnerability which allows attackers to build and send queries without sanitization.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-02-04", - "notes": "" - }, - { - "cveID": "CVE-2022-22587", - "vendorProject": "Apple", - "product": "iOS and macOS", - "vulnerabilityName": "Apple Memory Corruption Vulnerability", - "dateAdded": "2022-01-28", - "shortDescription": "Apple IOMobileFrameBuffer contains a memory corruption vulnerability which can allow a malicious application to execute arbitrary code with kernel privileges.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-02-11", - "notes": "" - }, - { - "cveID": "CVE-2021-20038", - "vendorProject": "SonicWall", - "product": "SMA 100 Appliances", - "vulnerabilityName": "SonicWall SMA 100 Appliances Stack-Based Buffer Overflow Vulnerability", - "dateAdded": "2022-01-28", - "shortDescription": "SonicWall SMA 100 devies are vulnerable to an unauthenticated stack-based buffer overflow vulnerability where exploitation can result in code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-02-11", - "notes": "" - }, - { - "cveID": "CVE-2020-5722", - "vendorProject": "Grandstream", - "product": "UCM6200", - "vulnerabilityName": "Grandstream Networks UCM6200 Series SQL Injection Vulnerability", - "dateAdded": "2022-01-28", - "shortDescription": "Grandstream UCM6200 series is vulnerable to an unauthenticated remote SQL injection via crafted HTTP request. Exploitation can allow for code execution as root.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-07-28", - "notes": "" - }, - { - "cveID": "CVE-2020-0787", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows Background Intelligent Transfer Service (BITS) Improper Privilege Management Vulnerability", - "dateAdded": "2022-01-28", - "shortDescription": "Microsoft Windows BITS is vulnerable to to a privilege elevation vulnerability if it improperly handles symbolic links. An actor can exploit this vulnerability to execute arbitrary code with system-level privileges.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-07-28", - "notes": "" - }, - { - "cveID": "CVE-2017-5689", - "vendorProject": "Intel", - "product": "Active Management Technology (AMT), Small Business Technology (SBT), and Standard Manageability", - "vulnerabilityName": "Intel Active Management Technology (AMT), Small Business Technology (SBT), and Standard Manageability Privilege Escalation Vulnerability", - "dateAdded": "2022-01-28", - "shortDescription": "Intel products contain a vulnerability which can allow attackers to perform privilege escalation.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-07-28", - "notes": "" - }, - { - "cveID": "CVE-2014-1776", - "vendorProject": "Microsoft", - "product": "Internet Explorer", - "vulnerabilityName": "Microsoft Internet Explorer Memory Corruption Vulnerability", - "dateAdded": "2022-01-28", - "shortDescription": "Microsoft Internet Explorer contains a memory corruption vulnerability that allows remote attackers to execute code in the context of the current user.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-07-28", - "notes": "https://learn.microsoft.com/en-us/security-updates/SecurityBulletins/2014/ms14-021?redirectedfrom=MSDN" - }, - { - "cveID": "CVE-2014-6271", - "vendorProject": "GNU", - "product": "Bourne-Again Shell (Bash)", - "vulnerabilityName": "GNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability", - "dateAdded": "2022-01-28", - "shortDescription": "GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute code.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-07-28", - "notes": "" - }, - { - "cveID": "CVE-2014-7169", - "vendorProject": "GNU", - "product": "Bourne-Again Shell (Bash)", - "vulnerabilityName": "GNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability", - "dateAdded": "2022-01-28", - "shortDescription": "GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute code. This CVE correctly remediates the vulnerability in CVE-2014-6271.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-07-28", - "notes": "" - }, - { - "cveID": "CVE-2022-21882", - "vendorProject": "Microsoft", - "product": "Win32k", - "vulnerabilityName": "Microsoft Win32k Privilege Escalation Vulnerability", - "dateAdded": "2022-02-04", - "shortDescription": "Microsoft Win32k contains an unspecified vulnerability which allows for privilege escalation.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-02-18", - "notes": "" - }, - { - "cveID": "CVE-2021-36934", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows SAM Local Privilege Escalation Vulnerability", - "dateAdded": "2022-02-10", - "shortDescription": "If a Volume Shadow Copy (VSS) shadow copy of the system drive is available, users can read the SAM file which would allow any user to escalate privileges to SYSTEM level.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-02-24", - "notes": "" - }, - { - "cveID": "CVE-2020-0796", - "vendorProject": "Microsoft", - "product": "SMBv3", - "vulnerabilityName": "Microsoft SMBv3 Remote Code Execution Vulnerability", - "dateAdded": "2022-02-10", - "shortDescription": "A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests. An attacker who successfully exploited the vulnerability could gain the ability to execute code on the target server or client.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-08-10", - "notes": "" - }, - { - "cveID": "CVE-2018-1000861", - "vendorProject": "Jenkins", - "product": "Jenkins Stapler Web Framework", - "vulnerabilityName": "Jenkins Stapler Web Framework Deserialization of Untrusted Data Vulnerability", - "dateAdded": "2022-02-10", - "shortDescription": "A code execution vulnerability exists in the Stapler web framework used by Jenkins", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-08-10", - "notes": "" - }, - { - "cveID": "CVE-2017-9791", - "vendorProject": "Apache", - "product": "Struts 1", - "vulnerabilityName": "Apache Struts 1 Improper Input Validation Vulnerability", - "dateAdded": "2022-02-10", - "shortDescription": "The Struts 1 plugin in Apache Struts might allow remote code execution via a malicious field value passed in a raw message to the ActionMessage.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-08-10", - "notes": "" - }, - { - "cveID": "CVE-2017-8464", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows Shell (.lnk) Remote Code Execution Vulnerability", - "dateAdded": "2022-02-10", - "shortDescription": "Windows Shell in multiple versions of Microsoft Windows allows local users or remote attackers to execute arbitrary code via a crafted .LNK file", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-08-10", - "notes": "" - }, - { - "cveID": "CVE-2017-10271", - "vendorProject": "Oracle", - "product": "WebLogic Server", - "vulnerabilityName": "Oracle Corporation WebLogic Server Remote Code Execution Vulnerability", - "dateAdded": "2022-02-10", - "shortDescription": "Oracle Corporation WebLogic Server contains a vulnerability that allows for remote code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-08-10", - "notes": "" - }, - { - "cveID": "CVE-2017-0263", - "vendorProject": "Microsoft", - "product": "Win32k", - "vulnerabilityName": "Microsoft Win32k Privilege Escalation Vulnerability", - "dateAdded": "2022-02-10", - "shortDescription": "Microsoft Win32k contains a privilege escalation vulnerability due to the Windows kernel-mode driver failing to properly handle objects in memory.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-08-10", - "notes": "" - }, - { - "cveID": "CVE-2017-0262", - "vendorProject": "Microsoft", - "product": "Office", - "vulnerabilityName": "Microsoft Office Remote Code Execution Vulnerability", - "dateAdded": "2022-02-10", - "shortDescription": "A remote code execution vulnerability exists in Microsoft Office.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-08-10", - "notes": "" - }, - { - "cveID": "CVE-2017-0145", - "vendorProject": "Microsoft", - "product": "SMBv1", - "vulnerabilityName": "Microsoft SMBv1 Remote Code Execution Vulnerability", - "dateAdded": "2022-02-10", - "shortDescription": "The SMBv1 server in multiple Microsoft Windows versions allows remote attackers to execute arbitrary code via crafted packets.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-08-10", - "notes": "" - }, - { - "cveID": "CVE-2017-0144", - "vendorProject": "Microsoft", - "product": "SMBv1", - "vulnerabilityName": "Microsoft SMBv1 Remote Code Execution Vulnerability", - "dateAdded": "2022-02-10", - "shortDescription": "The SMBv1 server in multiple Microsoft Windows versions allows remote attackers to execute arbitrary code via crafted packets.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-08-10", - "notes": "" - }, - { - "cveID": "CVE-2016-3088", - "vendorProject": "Apache", - "product": "ActiveMQ", - "vulnerabilityName": "Apache ActiveMQ Improper Input Validation Vulnerability", - "dateAdded": "2022-02-10", - "shortDescription": "The Fileserver web application in Apache ActiveMQ allows remote attackers to upload and execute arbitrary files via an HTTP PUT followed by an HTTP MOVE request", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-08-10", - "notes": "" - }, - { - "cveID": "CVE-2015-2051", - "vendorProject": "D-Link", - "product": "DIR-645 Router", - "vulnerabilityName": "D-Link DIR-645 Router Remote Code Execution Vulnerability", - "dateAdded": "2022-02-10", - "shortDescription": "D-Link DIR-645 Wired/Wireless Router allows remote attackers to execute arbitrary commands via a GetDeviceSettings action to the HNAP interface.", - "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", - "dueDate": "2022-08-10", - "notes": "" - }, - { - "cveID": "CVE-2015-1635", - "vendorProject": "Microsoft", - "product": "HTTP.sys", - "vulnerabilityName": "Microsoft HTTP.sys Remote Code Execution Vulnerability", - "dateAdded": "2022-02-10", - "shortDescription": "Microsoft HTTP protocol stack (HTTP.sys) contains a vulnerability which allows for remote code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-08-10", - "notes": "" - }, - { - "cveID": "CVE-2015-1130", - "vendorProject": "Apple", - "product": "OS X", - "vulnerabilityName": "Apple OS X Authentication Bypass Vulnerability", - "dateAdded": "2022-02-10", - "shortDescription": "The XPC implementation in Admin Framework in Apple OS X before 10.10.3 allows local users to bypass authentication and obtain admin privileges.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-08-10", - "notes": "" - }, - { - "cveID": "CVE-2014-4404", - "vendorProject": "Apple", - "product": "OS X", - "vulnerabilityName": "Apple OS X Heap-Based Buffer Overflow Vulnerability", - "dateAdded": "2022-02-10", - "shortDescription": "Heap-based buffer overflow in IOHIDFamily in Apple OS X, which affects, iOS before 8 and Apple TV before 7, allows attackers to execute arbitrary code in a privileged context.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-08-10", - "notes": "" - }, - { - "cveID": "CVE-2022-22620", - "vendorProject": "Apple", - "product": "Webkit", - "vulnerabilityName": "Apple Webkit Remote Code Execution Vulnerability", - "dateAdded": "2022-02-11", - "shortDescription": "Apple Webkit, which impacts iOS, iPadOS, and macOS, contains a vulnerability which allows for remote code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-02-25", - "notes": "" - }, - { - "cveID": "CVE-2022-24086", - "vendorProject": "Adobe", - "product": "Commerce and Magento Open Source", - "vulnerabilityName": "Adobe Commerce and Magento Open Source Improper Input Validation Vulnerability", - "dateAdded": "2022-02-15", - "shortDescription": "Adobe Commerce and Magento Open Source contain an improper input validation vulnerability which can allow for arbitrary code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-01", - "notes": "" - }, - { - "cveID": "CVE-2022-0609", - "vendorProject": "Google", - "product": "Chrome", - "vulnerabilityName": "Google Chrome Use-After-Free Vulnerability", - "dateAdded": "2022-02-15", - "shortDescription": "The vulnerability exists due to a use-after-free error within the Animation component in Google Chrome.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-01", - "notes": "" - }, - { - "cveID": "CVE-2019-0752", - "vendorProject": "Microsoft", - "product": "Internet Explorer", - "vulnerabilityName": "Microsoft Internet Explorer Type Confusion Vulnerability", - "dateAdded": "2022-02-15", - "shortDescription": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-08-15", - "notes": "" - }, - { - "cveID": "CVE-2018-8174", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows VBScript Engine Out-of-Bounds Write Vulnerability", - "dateAdded": "2022-02-15", - "shortDescription": "A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka \"Windows VBScript Engine Remote Code Execution\"", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-08-15", - "notes": "" - }, - { - "cveID": "CVE-2018-20250", - "vendorProject": "RARLAB", - "product": "WinRAR", - "vulnerabilityName": "WinRAR Absolute Path Traversal Vulnerability", - "dateAdded": "2022-02-15", - "shortDescription": "WinRAR Absolute Path Traversal vulnerability leads to Remote Code Execution", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-08-15", - "notes": "" - }, - { - "cveID": "CVE-2018-15982", - "vendorProject": "Adobe", - "product": "Flash Player", - "vulnerabilityName": "Adobe Flash Player Use-After-Free Vulnerability", - "dateAdded": "2022-02-15", - "shortDescription": "Adobe Flash Player com.adobe.tvsdk.mediacore.metadata Use After Free Vulnerability", - "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", - "dueDate": "2022-08-15", - "notes": "" - }, - { - "cveID": "CVE-2017-9841", - "vendorProject": "PHPUnit", - "product": "PHPUnit", - "vulnerabilityName": "PHPUnit Command Injection Vulnerability", - "dateAdded": "2022-02-15", - "shortDescription": "PHPUnit allows remote attackers to execute arbitrary PHP code via HTTP POST data beginning with a \"\u003c?php \" substring, as demonstrated by an attack on a site with an exposed /vendor folder, i.e., external access to the /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php URI.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-08-15", - "notes": "" - }, - { - "cveID": "CVE-2014-1761", - "vendorProject": "Microsoft", - "product": "Word", - "vulnerabilityName": "Microsoft Word Memory Corruption Vulnerability", - "dateAdded": "2022-02-15", - "shortDescription": "Microsoft Word contains a memory corruption vulnerability which when exploited could allow for remote code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-08-15", - "notes": "" - }, - { - "cveID": "CVE-2013-3906", - "vendorProject": "Microsoft", - "product": "Graphics Component", - "vulnerabilityName": "Microsoft Graphics Component Memory Corruption Vulnerability", - "dateAdded": "2022-02-15", - "shortDescription": "Microsoft Graphics Component contains a memory corruption vulnerability which can allow for remote code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-08-15", - "notes": "" - }, - { - "cveID": "CVE-2022-23131", - "vendorProject": "Zabbix", - "product": "Frontend", - "vulnerabilityName": "Zabbix Frontend Authentication Bypass Vulnerability", - "dateAdded": "2022-02-22", - "shortDescription": "Unsafe client-side session storage leading to authentication bypass/instance takeover via Zabbix Frontend with configured SAML.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-08", - "notes": "" - }, - { - "cveID": "CVE-2022-23134", - "vendorProject": "Zabbix", - "product": "Frontend", - "vulnerabilityName": "Zabbix Frontend Improper Access Control Vulnerability", - "dateAdded": "2022-02-22", - "shortDescription": "Malicious actors can pass step checks and potentially change the configuration of Zabbix Frontend.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-08", - "notes": "" - }, - { - "cveID": "CVE-2022-24682", - "vendorProject": "Zimbra", - "product": "Webmail", - "vulnerabilityName": "Zimbra Webmail Cross-Site Scripting Vulnerability", - "dateAdded": "2022-02-25", - "shortDescription": "Zimbra webmail clients running versions 8.8.15 P29 \u0026 P30 contain a XSS vulnerability that would allow attackers to steal session cookie files.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-11", - "notes": "" - }, - { - "cveID": "CVE-2017-8570", - "vendorProject": "Microsoft", - "product": "Office", - "vulnerabilityName": "Microsoft Office Remote Code Execution Vulnerability", - "dateAdded": "2022-02-25", - "shortDescription": "A remote code execution vulnerability exists in Microsoft Office software when it fails to properly handle objects in memory.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-08-25", - "notes": "" - }, - { - "cveID": "CVE-2017-0222", - "vendorProject": "Microsoft", - "product": "Internet Explorer", - "vulnerabilityName": "Microsoft Internet Explorer Remote Code Execution Vulnerability", - "dateAdded": "2022-02-25", - "shortDescription": "A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-08-25", - "notes": "" - }, - { - "cveID": "CVE-2014-6352", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows Code Injection Vulnerability", - "dateAdded": "2022-02-25", - "shortDescription": "Microsoft Windows allow remote attackers to execute arbitrary code via a crafted OLE object.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-08-25", - "notes": "" - }, - { - "cveID": "CVE-2022-20708", - "vendorProject": "Cisco", - "product": "Small Business RV160, RV260, RV340, and RV345 Series Routers", - "vulnerabilityName": "Cisco Small Business RV Series Routers Stack-based Buffer Overflow Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or cause a denial of service (DoS).", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-17", - "notes": "" - }, - { - "cveID": "CVE-2022-20703", - "vendorProject": "Cisco", - "product": "Small Business RV160, RV260, RV340, and RV345 Series Routers", - "vulnerabilityName": "Cisco Small Business RV Series Routers Stack-based Buffer Overflow Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or cause a denial of service (DoS).", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-17", - "notes": "" - }, - { - "cveID": "CVE-2022-20701", - "vendorProject": "Cisco", - "product": "Small Business RV160, RV260, RV340, and RV345 Series Routers", - "vulnerabilityName": "Cisco Small Business RV Series Routers Stack-based Buffer Overflow Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or cause a denial of service (DoS).", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-17", - "notes": "" - }, - { - "cveID": "CVE-2022-20700", - "vendorProject": "Cisco", - "product": "Small Business RV160, RV260, RV340, and RV345 Series Routers", - "vulnerabilityName": "Cisco Small Business RV Series Routers Stack-based Buffer Overflow Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or cause a denial of service (DoS).", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-17", - "notes": "" - }, - { - "cveID": "CVE-2022-20699", - "vendorProject": "Cisco", - "product": "Small Business RV160, RV260, RV340, and RV345 Series Routers", - "vulnerabilityName": "Cisco Small Business RV Series Routers Stack-based Buffer Overflow Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or cause a denial of service (DoS).", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-17", - "notes": "" - }, - { - "cveID": "CVE-2021-41379", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows Installer Privilege Escalation Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "Microsoft Windows Installer contains an unspecified vulnerability which allows for privilege escalation.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-17", - "notes": "" - }, - { - "cveID": "CVE-2020-1938", - "vendorProject": "Apache", - "product": "Tomcat", - "vulnerabilityName": "Apache Tomcat Improper Privilege Management Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "Apache Tomcat treats Apache JServ Protocol (AJP) connections as having higher trust than, for example, a similar HTTP connection. If such connections are available to an attacker, they can be exploited.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-17", - "notes": "" - }, - { - "cveID": "CVE-2020-11899", - "vendorProject": "Treck TCP/IP stack", - "product": "IPv6", - "vulnerabilityName": "Treck TCP/IP stack Out-of-Bounds Read Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "The Treck TCP/IP stack contains an IPv6 out-of-bounds read vulnerability.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-17", - "notes": "" - }, - { - "cveID": "CVE-2019-16928", - "vendorProject": "Exim", - "product": "Exim Internet Mailer", - "vulnerabilityName": "Exim Out-of-bounds Write Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "Exim contains an out-of-bounds write vulnerability which can allow for remote code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-17", - "notes": "" - }, - { - "cveID": "CVE-2019-1652", - "vendorProject": "Cisco", - "product": "Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers", - "vulnerabilityName": "Cisco Small Business Routers Improper Input Validation Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an authenticated, remote attacker with administrative privileges on an affected device to execute arbitrary commands.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-17", - "notes": "" - }, - { - "cveID": "CVE-2019-1297", - "vendorProject": "Microsoft", - "product": "Excel", - "vulnerabilityName": "Microsoft Excel Remote Code Execution Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "A remote code execution vulnerability exists in Microsoft Excel when the software fails to properly handle objects in memory.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-17", - "notes": "" - }, - { - "cveID": "CVE-2018-8581", - "vendorProject": "Microsoft", - "product": "Exchange Server", - "vulnerabilityName": "Microsoft Exchange Server Privilege Escalation Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "A privilege escalation vulnerability exists in Microsoft Exchange Server. An attacker who successfully exploited this vulnerability could attempt to impersonate any other user of the Exchange server.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-17", - "notes": "" - }, - { - "cveID": "CVE-2018-8298", - "vendorProject": "ChakraCore", - "product": "ChakraCore scripting engine", - "vulnerabilityName": "ChakraCore Scripting Engine Type Confusion Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "The ChakraCore scripting engine contains a type confusion vulnerability which can allow for remote code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-17", - "notes": "" - }, - { - "cveID": "CVE-2018-0180", - "vendorProject": "Cisco", - "product": "IOS Software", - "vulnerabilityName": "Cisco IOS Software Denial-of-Service Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "A vulnerability in the Login Enhancements (Login Block) feature of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a reload of an affected system, resulting in a denial of service (DoS) condition.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-17", - "notes": "" - }, - { - "cveID": "CVE-2018-0179", - "vendorProject": "Cisco", - "product": "IOS Software", - "vulnerabilityName": "Cisco IOS Software Denial-of-Service Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "A vulnerability in the Login Enhancements (Login Block) feature of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a reload of an affected system, resulting in a denial of service (DoS) condition.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-17", - "notes": "" - }, - { - "cveID": "CVE-2018-0175", - "vendorProject": "Cisco", - "product": "IOS, XR, and XE Software", - "vulnerabilityName": "Cisco IOS, XR, and XE Software Buffer Overflow Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "Format string vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges on an affected device.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-17", - "notes": "" - }, - { - "cveID": "CVE-2018-0174", - "vendorProject": "Cisco", - "product": "IOS XE Software", - "vulnerabilityName": "Cisco IOS Software and Cisco IOS XE Software Improper Input Validation Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "A vulnerability in the DHCP option 82 encapsulation functionality of Cisco IOS Software and Cisco IOS XE Software could allow for denial-of-service.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-17", - "notes": "" - }, - { - "cveID": "CVE-2018-0173", - "vendorProject": "Cisco", - "product": "IOS and IOS XE Software", - "vulnerabilityName": "Cisco IOS and IOS XE Software Improper Input Validation Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "A vulnerability in the Cisco IOS Software and Cisco IOS XE Software function that restores encapsulated option 82 information in DHCP Version 4 (DHCPv4) packets can allow for denial-of-service.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-17", - "notes": "" - }, - { - "cveID": "CVE-2018-0172", - "vendorProject": "Cisco", - "product": "IOS and IOS XE Software", - "vulnerabilityName": "Cisco IOS and IOS XE Software Improper Input Validation Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "A vulnerability in the DHCP option 82 encapsulation functionality of Cisco IOS Software and Cisco IOS XE Software could allow for denial-of-service.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-17", - "notes": "" - }, - { - "cveID": "CVE-2018-0167", - "vendorProject": "Cisco", - "product": "IOS, XR, and XE Software", - "vulnerabilityName": "Cisco IOS, XR, and XE Software Buffer Overflow Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "There is a buffer overflow vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software which could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition or execute arbitrary code.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-17", - "notes": "" - }, - { - "cveID": "CVE-2018-0161", - "vendorProject": "Cisco", - "product": "IOS Software", - "vulnerabilityName": "Cisco IOS Software Resource Management Errors Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software running on certain models of Cisco Catalyst Switches could allow an authenticated, remote attacker to cause a denial-of-service (DoS) condition.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-17", - "notes": "" - }, - { - "cveID": "CVE-2018-0159", - "vendorProject": "CIsco", - "product": "IOS Software and Cisco IOS XE Software", - "vulnerabilityName": "Cisco IOS and XE Software Internet Key Exchange Version 1 Denial-of-Service Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "A vulnerability in the implementation of Internet Key Exchange Version 1 (IKEv1) functionality in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial-of-service (DoS) condition.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-17", - "notes": "" - }, - { - "cveID": "CVE-2018-0158", - "vendorProject": "Cisco", - "product": "IOS Software and Cisco IOS XE Software", - "vulnerabilityName": "Cisco IOS and XE Software Internet Key Exchange Memory Leak Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "A vulnerability in the implementation of Internet Key Exchange Version 1 (IKEv1) functionality in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial-of-service (DoS) condition.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-17", - "notes": "" - }, - { - "cveID": "CVE-2018-0156", - "vendorProject": "Cisco", - "product": "IOS Software and Cisco IOS XE Software", - "vulnerabilityName": "Cisco IOS Software and Cisco IOS XE Software Smart Install Denial-of-Service Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial-of-service (DoS) condition.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-17", - "notes": "" - }, - { - "cveID": "CVE-2018-0155", - "vendorProject": "Cisco", - "product": "Catalyst 4500 Series Switches and Cisco Catalyst 4500-X Series Switches", - "vulnerabilityName": "Cisco Catalyst Bidirectional Forwarding Detection Denial-of-Service Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "A vulnerability in the Bidirectional Forwarding Detection (BFD) offload implementation of Cisco Catalyst 4500 Series Switches and Cisco Catalyst 4500-X Series Switches could allow an unauthenticated, remote attacker to cause a crash of the iosd process, causing a denial-of-service (DoS) condition.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-17", - "notes": "" - }, - { - "cveID": "CVE-2018-0154", - "vendorProject": "Cisco", - "product": "IOS Software", - "vulnerabilityName": "Cisco IOS Software Integrated Services Module for VPN Denial-of-Service Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "A vulnerability in the crypto engine of the Cisco Integrated Services Module for VPN (ISM-VPN) running Cisco IOS Software could allow an unauthenticated, remote attacker to cause a denial-of-service (DoS) condition.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-17", - "notes": "" - }, - { - "cveID": "CVE-2018-0151", - "vendorProject": "Cisco", - "product": "IOS and IOS XE Software", - "vulnerabilityName": "Cisco IOS Software and Cisco IOS XE Software Quality of Service Remote Code Execution Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "A vulnerability in the quality of service (QoS) subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-17", - "notes": "" - }, - { - "cveID": "CVE-2017-8540", - "vendorProject": "Microsoft", - "product": "Malware Protection Engine", - "vulnerabilityName": "Microsoft Malware Protection Engine Improper Restriction of Operations Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to memory corruption. aka \"Microsoft Malware Protection Engine Remote Code Execution Vulnerability\".", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-24", - "notes": "" - }, - { - "cveID": "CVE-2017-6744", - "vendorProject": "Cisco", - "product": "IOS software", - "vulnerabilityName": "Cisco IOS Software SNMP Remote Code Execution Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 1 contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via IPv4 or IPv6.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-24", - "notes": "" - }, - { - "cveID": "CVE-2017-6743", - "vendorProject": "Cisco", - "product": "IOS and IOS XE Software", - "vulnerabilityName": "Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-24", - "notes": "" - }, - { - "cveID": "CVE-2017-6740", - "vendorProject": "Cisco", - "product": "IOS and IOS XE Software", - "vulnerabilityName": "Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-24", - "notes": "" - }, - { - "cveID": "CVE-2017-6739", - "vendorProject": "Cisco", - "product": "IOS and IOS XE Software", - "vulnerabilityName": "Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-24", - "notes": "" - }, - { - "cveID": "CVE-2017-6738", - "vendorProject": "Cisco", - "product": "IOS and IOS XE Software", - "vulnerabilityName": "Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-24", - "notes": "" - }, - { - "cveID": "CVE-2017-6737", - "vendorProject": "Cisco", - "product": "IOS and IOS XE Software", - "vulnerabilityName": "Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-24", - "notes": "" - }, - { - "cveID": "CVE-2017-6736", - "vendorProject": "Cisco", - "product": "IOS and IOS XE Software", - "vulnerabilityName": "Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-24", - "notes": "" - }, - { - "cveID": "CVE-2017-6663", - "vendorProject": "Cisco", - "product": "IOS and IOS XE Software", - "vulnerabilityName": "Cisco IOS Software and Cisco IOS XE Software Denial-of-Service Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "A vulnerability in the Autonomic Networking feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause autonomic nodes of an affected system to reload, resulting in denial-of-service (DoS).", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-24", - "notes": "" - }, - { - "cveID": "CVE-2017-6627", - "vendorProject": "Cisco", - "product": "IOS and IOS XE Software", - "vulnerabilityName": "Cisco IOS Software and Cisco IOS XE Software UDP Packet Processing Denial-of-Service Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "A vulnerability in the UDP processing code of Cisco IOS and IOS XE could allow an unauthenticated, remote attacker to cause the input queue of an affected system to hold UDP packets, causing an interface queue wedge and denial of service.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-24", - "notes": "" - }, - { - "cveID": "CVE-2017-12319", - "vendorProject": "Cisco", - "product": "IOS XE Software", - "vulnerabilityName": "Cisco IOS XE Software Ethernet Virtual Private Network Border Gateway Protocol Denial-of-Service Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "A vulnerability in the Border Gateway Protocol (BGP) over an Ethernet Virtual Private Network (EVPN) for Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the device to reload, resulting in a denial of service (DoS) condition, or potentially corrupt the BGP routing table, which could result in network instability.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-24", - "notes": "" - }, - { - "cveID": "CVE-2017-12240", - "vendorProject": "Cisco", - "product": "IOS and IOS XE Software", - "vulnerabilityName": "Cisco IOS and IOS XE Software DHCP Remote Code Execution Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "The Dynamic Host Configuration Protocol (DHCP) relay subsystem of Cisco IOS and Cisco IOS XE Software contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code and gain full control of an affected system.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-24", - "notes": "" - }, - { - "cveID": "CVE-2017-12238", - "vendorProject": "Cisco", - "product": "Catalyst 6800 Series Switches", - "vulnerabilityName": "Cisco Catalyst 6800 Series Switches VPLS Denial-of-Service Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "A vulnerability in the Virtual Private LAN Service (VPLS) code of Cisco IOS for Cisco Catalyst 6800 Series Switches could allow an unauthenticated, adjacent attacker to cause a denial of service.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-24", - "notes": "" - }, - { - "cveID": "CVE-2017-12237", - "vendorProject": "Cisco", - "product": "IOS and IOS XE Software", - "vulnerabilityName": "Cisco IOS and IOS XE Software Internet Key Exchange Denial-of-Service Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco IOS and Cisco IOS XE could allow an unauthenticated, remote attacker to cause high CPU utilization, traceback messages, or a reload of an affected device that leads to a denial of service.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-24", - "notes": "" - }, - { - "cveID": "CVE-2017-12235", - "vendorProject": "Cisco", - "product": "IOS software", - "vulnerabilityName": "Cisco IOS Software for Cisco Industrial Ethernet Switches PROFINET Denial-of-Service Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "A vulnerability in the implementation of the PROFINET Discovery and Configuration Protocol (PN-DCP) for Cisco IOS could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-24", - "notes": "" - }, - { - "cveID": "CVE-2017-12234", - "vendorProject": "Cisco", - "product": "IOS software", - "vulnerabilityName": "Cisco IOS Software Common Industrial Protocol Request Denial-of-Service Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "There is a vulnerability in the implementation of the Common Industrial Protocol (CIP) feature in Cisco IOS could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-24", - "notes": "" - }, - { - "cveID": "CVE-2017-12233", - "vendorProject": "Cisco", - "product": "IOS software", - "vulnerabilityName": "Cisco IOS Software Common Industrial Protocol Request Denial-of-Service Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "There is a vulnerability in the implementation of the Common Industrial Protocol (CIP) feature in Cisco IOS could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-24", - "notes": "" - }, - { - "cveID": "CVE-2017-12232", - "vendorProject": "Cisco", - "product": "IOS software", - "vulnerabilityName": "Cisco IOS Software for Cisco Integrated Services Routers Denial-of-Service Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "A vulnerability in the implementation of a protocol in Cisco Integrated Services Routers Generation 2 (ISR G2) Routers running Cisco IOS could allow an unauthenticated, adjacent attacker to cause an affected device to reload, resulting in a denial of service.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-24", - "notes": "" - }, - { - "cveID": "CVE-2017-12231", - "vendorProject": "Cisco", - "product": "IOS software", - "vulnerabilityName": "Cisco IOS Software Network Address Translation Denial-of-Service Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "A vulnerability in the implementation of Network Address Translation (NAT) functionality in Cisco IOS could allow an unauthenticated, remote attacker to cause a denial of service.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-24", - "notes": "" - }, - { - "cveID": "CVE-2017-11826", - "vendorProject": "Microsoft", - "product": "Office", - "vulnerabilityName": "Microsoft Office Remote Code Execution Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-24", - "notes": "" - }, - { - "cveID": "CVE-2017-11292", - "vendorProject": "Adobe", - "product": "Flash Player", - "vulnerabilityName": "Adobe Flash Player Type Confusion Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "Adobe Flash Player contains a type confusion vulnerability which can allow for remote code execution.", - "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", - "dueDate": "2022-03-24", - "notes": "" - }, - { - "cveID": "CVE-2017-0261", - "vendorProject": "Microsoft", - "product": "Office", - "vulnerabilityName": "Microsoft Office Use-After-Free Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "Microsoft Office contains a use-after-free vulnerability which can allow for remote code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-24", - "notes": "" - }, - { - "cveID": "CVE-2017-0001", - "vendorProject": "Microsoft", - "product": "Graphics Device Interface (GDI)", - "vulnerabilityName": "Microsoft Graphics Device Interface (GDI) Privilege Escalation Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows local users to gain privileges", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-24", - "notes": "" - }, - { - "cveID": "CVE-2016-8562", - "vendorProject": "Siemens", - "product": "SIMATIC CP", - "vulnerabilityName": "Siemens SIMATIC CP 1543-1 Improper Privilege Management Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "An improper privilege management vulnerability exists within the Siemens SIMATIC Communication Processor (CP) that allows a privileged attacker to remotely cause a denial of service.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-24", - "notes": "" - }, - { - "cveID": "CVE-2016-7855", - "vendorProject": "Adobe", - "product": "Flash Player", - "vulnerabilityName": "Adobe Flash Player Use-After-Free Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "Use-after-free vulnerability in Adobe Flash Player Windows and OS and Linux allows remote attackers to execute arbitrary code.", - "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", - "dueDate": "2022-03-24", - "notes": "" - }, - { - "cveID": "CVE-2016-7262", - "vendorProject": "Microsoft", - "product": "Excel", - "vulnerabilityName": "Microsoft Office Security Feature Bypass Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "A security feature bypass vulnerability exists when Microsoft Office improperly handles input. An attacker who successfully exploited the vulnerability could execute arbitrary commands.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-24", - "notes": "" - }, - { - "cveID": "CVE-2016-7193", - "vendorProject": "Microsoft", - "product": "Office", - "vulnerabilityName": "Microsoft Office Memory Corruption Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "Microsoft Office contains a memory corruption vulnerability which can allow for remote code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-24", - "notes": "" - }, - { - "cveID": "CVE-2016-5195", - "vendorProject": "Linux", - "product": "Kernel", - "vulnerabilityName": "Linux Kernel Race Condition Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "Race condition in mm/gup.c in the Linux kernel allows local users to escalate privileges.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-24", - "notes": "" - }, - { - "cveID": "CVE-2016-4117", - "vendorProject": "Adobe", - "product": "Flash Player", - "vulnerabilityName": "Adobe Flash Player Arbitrary Code Execution Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "An access of resource using incompatible type vulnerability exists within Adobe Flash Player that allows an attacker to perform remote code execution.", - "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", - "dueDate": "2022-03-24", - "notes": "" - }, - { - "cveID": "CVE-2016-1019", - "vendorProject": "Adobe", - "product": "Flash Player", - "vulnerabilityName": "Adobe Flash Player Arbitrary Code Execution Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "Adobe Flash Player allows remote attackers to cause a denial of service or possibly execute arbitrary code.", - "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", - "dueDate": "2022-03-24", - "notes": "" - }, - { - "cveID": "CVE-2016-0099", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows Secondary Logon Service Privilege Escalation Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "A privilege escalation vulnerability exists in Microsoft Windows if the Windows Secondary Logon Service fails to properly manage request handles in memory. An attacker who successfully exploited this vulnerability could run arbitrary code as an administrator.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-24", - "notes": "" - }, - { - "cveID": "CVE-2015-7645", - "vendorProject": "Adobe", - "product": "Flash Player", - "vulnerabilityName": "Adobe Flash Player Arbitrary Code Execution Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "Adobe Flash Player allows remote attackers to execute arbitrary code via a crafted SWF file.", - "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", - "dueDate": "2022-03-24", - "notes": "" - }, - { - "cveID": "CVE-2015-5119", - "vendorProject": "Adobe", - "product": "Flash Player", - "vulnerabilityName": "Adobe Flash Player Use-After-Free Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "A use-after-free vulnerability exists within the ActionScript 3 ByteArray class in Adobe Flash Player that allows an attacker to perform remote code execution.", - "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", - "dueDate": "2022-03-24", - "notes": "" - }, - { - "cveID": "CVE-2015-4902", - "vendorProject": "Oracle", - "product": "Java SE", - "vulnerabilityName": "Oracle Java SE Integrity Check Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "Unspecified vulnerability in Oracle Java SE allows remote attackers to affect integrity via unknown vectors related to deployment.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-24", - "notes": "" - }, - { - "cveID": "CVE-2015-3043", - "vendorProject": "Adobe", - "product": "Flash Player", - "vulnerabilityName": "Adobe Flash Player Memory Corruption Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "A memory corruption vulnerability exists in Adobe Flash Player that allows an attacker to perform remote code execution.", - "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", - "dueDate": "2022-03-24", - "notes": "" - }, - { - "cveID": "CVE-2015-2590", - "vendorProject": "Oracle", - "product": "Java SE", - "vulnerabilityName": "Oracle Java SE and Java SE Embedded Remote Code Execution Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "An unspecified vulnerability exists within Oracle Java Runtime Environment that allows an attacker to perform remote code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-24", - "notes": "" - }, - { - "cveID": "CVE-2015-2545", - "vendorProject": "Microsoft", - "product": "Office", - "vulnerabilityName": "Microsoft Office Malformed EPS File Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "Microsoft Office allows remote attackers to execute arbitrary code via a crafted EPS image.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-24", - "notes": "" - }, - { - "cveID": "CVE-2015-2424", - "vendorProject": "Microsoft", - "product": "PowerPoint", - "vulnerabilityName": "Microsoft PowerPoint Memory Corruption Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "Microsoft PowerPoint allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-24", - "notes": "" - }, - { - "cveID": "CVE-2015-2387", - "vendorProject": "Microsoft", - "product": "ATM Font Driver", - "vulnerabilityName": "Microsoft ATM Font Driver Privilege Escalation Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "ATMFD.DLL in the Adobe Type Manager Font Driver in Microsoft Windows Server allows local users to gain privileges via a crafted application.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-24", - "notes": "" - }, - { - "cveID": "CVE-2015-1701", - "vendorProject": "Microsoft", - "product": "Win32k", - "vulnerabilityName": "Microsoft Win32k Privilege Escalation Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "An unspecified vulnerability exists in the Win32k.sys kernel-mode driver in Microsoft Windows Server that allows a local attacker to execute arbitrary code with elevated privileges.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-24", - "notes": "" - }, - { - "cveID": "CVE-2015-1642", - "vendorProject": "Microsoft", - "product": "Office", - "vulnerabilityName": "Microsoft Office Memory Corruption Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "Microsoft Office contains a memory corruption vulnerability which allows remote attackers to execute arbitrary code via a crafted document.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-24", - "notes": "" - }, - { - "cveID": "CVE-2014-4114", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows Object Linking \u0026 Embedding (OLE) Remote Code Execution Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "A vulnerability exists in Windows Object Linking \u0026 Embedding (OLE) that could allow remote code execution if a user opens a file that contains a specially crafted OLE object.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-24", - "notes": "" - }, - { - "cveID": "CVE-2014-0496", - "vendorProject": "Adobe", - "product": "Reader and Acrobat", - "vulnerabilityName": "Adobe Reader and Acrobat Use-After-Free Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "Adobe Reader and Acrobat contain a use-after-free vulnerability which can allow for code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-24", - "notes": "" - }, - { - "cveID": "CVE-2013-5065", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows Kernel Privilege Escalation Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "Microsoft Windows NDProxy.sys in the kernel contains an improper input validation vulnerability which can allow a local attacker to escalate privileges.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-24", - "notes": "" - }, - { - "cveID": "CVE-2013-3897", - "vendorProject": "Microsoft", - "product": "Internet Explorer", - "vulnerabilityName": "Microsoft Internet Explorer Use-After-Free Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "A use-after-free vulnerability exists within CDisplayPointer in Microsoft Internet Explorer that allows an attacker to remotely execute arbitrary code.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-24", - "notes": "" - }, - { - "cveID": "CVE-2013-3346", - "vendorProject": "Adobe", - "product": "Reader and Acrobat", - "vulnerabilityName": "Adobe Reader and Acrobat Memory Corruption Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "Adobe Reader and Acrobat contain a memory corruption vulnerability which can allow attackers to execute arbitrary code or cause a denial of service.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-24", - "notes": "" - }, - { - "cveID": "CVE-2013-1675", - "vendorProject": "Mozilla", - "product": "Firefox", - "vulnerabilityName": "Mozilla Firefox Information Disclosure Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "Mozilla Firefox does not properly initialize data structures for the nsDOMSVGZoomEvent::mPreviousScale and nsDOMSVGZoomEvent::mNewScale functions, which allows remote attackers to obtain sensitive information from process memory via a crafted web site.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-24", - "notes": "" - }, - { - "cveID": "CVE-2013-1347", - "vendorProject": "Microsoft", - "product": "Internet Explorer", - "vulnerabilityName": "Microsoft Internet Explorer Remote Code Execution Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "This vulnerability may corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user within Internet Explorer.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-24", - "notes": "" - }, - { - "cveID": "CVE-2013-0641", - "vendorProject": "Adobe", - "product": "Reader", - "vulnerabilityName": "Adobe Reader Buffer Overflow Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "A buffer overflow vulnerability exists in Adobe Reader which allows an attacker to perform remote code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-24", - "notes": "" - }, - { - "cveID": "CVE-2013-0640", - "vendorProject": "Adobe", - "product": "Reader and Acrobat", - "vulnerabilityName": "Adobe Reader and Acrobat Memory Corruption Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "An memory corruption vulnerability exists in the acroform.dll in Adobe Reader that allows an attacker to perform remote code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-24", - "notes": "" - }, - { - "cveID": "CVE-2013-0632", - "vendorProject": "Adobe", - "product": "ColdFusion", - "vulnerabilityName": "Adobe ColdFusion Authentication Bypass Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "An authentication bypass vulnerability exists in Adobe ColdFusion which could result in an unauthorized user gaining administrative access.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-24", - "notes": "" - }, - { - "cveID": "CVE-2012-4681", - "vendorProject": "Oracle", - "product": "Java SE", - "vulnerabilityName": "Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "The Java Runtime Environment (JRE) component in Oracle Java SE allow for remote code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-24", - "notes": "" - }, - { - "cveID": "CVE-2012-1856", - "vendorProject": "Microsoft", - "product": "Office", - "vulnerabilityName": "Microsoft Office MSCOMCTL.OCX Remote Code Execution Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "The TabStrip ActiveX control in the Common Controls in MSCOMCTL.OCX in Microsoft Office allows remote attackers to execute arbitrary code via a crafted (1) document or (2) web page that triggers system-state corruption.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-24", - "notes": "" - }, - { - "cveID": "CVE-2012-1723", - "vendorProject": "Oracle", - "product": "Java SE", - "vulnerabilityName": "Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-24", - "notes": "" - }, - { - "cveID": "CVE-2012-1535", - "vendorProject": "Adobe", - "product": "Flash Player", - "vulnerabilityName": "Adobe Flash Player Arbitrary Code Execution Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "Unspecified vulnerability in Adobe Flash Player allows remote attackers to execute arbitrary code or cause a denial of service via crafted SWF content.", - "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", - "dueDate": "2022-03-24", - "notes": "" - }, - { - "cveID": "CVE-2012-0507", - "vendorProject": "Oracle", - "product": "Java SE", - "vulnerabilityName": "Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "An incorrect type vulnerability exists in the Concurrency component of Oracle\u0027s Java Runtime Environment allows an attacker to remotely execute arbitrary code.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-24", - "notes": "" - }, - { - "cveID": "CVE-2011-3544", - "vendorProject": "Oracle", - "product": "Java SE JDK and JRE", - "vulnerabilityName": "Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "An access control vulnerability exists in the Applet Rhino Script Engine component of Oracle\u0027s Java Runtime Environment allows an attacker to remotely execute arbitrary code.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-24", - "notes": "" - }, - { - "cveID": "CVE-2011-1889", - "vendorProject": "Microsoft", - "product": "Forefront Threat Management Gateway (TMG)", - "vulnerabilityName": "Microsoft Forefront TMG Remote Code Execution Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "A remote code execution vulnerability exists in the Forefront Threat Management Gateway (TMG) Firewall Client Winsock provider that could allow code execution in the security context of the client application.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-24", - "notes": "" - }, - { - "cveID": "CVE-2011-0611", - "vendorProject": "Adobe", - "product": "Flash Player", - "vulnerabilityName": "Adobe Flash Player Remote Code Execution Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "Adobe Flash Player contains a vulnerability which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Flash content.", - "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", - "dueDate": "2022-03-24", - "notes": "" - }, - { - "cveID": "CVE-2010-3333", - "vendorProject": "Microsoft", - "product": "Office", - "vulnerabilityName": "Microsoft Office Stack-based Buffer Overflow Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "A stack-based buffer overflow vulnerability exists in the parsing of RTF data in Microsoft Office and earlier allows an attacker to perform remote code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-24", - "notes": "" - }, - { - "cveID": "CVE-2010-0232", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows Kernel Exception Handler Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "The kernel in Microsoft Windows, when access to 16-bit applications is enabled on a 32-bit x86 platform, does not properly validate certain BIOS calls, which allows local users to gain privileges.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-24", - "notes": "" - }, - { - "cveID": "CVE-2010-0188", - "vendorProject": "Adobe", - "product": "Reader and Acrobat", - "vulnerabilityName": "Adobe Reader and Acrobat Arbitrary Code Execution Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "Unspecified vulnerability in Adobe Reader and Acrobat allows attackers to cause a denial of service or possibly execute arbitrary code.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-24", - "notes": "" - }, - { - "cveID": "CVE-2009-3129", - "vendorProject": "Microsoft", - "product": "Excel", - "vulnerabilityName": "Microsoft Excel Featheader Record Memory Corruption Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "Microsoft Office Excel allows remote attackers to execute arbitrary code via a spreadsheet with a FEATHEADER record containing an invalid cbHdrData size element that affects a pointer offset.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-24", - "notes": "" - }, - { - "cveID": "CVE-2009-1123", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows Improper Input Validation Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "The kernel in Microsoft Windows does not properly validate changes to unspecified kernel objects, which allows local users to gain privileges via a crafted application.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-24", - "notes": "" - }, - { - "cveID": "CVE-2008-3431", - "vendorProject": "Oracle", - "product": "VirtualBox", - "vulnerabilityName": "Oracle VirtualBox Insufficient Input Validation Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "An input validation vulnerability exists in the VBoxDrv.sys driver of Sun xVM VirtualBox which allows attackers to locally execute arbitrary code.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-24", - "notes": "" - }, - { - "cveID": "CVE-2008-2992", - "vendorProject": "Adobe", - "product": "Acrobat and Reader", - "vulnerabilityName": "Adobe Reader and Acrobat Input Validation Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "Adobe Acrobat and Reader contain an input validation issue in a JavaScript method that could potentially lead to remote code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-24", - "notes": "" - }, - { - "cveID": "CVE-2004-0210", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows Privilege Escalation Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "A privilege elevation vulnerability exists in the POSIX subsystem. This vulnerability could allow a logged on user to take complete control of the system.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-24", - "notes": "" - }, - { - "cveID": "CVE-2002-0367", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows Privilege Escalation Vulnerability", - "dateAdded": "2022-03-03", - "shortDescription": "smss.exe debugging subsystem in Microsoft Windows does not properly authenticate programs that connect to other programs, which allows local users to gain administrator or SYSTEM privileges.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-24", - "notes": "" - }, - { - "cveID": "CVE-2022-26486", - "vendorProject": "Mozilla", - "product": "Firefox", - "vulnerabilityName": "Mozilla Firefox Use-After-Free Vulnerability", - "dateAdded": "2022-03-07", - "shortDescription": "Mozilla Firefox contains a use-after-free vulnerability in WebGPU IPC Framework which can be exploited to perform arbitrary code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-21", - "notes": "" - }, - { - "cveID": "CVE-2022-26485", - "vendorProject": "Mozilla", - "product": "Firefox", - "vulnerabilityName": "Mozilla Firefox Use-After-Free Vulnerability", - "dateAdded": "2022-03-07", - "shortDescription": "Mozilla Firefox contains a use-after-free vulnerability in XSLT parameter processing which can be exploited to perform arbitrary code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-21", - "notes": "" - }, - { - "cveID": "CVE-2021-21973", - "vendorProject": "VMware", - "product": "vCenter Server and Cloud Foundation", - "vulnerabilityName": "VMware vCenter Server and Cloud Foundation Server Side Request Forgery (SSRF) Vulnerability", - "dateAdded": "2022-03-07", - "shortDescription": "VMware vCenter Server and Cloud Foundation Server contain a SSRF vulnerability due to improper validation of URLs in a vCenter Server plugin. This allows for information disclosure.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-03-21", - "notes": "" - }, - { - "cveID": "CVE-2020-8218", - "vendorProject": "Pulse Secure", - "product": "Pulse Connect Secure", - "vulnerabilityName": "Pulse Connect Secure Code Injection Vulnerability", - "dateAdded": "2022-03-07", - "shortDescription": "A code injection vulnerability exists in Pulse Connect Secure that allows an attacker to crafted a URI to perform an arbitrary code execution via the admin web interface.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-09-07", - "notes": "" - }, - { - "cveID": "CVE-2019-11581", - "vendorProject": "Atlassian", - "product": "Jira Server and Data Center", - "vulnerabilityName": "Atlassian Jira Server and Data Center Server-Side Template Injection Vulnerability", - "dateAdded": "2022-03-07", - "shortDescription": "Atlassian Jira Server and Data Center contain a server-side template injection vulnerability which can allow for remote code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-09-07", - "notes": "" - }, - { - "cveID": "CVE-2017-6077", - "vendorProject": "NETGEAR", - "product": "Wireless Router DGN2200", - "vulnerabilityName": "NETGEAR DGN2200 Remote Code Execution Vulnerability", - "dateAdded": "2022-03-07", - "shortDescription": "NETGEAR DGN2200 wireless routers contain a vulnerability which allows for remote code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-09-07", - "notes": "" - }, - { - "cveID": "CVE-2016-6277", - "vendorProject": "NETGEAR", - "product": "Multiple Routers", - "vulnerabilityName": "NETGEAR Multiple Routers Remote Code Execution Vulnerability", - "dateAdded": "2022-03-07", - "shortDescription": "NETGEAR confirmed multiple routers allow unauthenticated web pages to pass form input directly to the command-line interface, permitting remote code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-09-07", - "notes": "" - }, - { - "cveID": "CVE-2013-0631", - "vendorProject": "Adobe", - "product": "ColdFusion", - "vulnerabilityName": "Adobe ColdFusion Information Disclosure Vulnerability", - "dateAdded": "2022-03-07", - "shortDescription": "Adobe Coldfusion contains an unspecified vulnerability, which could result in information disclosure from a compromised server.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-09-07", - "notes": "" - }, - { - "cveID": "CVE-2013-0629", - "vendorProject": "Adobe", - "product": "ColdFusion", - "vulnerabilityName": "Adobe ColdFusion Directory Traversal Vulnerability", - "dateAdded": "2022-03-07", - "shortDescription": "Adobe Coldfusion contains a directory traversal vulnerability, which could permit an unauthorized user access to restricted directories.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-09-07", - "notes": "" - }, - { - "cveID": "CVE-2013-0625", - "vendorProject": "Adobe", - "product": "ColdFusion", - "vulnerabilityName": "Adobe ColdFusion Authentication Bypass Vulnerability", - "dateAdded": "2022-03-07", - "shortDescription": "Adobe Coldfusion contains an authentication bypass vulnerability, which could result in an unauthorized user gaining administrative access.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-09-07", - "notes": "" - }, - { - "cveID": "CVE-2009-3960", - "vendorProject": "Adobe", - "product": "BlazeDS", - "vulnerabilityName": "Adobe BlazeDS Information Disclosure Vulnerability", - "dateAdded": "2022-03-07", - "shortDescription": "Adobe BlazeDS, which is utilized in LifeCycle and Coldfusion, contains a vulnerability which allows for information disclosure.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-09-07", - "notes": "" - }, - { - "cveID": "CVE-2020-5135", - "vendorProject": "SonicWall", - "product": "SonicOS", - "vulnerabilityName": "SonicWall SonicOS Buffer Overflow Vulnerability", - "dateAdded": "2022-03-15", - "shortDescription": "A buffer overflow vulnerability in SonicOS allows a remote attacker to cause Denial of Service (DoS) and potentially execute arbitrary code by sending a malicious request to the firewall.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-05", - "notes": "" - }, - { - "cveID": "CVE-2019-1405", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows Universal Plug and Play (UPnP) Service Privilege Escalation Vulnerability", - "dateAdded": "2022-03-15", - "shortDescription": "A privilege escalation vulnerability exists when the Windows UPnP service improperly allows COM object creation.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-05", - "notes": "" - }, - { - "cveID": "CVE-2019-1322", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows Privilege Escalation Vulnerability", - "dateAdded": "2022-03-15", - "shortDescription": "A privilege escalation vulnerability exists when Windows improperly handles authentication requests. An attacker who successfully exploited this vulnerability could run processes in an elevated context.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-05", - "notes": "" - }, - { - "cveID": "CVE-2019-1315", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows Error Reporting Manager Privilege Escalation Vulnerability", - "dateAdded": "2022-03-15", - "shortDescription": "A privilege escalation vulnerability exists when Windows Error Reporting manager improperly handles hard links. An attacker who successfully exploited this vulnerability could overwrite a targeted file leading to an elevated status.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-05", - "notes": "" - }, - { - "cveID": "CVE-2019-1253", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows AppX Deployment Server Privilege Escalation Vulnerability", - "dateAdded": "2022-03-15", - "shortDescription": "A privilege escalation vulnerability exists when the Windows AppX Deployment Server improperly handles junctions.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-05", - "notes": "" - }, - { - "cveID": "CVE-2019-1132", - "vendorProject": "Microsoft", - "product": "Win32k", - "vulnerabilityName": "Microsoft Win32k Privilege Escalation Vulnerability", - "dateAdded": "2022-03-15", - "shortDescription": "A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-05", - "notes": "" - }, - { - "cveID": "CVE-2019-1129", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows AppX Deployment Service (AppXSVC) Privilege Escalation Vulnerability", - "dateAdded": "2022-03-15", - "shortDescription": "A privilege escalation vulnerability exists when Windows AppXSVC improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-05", - "notes": "" - }, - { - "cveID": "CVE-2019-1069", - "vendorProject": "Microsoft", - "product": "Task Scheduler", - "vulnerabilityName": "Microsoft Task Scheduler Privilege Escalation Vulnerability", - "dateAdded": "2022-03-15", - "shortDescription": "A privilege escalation vulnerability exists in the way the Task Scheduler Service validates certain file operations.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-05", - "notes": "" - }, - { - "cveID": "CVE-2019-1064", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows AppX Deployment Service (AppXSVC) Privilege Escalation Vulnerability", - "dateAdded": "2022-03-15", - "shortDescription": "A privilege escalation vulnerability exists when Windows AppXSVC improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-05", - "notes": "" - }, - { - "cveID": "CVE-2019-0841", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows AppX Deployment Service (AppXSVC) Privilege Escalation Vulnerability", - "dateAdded": "2022-03-15", - "shortDescription": "A privilege escalation vulnerability exists when Windows AppXSVC improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-05", - "notes": "" - }, - { - "cveID": "CVE-2019-0543", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows Privilege Escalation Vulnerability", - "dateAdded": "2022-03-15", - "shortDescription": "A privilege escalation vulnerability exists when Windows improperly handles authentication requests. An attacker who successfully exploited this vulnerability could run processes in an elevated context.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-05", - "notes": "" - }, - { - "cveID": "CVE-2018-8120", - "vendorProject": "Microsoft", - "product": "Win32k", - "vulnerabilityName": "Microsoft Win32k Privilege Escalation Vulnerability", - "dateAdded": "2022-03-15", - "shortDescription": "A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-05", - "notes": "" - }, - { - "cveID": "CVE-2017-0101", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows Transaction Manager Privilege Escalation Vulnerability", - "dateAdded": "2022-03-15", - "shortDescription": "A privilege escalation vulnerability exists when the Windows Transaction Manager improperly handles objects in memory.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-05", - "notes": "" - }, - { - "cveID": "CVE-2016-3309", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows Kernel Privilege Escalation Vulnerability", - "dateAdded": "2022-03-15", - "shortDescription": "A privilege escalation vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-05", - "notes": "" - }, - { - "cveID": "CVE-2015-2546", - "vendorProject": "Microsoft", - "product": "Win32k", - "vulnerabilityName": "Microsoft Win32k Memory Corruption Vulnerability", - "dateAdded": "2022-03-15", - "shortDescription": "The kernel-mode driver in Microsoft Windows OS and Server allows local users to gain privileges via a crafted application.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-05", - "notes": "" - }, - { - "cveID": "CVE-2022-26318", - "vendorProject": "WatchGuard", - "product": "Firebox and XTM Appliances", - "vulnerabilityName": "WatchGuard Firebox and XTM Appliances Arbitrary Code Execution", - "dateAdded": "2022-03-25", - "shortDescription": "On WatchGuard Firebox and XTM appliances, an unauthenticated user can execute arbitrary code.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-15", - "notes": "" - }, - { - "cveID": "CVE-2022-26143", - "vendorProject": "Mitel", - "product": "MiCollab, MiVoice Business Express", - "vulnerabilityName": "MiCollab, MiVoice Business Express Access Control Vulnerability", - "dateAdded": "2022-03-25", - "shortDescription": "A vulnerability has been identified in MiCollab and MiVoice Business Express that may allow a malicious actor to gain unauthorized access to sensitive information and services, cause performance degradations or a denial of service condition on the affected system.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-15", - "notes": "" - }, - { - "cveID": "CVE-2022-21999", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows Print Spooler Privilege Escalation Vulnerability", - "dateAdded": "2022-03-25", - "shortDescription": "Microsoft Windows Print Spooler contains an unspecified vulnerability which can allow for privilege escalation.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-15", - "notes": "" - }, - { - "cveID": "CVE-2021-42237", - "vendorProject": "Sitecore", - "product": "XP", - "vulnerabilityName": "Sitecore XP Remote Command Execution Vulnerability", - "dateAdded": "2022-03-25", - "shortDescription": "Sitcore XP contains an insecure deserialization vulnerability which can allow for remote code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-15", - "notes": "" - }, - { - "cveID": "CVE-2021-22941", - "vendorProject": "Citrix", - "product": "ShareFile", - "vulnerabilityName": "Citrix ShareFile Improper Access Control Vulnerability", - "dateAdded": "2022-03-25", - "shortDescription": "Improper Access Control in Citrix ShareFile storage zones controller may allow an unauthenticated attacker to remotely compromise the storage zones controller.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-15", - "notes": "" - }, - { - "cveID": "CVE-2020-9377", - "vendorProject": "D-Link", - "product": "DIR-610 Devices", - "vulnerabilityName": "D-Link DIR-610 Devices Remote Command Execution", - "dateAdded": "2022-03-25", - "shortDescription": "D-Link DIR-610 devices allow remote code execution via the cmd parameter to command.php.", - "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", - "dueDate": "2022-04-15", - "notes": "" - }, - { - "cveID": "CVE-2020-9054", - "vendorProject": "Zyxel", - "product": "Multiple Network-Attached Storage (NAS) Devices", - "vulnerabilityName": "Zyxel Multiple NAS Devices OS Command Injection Vulnerability", - "dateAdded": "2022-03-25", - "shortDescription": "Multiple Zyxel network-attached storage (NAS) devices contain a pre-authentication command injection vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-15", - "notes": "" - }, - { - "cveID": "CVE-2020-7247", - "vendorProject": "OpenBSD", - "product": "OpenSMTPD", - "vulnerabilityName": "OpenSMTPD Remote Code Execution Vulnerability", - "dateAdded": "2022-03-25", - "shortDescription": "smtp_mailaddr in smtp_session.c in OpenSMTPD, as used in OpenBSD and other products, allows remote attackers to execute arbitrary commands as root via a crafted SMTP session.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-15", - "notes": "" - }, - { - "cveID": "CVE-2020-5410", - "vendorProject": "VMware Tanzu", - "product": "Spring Cloud Configuration (Config) Server", - "vulnerabilityName": "VMware Tanzu Spring Cloud Config Directory Traversal Vulnerability", - "dateAdded": "2022-03-25", - "shortDescription": "Spring, by VMware Tanzu, Cloud Config contains a path traversal vulnerability which allows applications to serve arbitrary configuration files.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-15", - "notes": "" - }, - { - "cveID": "CVE-2020-25223", - "vendorProject": "Sophos", - "product": "SG UTM", - "vulnerabilityName": "Sophos SG UTM Remote Code Execution Vulnerability", - "dateAdded": "2022-03-25", - "shortDescription": "A remote code execution vulnerability exists in the WebAdmin of Sophos SG UTM.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-15", - "notes": "" - }, - { - "cveID": "CVE-2020-2506", - "vendorProject": "QNAP Systems", - "product": "Helpdesk", - "vulnerabilityName": "QNAP Helpdesk Improper Access Control Vulnerability", - "dateAdded": "2022-03-25", - "shortDescription": "QNAP Helpdesk contains an improper access control vulnerability which could allow an attacker to gain privileges or to read sensitive information.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-15", - "notes": "" - }, - { - "cveID": "CVE-2020-2021", - "vendorProject": "Palo Alto Networks", - "product": "PAN-OS", - "vulnerabilityName": "Palo Alto Networks PAN-OS Authentication Bypass Vulnerability", - "dateAdded": "2022-03-25", - "shortDescription": "Palo Alto Networks PAN-OS contains a vulnerability in SAML which allows an attacker to bypass authentication.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-15", - "notes": "" - }, - { - "cveID": "CVE-2020-1956", - "vendorProject": "Apache", - "product": "Kylin", - "vulnerabilityName": "Apache Kylin OS Command Injection Vulnerability", - "dateAdded": "2022-03-25", - "shortDescription": "Apache Kylin contains an OS command injection vulnerability which could permit an attacker to perform remote code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-15", - "notes": "" - }, - { - "cveID": "CVE-2020-1631", - "vendorProject": "Juniper", - "product": "Junos OS", - "vulnerabilityName": "Juniper Junos OS Path Traversal Vulnerability", - "dateAdded": "2022-03-25", - "shortDescription": "A path traversal vulnerability in the HTTP/HTTPS service used by J-Web, Web Authentication, Dynamic-VPN (DVPN), Firewall Authentication Pass-Through with Web-Redirect, and Zero Touch Provisioning (ZTP) allows an unauthenticated attacker to perform remote code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-15", - "notes": "" - }, - { - "cveID": "CVE-2019-6340", - "vendorProject": "Drupal", - "product": "Core", - "vulnerabilityName": "Drupal Core Remote Code Execution Vulnerability", - "dateAdded": "2022-03-25", - "shortDescription": "In Drupal Core, some field types do not properly sanitize data from non-form sources. This can lead to arbitrary PHP code execution in some cases.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-15", - "notes": "" - }, - { - "cveID": "CVE-2019-2616", - "vendorProject": "Oracle", - "product": "BI Publisher (Formerly XML Publisher)", - "vulnerabilityName": "Oracle BI Publisher Unauthorized Access Vulnerability", - "dateAdded": "2022-03-25", - "shortDescription": "Oracle BI Publisher, formerly XML Publisher, contains an unspecified vulnerability which allows for various unauthorized actions. Open-source reporting attributes this vulnerability to allowing for authentication bypass.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-15", - "notes": "" - }, - { - "cveID": "CVE-2019-16920", - "vendorProject": "D-Link", - "product": "Multiple Routers", - "vulnerabilityName": "D-Link Multiple Routers Command Injection Vulnerability", - "dateAdded": "2022-03-25", - "shortDescription": "Multiple D-Link routers contain a command injection vulnerability which can allow attackers to achieve full system compromise.", - "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", - "dueDate": "2022-04-15", - "notes": "" - }, - { - "cveID": "CVE-2019-15107", - "vendorProject": "Webmin", - "product": "Webmin", - "vulnerabilityName": "Webmin Command Injection Vulnerability", - "dateAdded": "2022-03-25", - "shortDescription": "An issue was discovered in Webmin. The parameter old in password_change.cgi contains a command injection vulnerability.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-15", - "notes": "" - }, - { - "cveID": "CVE-2019-12991", - "vendorProject": "Citrix", - "product": "SD-WAN and NetScaler", - "vulnerabilityName": "Citrix SD-WAN and NetScaler Command Injection Vulnerability", - "dateAdded": "2022-03-25", - "shortDescription": "Authenticated Command Injection in Citrix SD-WAN Appliance and NetScaler SD-WAN Appliance.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-15", - "notes": "" - }, - { - "cveID": "CVE-2019-12989", - "vendorProject": "Citrix", - "product": "SD-WAN and NetScaler", - "vulnerabilityName": "Citrix SD-WAN and NetScaler SQL Injection Vulnerability", - "dateAdded": "2022-03-25", - "shortDescription": "Citrix SD-WAN and NetScaler SD-WAN allow SQL Injection.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-15", - "notes": "" - }, - { - "cveID": "CVE-2019-11043", - "vendorProject": "PHP", - "product": "FastCGI Process Manager (FPM)", - "vulnerabilityName": "PHP FastCGI Process Manager (FPM) Buffer Overflow Vulnerability", - "dateAdded": "2022-03-25", - "shortDescription": "In some versions of PHP in certain configurations of FPM setup, it is possible to cause FPM module to write past allocated buffers allowing the possibility of remote code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-15", - "notes": "" - }, - { - "cveID": "CVE-2019-10068", - "vendorProject": "Kentico", - "product": "Xperience", - "vulnerabilityName": "Kentico Xperience Deserialization of Untrusted Data Vulnerability", - "dateAdded": "2022-03-25", - "shortDescription": "Kentico contains a failure to validate security headers. This deserialization can led to unauthenticated remote code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-15", - "notes": "" - }, - { - "cveID": "CVE-2019-1003030", - "vendorProject": "Jenkins", - "product": "Matrix Project Plugin", - "vulnerabilityName": "Jenkins Matrix Project Plugin Remote Code Execution Vulnerability", - "dateAdded": "2022-03-25", - "shortDescription": "Jenkins Matrix Project plugin contains a vulnerability which can allow users to escape the sandbox, opening opportunity to perform remote code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-15", - "notes": "" - }, - { - "cveID": "CVE-2019-0903", - "vendorProject": "Microsoft", - "product": "Graphics Device Interface (GDI)", - "vulnerabilityName": "Microsoft GDI Remote Code Execution Vulnerability", - "dateAdded": "2022-03-25", - "shortDescription": "A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-15", - "notes": "" - }, - { - "cveID": "CVE-2018-8414", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows Shell Remote Code Execution Vulnerability", - "dateAdded": "2022-03-25", - "shortDescription": "A remote code execution vulnerability exists when the Windows Shell does not properly validate file paths.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-15", - "notes": "" - }, - { - "cveID": "CVE-2018-8373", - "vendorProject": "Microsoft", - "product": "Internet Explorer Scripting Engine", - "vulnerabilityName": "Microsoft Scripting Engine Memory Corruption Vulnerability", - "dateAdded": "2022-03-25", - "shortDescription": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-15", - "notes": "" - }, - { - "cveID": "CVE-2018-6961", - "vendorProject": "VMware", - "product": "SD-WAN Edge", - "vulnerabilityName": "VMware SD-WAN Edge by VeloCloud Command Injection Vulnerability", - "dateAdded": "2022-03-25", - "shortDescription": "VMware SD-WAN Edge by VeloCloud contains a command injection vulnerability in the local web UI component. Successful exploitation of this issue could result in remote code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-15", - "notes": "" - }, - { - "cveID": "CVE-2018-14839", - "vendorProject": "LG", - "product": "N1A1 NAS", - "vulnerabilityName": "LG N1A1 NAS Remote Command Execution Vulnerability", - "dateAdded": "2022-03-25", - "shortDescription": "LG N1A1 NAS 3718.510 is affected by a remote code execution vulnerability.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-15", - "notes": "" - }, - { - "cveID": "CVE-2018-1273", - "vendorProject": "VMware Tanzu", - "product": "Spring Data Commons", - "vulnerabilityName": "VMware Tanzu Spring Data Commons Property Binder Vulnerability", - "dateAdded": "2022-03-25", - "shortDescription": "Spring Data Commons contains a property binder vulnerability which can allow an attacker to perform remote code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-15", - "notes": "" - }, - { - "cveID": "CVE-2018-11138", - "vendorProject": "Quest", - "product": "KACE System Management Appliance", - "vulnerabilityName": "Quest KACE System Management Appliance Remote Command Execution Vulnerability", - "dateAdded": "2022-03-25", - "shortDescription": "The \u0027/common/download_agent_installer.php\u0027 script in the Quest KACE System Management Appliance is accessible by anonymous users and can be abused to perform remote code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-15", - "notes": "" - }, - { - "cveID": "CVE-2018-0147", - "vendorProject": "Cisco", - "product": "Secure Access Control System (ACS)", - "vulnerabilityName": "Cisco Secure Access Control System Java Deserialization Vulnerability", - "dateAdded": "2022-03-25", - "shortDescription": "A vulnerability in Java deserialization used by Cisco Secure Access Control System (ACS) could allow an unauthenticated, remote attacker to execute arbitrary commands on an affected device. The vulnerability is due to insecure deserialization of user-supplied content by the affected software.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-15", - "notes": "" - }, - { - "cveID": "CVE-2018-0125", - "vendorProject": "Cisco", - "product": "VPN Routers", - "vulnerabilityName": "Cisco VPN Routers Remote Code Execution Vulnerability", - "dateAdded": "2022-03-25", - "shortDescription": "A vulnerability in the web interface of the Cisco VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary code as root and gain full control of an affected system.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-15", - "notes": "" - }, - { - "cveID": "CVE-2017-6334", - "vendorProject": "NETGEAR", - "product": "DGN2200 Devices", - "vulnerabilityName": "NETGEAR DGN2200 Devices OS Command Injection Vulnerability", - "dateAdded": "2022-03-25", - "shortDescription": "dnslookup.cgi on NETGEAR DGN2200 devices with firmware through 10.0.0.50 allows remote authenticated users to execute arbitrary OS commands", - "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", - "dueDate": "2022-04-15", - "notes": "" - }, - { - "cveID": "CVE-2017-6316", - "vendorProject": "Citrix", - "product": "NetScaler SD-WAN Enterprise, CloudBridge Virtual WAN, and XenMobile Server", - "vulnerabilityName": "Citrix Multiple Products Remote Code Execution Vulnerability", - "dateAdded": "2022-03-25", - "shortDescription": "A vulnerability has been identified in the management interface of Citrix NetScaler SD-WAN Enterprise and Standard Edition and Citrix CloudBridge Virtual WAN Edition that could result in an unauthenticated, remote attacker being able to execute arbitrary code as a root user. This vulnerability also affects XenMobile Server.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-15", - "notes": "" - }, - { - "cveID": "CVE-2017-3881", - "vendorProject": "Cisco", - "product": "IOS and IOS XE", - "vulnerabilityName": "Cisco IOS and IOS XE Remote Code Execution Vulnerability", - "dateAdded": "2022-03-25", - "shortDescription": "A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device or remotely execute code with elevated privileges.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-15", - "notes": "" - }, - { - "cveID": "CVE-2017-12617", - "vendorProject": "Apache", - "product": "Tomcat", - "vulnerabilityName": "Apache Tomcat Remote Code Execution Vulnerability", - "dateAdded": "2022-03-25", - "shortDescription": "When running Apache Tomcat, it is possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-15", - "notes": "" - }, - { - "cveID": "CVE-2017-12615", - "vendorProject": "Apache", - "product": "Tomcat", - "vulnerabilityName": "Apache Tomcat on Windows Remote Code Execution Vulnerability", - "dateAdded": "2022-03-25", - "shortDescription": "When running Apache Tomcat on Windows with HTTP PUTs enabled, it is possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-15", - "notes": "" - }, - { - "cveID": "CVE-2017-0146", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows SMB Remote Code Execution Vulnerability", - "dateAdded": "2022-03-25", - "shortDescription": "The SMBv1 server in Microsoft Windows allows remote attackers to perform remote code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-15", - "notes": "" - }, - { - "cveID": "CVE-2016-7892", - "vendorProject": "Adobe", - "product": "Flash Player", - "vulnerabilityName": "Adobe Flash Player Use-After-Free Vulnerability", - "dateAdded": "2022-03-25", - "shortDescription": "Adobe Flash Player has an exploitable use-after-free vulnerability in the TextField class.", - "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", - "dueDate": "2022-04-15", - "notes": "" - }, - { - "cveID": "CVE-2016-4171", - "vendorProject": "Adobe", - "product": "Flash Player", - "vulnerabilityName": "Adobe Flash Player Remote Code Execution Vulnerability", - "dateAdded": "2022-03-25", - "shortDescription": "Unspecified vulnerability in Adobe Flash Player allows for remote code execution.", - "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", - "dueDate": "2022-04-15", - "notes": "" - }, - { - "cveID": "CVE-2016-1555", - "vendorProject": "NETGEAR", - "product": "Wireless Access Point (WAP) Devices", - "vulnerabilityName": "NETGEAR Multiple WAP Devices Command Injection Vulnerability", - "dateAdded": "2022-03-25", - "shortDescription": "Multiple NETGEAR Wireless Access Point devices allows unauthenticated web pages to pass form input directly to the command-line interface. Exploitation allows for arbitrary code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-15", - "notes": "" - }, - { - "cveID": "CVE-2016-11021", - "vendorProject": "D-Link", - "product": "DCS-930L Devices", - "vulnerabilityName": "D-Link DCS-930L Devices OS Command Injection Vulnerability", - "dateAdded": "2022-03-25", - "shortDescription": "setSystemCommand on D-Link DCS-930L devices allows a remote attacker to execute code via an OS command.", - "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", - "dueDate": "2022-04-15", - "notes": "" - }, - { - "cveID": "CVE-2016-10174", - "vendorProject": "NETGEAR", - "product": "WNR2000v5 Router", - "vulnerabilityName": "NETGEAR WNR2000v5 Router Buffer Overflow Vulnerability", - "dateAdded": "2022-03-25", - "shortDescription": "The NETGEAR WNR2000v5 router contains a buffer overflow which can be exploited to achieve remote code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-15", - "notes": "" - }, - { - "cveID": "CVE-2016-0752", - "vendorProject": "Rails", - "product": "Ruby on Rails", - "vulnerabilityName": "Ruby on Rails Directory Traversal Vulnerability", - "dateAdded": "2022-03-25", - "shortDescription": "Directory traversal vulnerability in Action View in Ruby on Rails allows remote attackers to read arbitrary files.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-15", - "notes": "" - }, - { - "cveID": "CVE-2015-4068", - "vendorProject": "Arcserve", - "product": "Unified Data Protection (UDP)", - "vulnerabilityName": "Arcserve Unified Data Protection (UDP) Directory Traversal Vulnerability", - "dateAdded": "2022-03-25", - "shortDescription": "Directory traversal vulnerability in Arcserve UDP allows remote attackers to obtain sensitive information or cause a denial of service.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-15", - "notes": "" - }, - { - "cveID": "CVE-2015-3035", - "vendorProject": "TP-Link", - "product": "Multiple Archer Devices", - "vulnerabilityName": "TP-Link Multiple Archer Devices Directory Traversal Vulnerability", - "dateAdded": "2022-03-25", - "shortDescription": "Directory traversal vulnerability in multiple TP-Link Archer devices allows remote attackers to read arbitrary files via a .. (dot dot) in the PATH_INFO to login/.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-15", - "notes": "" - }, - { - "cveID": "CVE-2015-1427", - "vendorProject": "Elastic", - "product": "Elasticsearch", - "vulnerabilityName": "Elasticsearch Groovy Scripting Engine Remote Code Execution Vulnerability", - "dateAdded": "2022-03-25", - "shortDescription": "The Groovy scripting engine in Elasticsearch allows remote attackers to bypass the sandbox protection mechanism and execute arbitrary shell commands.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-15", - "notes": "" - }, - { - "cveID": "CVE-2015-1187", - "vendorProject": "D-Link and TRENDnet", - "product": "Multiple Devices", - "vulnerabilityName": "D-Link and TRENDnet Multiple Devices Remote Code Execution Vulnerability", - "dateAdded": "2022-03-25", - "shortDescription": "The ping tool in multiple D-Link and TRENDnet devices allow remote attackers to perform remote code execution.", - "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", - "dueDate": "2022-04-15", - "notes": "" - }, - { - "cveID": "CVE-2015-0666", - "vendorProject": "Cisco", - "product": "Prime Data Center Network Manager (DCNM)", - "vulnerabilityName": "Cisco Prime Data Center Network Manager (DCNM) Directory Traversal Vulnerability", - "dateAdded": "2022-03-25", - "shortDescription": "Directory traversal vulnerability in the fmserver servlet in Cisco Prime Data Center Network Manager (DCNM) allows remote attackers to read arbitrary files.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-15", - "notes": "" - }, - { - "cveID": "CVE-2014-6332", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows Object Linking \u0026 Embedding (OLE) Automation Array Remote Code Execution Vulnerability", - "dateAdded": "2022-03-25", - "shortDescription": "OleAut32.dll in OLE in Microsoft Windows allows remote attackers to remotely execute code via a crafted web site.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-15", - "notes": "" - }, - { - "cveID": "CVE-2014-6324", - "vendorProject": "Microsoft", - "product": "Kerberos Key Distribution Center (KDC)", - "vulnerabilityName": "Microsoft Kerberos Key Distribution Center (KDC) Privilege Escalation Vulnerability", - "dateAdded": "2022-03-25", - "shortDescription": "The Kerberos Key Distribution Center (KDC) in Microsoft allows remote authenticated domain users to obtain domain administrator privileges.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-15", - "notes": "" - }, - { - "cveID": "CVE-2014-6287", - "vendorProject": "Rejetto", - "product": "HTTP File Server (HFS)", - "vulnerabilityName": "Rejetto HTTP File Server (HFS) Remote Code Execution Vulnerability", - "dateAdded": "2022-03-25", - "shortDescription": "The findMacroMarker function in parserLib.pas in Rejetto HTTP File Server (HFS or HttpFileServer) allows remote attackers to execute arbitrary programs.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-15", - "notes": "" - }, - { - "cveID": "CVE-2014-3120", - "vendorProject": "Elastic", - "product": "Elasticsearch", - "vulnerabilityName": "Elasticsearch Remote Code Execution Vulnerability", - "dateAdded": "2022-03-25", - "shortDescription": "Elasticsearch enables dynamic scripting, which allows remote attackers to execute arbitrary MVEL expressions and Java code.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-15", - "notes": "" - }, - { - "cveID": "CVE-2014-0130", - "vendorProject": "Rails", - "product": "Ruby on Rails", - "vulnerabilityName": "Ruby on Rails Directory Traversal Vulnerability", - "dateAdded": "2022-03-25", - "shortDescription": "Directory traversal vulnerability in actionpack/lib/abstract_controller/base.rb in the implicit-render implementation in Ruby on Rails allows remote attackers to read arbitrary files via a crafted request.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-15", - "notes": "" - }, - { - "cveID": "CVE-2013-5223", - "vendorProject": "D-Link", - "product": "DSL-2760U", - "vulnerabilityName": "D-Link DSL-2760U Gateway Cross-Site Scripting Vulnerability", - "dateAdded": "2022-03-25", - "shortDescription": "A cross-site scripting (XSS) vulnerability exists in the D-Link DSL-2760U gateway, allowing remote authenticated users to inject arbitrary web script or HTML.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-15", - "notes": "" - }, - { - "cveID": "CVE-2013-4810", - "vendorProject": "Hewlett Packard (HP)", - "product": "ProCurve Manager (PCM), PCM+, Identity Driven Manager (IDM), and Application Lifecycle Management", - "vulnerabilityName": "HP Multiple Products Remote Code Execution Vulnerability", - "dateAdded": "2022-03-25", - "shortDescription": "HP ProCurve Manager (PCM), PCM+, Identity Driven Manager (IDM), and Application Lifecycle Management allow remote attackers to execute arbitrary code via a marshalled object to (1) EJBInvokerServlet or (2) JMXInvokerServlet.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-15", - "notes": "" - }, - { - "cveID": "CVE-2013-2251", - "vendorProject": "Apache", - "product": "Struts", - "vulnerabilityName": "Apache Struts Improper Input Validation Vulnerability", - "dateAdded": "2022-03-25", - "shortDescription": "Apache Struts allows remote attackers to execute arbitrary Object-Graph Navigation Language (OGNL) expressions.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-15", - "notes": "" - }, - { - "cveID": "CVE-2012-1823", - "vendorProject": "PHP", - "product": "PHP", - "vulnerabilityName": "PHP-CGI Query String Parameter Vulnerability", - "dateAdded": "2022-03-25", - "shortDescription": "sapi/cgi/cgi_main.c in PHP, when configured as a CGI script, does not properly handle query strings, which allows remote attackers to execute arbitrary code.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-15", - "notes": "" - }, - { - "cveID": "CVE-2010-4345", - "vendorProject": "Exim", - "product": "Exim", - "vulnerabilityName": "Exim Privilege Escalation Vulnerability", - "dateAdded": "2022-03-25", - "shortDescription": "Exim allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-15", - "notes": "" - }, - { - "cveID": "CVE-2010-4344", - "vendorProject": "Exim", - "product": "Exim", - "vulnerabilityName": "Exim Heap-Based Buffer Overflow Vulnerability", - "dateAdded": "2022-03-25", - "shortDescription": "Heap-based buffer overflow in the string_vformat function in string.c in Exim before 4.70 allows remote attackers to execute arbitrary code via an SMTP session.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-15", - "notes": "" - }, - { - "cveID": "CVE-2010-3035", - "vendorProject": "Cisco", - "product": "IOS XR", - "vulnerabilityName": "Cisco IOS XR Border Gateway Protocol (BGP) Denial-of-Service Vulnerability", - "dateAdded": "2022-03-25", - "shortDescription": "Cisco IOS XR, when BGP is the configured routing feature, allows remote attackers to cause a denial-of-service.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-15", - "notes": "" - }, - { - "cveID": "CVE-2010-2861", - "vendorProject": "Adobe", - "product": "ColdFusion", - "vulnerabilityName": "Adobe ColdFusion Directory Traversal Vulnerability", - "dateAdded": "2022-03-25", - "shortDescription": "A directory traversal vulnerability exists in the administrator console in Adobe ColdFusion which allows remote attackers to read arbitrary files.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-15", - "notes": "" - }, - { - "cveID": "CVE-2009-2055", - "vendorProject": "Cisco", - "product": "IOS XR", - "vulnerabilityName": "Cisco IOS XR Border Gateway Protocol (BGP) Denial-of-Service Vulnerability", - "dateAdded": "2022-03-25", - "shortDescription": "Cisco IOS XR,when BGP is the configured routing feature, allows remote attackers to cause a denial-of-service.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-15", - "notes": "" - }, - { - "cveID": "CVE-2009-1151", - "vendorProject": "phpMyAdmin", - "product": "phpMyAdmin", - "vulnerabilityName": "phpMyAdmin Remote Code Execution Vulnerability", - "dateAdded": "2022-03-25", - "shortDescription": "Setup script used to generate configuration can be fooled using a crafted POST request to include arbitrary PHP code in generated configuration file.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-15", - "notes": "" - }, - { - "cveID": "CVE-2009-0927", - "vendorProject": "Adobe", - "product": "Reader and Acrobat", - "vulnerabilityName": "Adobe Reader and Adobe Acrobat Stack-Based Buffer Overflow Vulnerability", - "dateAdded": "2022-03-25", - "shortDescription": "Stack-based buffer overflow in Adobe Reader and Adobe Acrobat allows remote attackers to execute arbitrary code.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-15", - "notes": "" - }, - { - "cveID": "CVE-2005-2773", - "vendorProject": "Hewlett Packard (HP)", - "product": "OpenView Network Node Manager", - "vulnerabilityName": "HP OpenView Network Node Manager Remote Code Execution Vulnerability", - "dateAdded": "2022-03-25", - "shortDescription": "HP OpenView Network Node Manager could allow a remote attacker to execute arbitrary commands on the system.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-15", - "notes": "" - }, - { - "cveID": "CVE-2022-1096", - "vendorProject": "Google", - "product": "Chromium V8", - "vulnerabilityName": "Google Chromium V8 Type Confusion Vulnerability", - "dateAdded": "2022-03-28", - "shortDescription": "The vulnerability exists due to a type confusion error within the V8 component in Chromium, affecting all Chromium-based browsers.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-18", - "notes": "" - }, - { - "cveID": "CVE-2022-0543", - "vendorProject": "Redis", - "product": "Debian-specific Redis Servers", - "vulnerabilityName": "Debian-specific Redis Server Lua Sandbox Escape Vulnerability", - "dateAdded": "2022-03-28", - "shortDescription": "Redis is prone to a (Debian-specific) Lua sandbox escape, which could result in remote code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-18", - "notes": "" - }, - { - "cveID": "CVE-2021-38646", - "vendorProject": "Microsoft", - "product": "Office", - "vulnerabilityName": "Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability", - "dateAdded": "2022-03-28", - "shortDescription": "Microsoft Office Access Connectivity Engine contains an unspecified vulnerability which can allow for remote code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-18", - "notes": "" - }, - { - "cveID": "CVE-2021-34486", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows Event Tracing Privilege Escalation Vulnerability", - "dateAdded": "2022-03-28", - "shortDescription": "Microsoft Windows Event Tracing contains an unspecified vulnerability which can allow for privilege escalation.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-18", - "notes": "" - }, - { - "cveID": "CVE-2021-26085", - "vendorProject": "Atlassian", - "product": "Confluence Server", - "vulnerabilityName": "Atlassian Confluence Server Pre-Authorization Arbitrary File Read Vulnerability", - "dateAdded": "2022-03-28", - "shortDescription": "Affected versions of Atlassian Confluence Server allow remote attackers to view restricted resources via a pre-authorization arbitrary file read vulnerability in the /s/ endpoint.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-18", - "notes": "" - }, - { - "cveID": "CVE-2021-20028", - "vendorProject": "SonicWall", - "product": "Secure Remote Access (SRA)", - "vulnerabilityName": "SonicWall Secure Remote Access (SRA) SQL Injection Vulnerability", - "dateAdded": "2022-03-28", - "shortDescription": "SonicWall Secure Remote Access (SRA) products contain an improper neutralization of a SQL Command leading to SQL injection.", - "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", - "dueDate": "2022-04-18", - "notes": "" - }, - { - "cveID": "CVE-2019-7483", - "vendorProject": "SonicWall", - "product": "SMA100", - "vulnerabilityName": "SonicWall SMA100 Directory Traversal Vulnerability", - "dateAdded": "2022-03-28", - "shortDescription": "In SonicWall SMA100, an unauthenticated Directory Traversal vulnerability in the handleWAFRedirect CGI allows the user to test for the presence of a file on the server.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-18", - "notes": "" - }, - { - "cveID": "CVE-2018-8440", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows Privilege Escalation Vulnerability", - "dateAdded": "2022-03-28", - "shortDescription": "An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC).", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-18", - "notes": "" - }, - { - "cveID": "CVE-2018-8406", - "vendorProject": "Microsoft", - "product": "DirectX Graphics Kernel (DXGKRNL)", - "vulnerabilityName": "Microsoft DirectX Graphics Kernel Privilege Escalation Vulnerability", - "dateAdded": "2022-03-28", - "shortDescription": "An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-18", - "notes": "" - }, - { - "cveID": "CVE-2018-8405", - "vendorProject": "Microsoft", - "product": "DirectX Graphics Kernel (DXGKRNL)", - "vulnerabilityName": "Microsoft DirectX Graphics Kernel Privilege Escalation Vulnerability", - "dateAdded": "2022-03-28", - "shortDescription": "An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-18", - "notes": "" - }, - { - "cveID": "CVE-2017-0213", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows Privilege Escalation Vulnerability", - "dateAdded": "2022-03-28", - "shortDescription": "Microsoft Windows COM Aggregate Marshaler allows for privilege escalation when an attacker runs a specially crafted application.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-18", - "notes": "" - }, - { - "cveID": "CVE-2017-0059", - "vendorProject": "Microsoft", - "product": "Internet Explorer", - "vulnerabilityName": "Microsoft Internet Explorer Information Disclosure Vulnerability", - "dateAdded": "2022-03-28", - "shortDescription": "Microsoft Internet Explorer allow remote attackers to obtain sensitive information from process memory via a crafted web site.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-18", - "notes": "" - }, - { - "cveID": "CVE-2017-0037", - "vendorProject": "Microsoft", - "product": "Edge and Internet Explorer", - "vulnerabilityName": "Microsoft Edge and Internet Explorer Type Confusion Vulnerability", - "dateAdded": "2022-03-28", - "shortDescription": "Microsoft Edge and Internet Explorer have a type confusion vulnerability in mshtml.dll, which allows remote code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-18", - "notes": "" - }, - { - "cveID": "CVE-2016-7201", - "vendorProject": "Microsoft", - "product": "Edge", - "vulnerabilityName": "Microsoft Edge Memory Corruption Vulnerability", - "dateAdded": "2022-03-28", - "shortDescription": "The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute remote code or cause a denial of service (memory corruption) via a crafted web site.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-18", - "notes": "" - }, - { - "cveID": "CVE-2016-7200", - "vendorProject": "Microsoft", - "product": "Edge", - "vulnerabilityName": "Microsoft Edge Memory Corruption Vulnerability", - "dateAdded": "2022-03-28", - "shortDescription": "The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute remote code or cause a denial of service (memory corruption) via a crafted web site.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-18", - "notes": "" - }, - { - "cveID": "CVE-2016-0189", - "vendorProject": "Microsoft", - "product": "Internet Explorer", - "vulnerabilityName": "Microsoft Internet Explorer Memory Corruption Vulnerability", - "dateAdded": "2022-03-28", - "shortDescription": "The Microsoft JScript nd VBScript engines, as used in Internet Explorer and other products, allow attackers to execute remote code or cause a denial of service (memory corruption) via a crafted web site.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-18", - "notes": "" - }, - { - "cveID": "CVE-2016-0151", - "vendorProject": "Microsoft", - "product": "Client-Server Run-time Subsystem (CSRSS)", - "vulnerabilityName": "Microsoft Windows CSRSS Security Feature Bypass Vulnerability", - "dateAdded": "2022-03-28", - "shortDescription": "The Client-Server Run-time Subsystem (CSRSS) in Microsoft mismanages process tokens, which allows local users to gain privileges via a crafted application.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-18", - "notes": "" - }, - { - "cveID": "CVE-2016-0040", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows Kernel Privilege Escalation Vulnerability", - "dateAdded": "2022-03-28", - "shortDescription": "The kernel in Microsoft Windows allows local users to gain privileges via a crafted application.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-18", - "notes": "" - }, - { - "cveID": "CVE-2015-2426", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows Adobe Type Manager Library Remote Code Execution Vulnerability", - "dateAdded": "2022-03-28", - "shortDescription": "A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles specially crafted OpenType fonts.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-18", - "notes": "" - }, - { - "cveID": "CVE-2015-2419", - "vendorProject": "Microsoft", - "product": "Internet Explorer", - "vulnerabilityName": "Microsoft Internet Explorer Memory Corruption Vulnerability", - "dateAdded": "2022-03-28", - "shortDescription": "JScript in Microsoft Internet Explorer allows remote attackers to execute remote code or cause a denial of service (memory corruption) via a crafted web site.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-18", - "notes": "" - }, - { - "cveID": "CVE-2015-1770", - "vendorProject": "Microsoft", - "product": "Office", - "vulnerabilityName": "Microsoft Office Uninitialized Memory Use Vulnerability", - "dateAdded": "2022-03-28", - "shortDescription": "Microsoft Office allows remote attackers to execute arbitrary code via a crafted Office document.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-18", - "notes": "" - }, - { - "cveID": "CVE-2013-3660", - "vendorProject": "Microsoft", - "product": "Win32k", - "vulnerabilityName": "Microsoft Win32k Privilege Escalation Vulnerability", - "dateAdded": "2022-03-28", - "shortDescription": "The EPATHOBJ::pprFlattenRec function in win32k.sys in the kernel-mode drivers in Microsoft does not properly initialize a pointer for the next object in a certain list, which allows local users to gain privileges.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-18", - "notes": "" - }, - { - "cveID": "CVE-2013-2729", - "vendorProject": "Adobe", - "product": "Reader and Acrobat", - "vulnerabilityName": "Adobe Reader and Acrobat Arbitrary Integer Overflow Vulnerability", - "dateAdded": "2022-03-28", - "shortDescription": "Integer overflow vulnerability in Adobe Reader and Acrobat allows attackers to execute remote code.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-18", - "notes": "" - }, - { - "cveID": "CVE-2013-2551", - "vendorProject": "Microsoft", - "product": "Internet Explorer", - "vulnerabilityName": "Microsoft Internet Explorer Use-After-Free Vulnerability", - "dateAdded": "2022-03-28", - "shortDescription": "Use-after-free vulnerability in Microsoft Internet Explorer allows remote attackers to execute remote code via a crafted web site that triggers access to a deleted object.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-18", - "notes": "" - }, - { - "cveID": "CVE-2013-2465", - "vendorProject": "Oracle", - "product": "Java SE", - "vulnerabilityName": "Oracle Java SE Unspecified Vulnerability", - "dateAdded": "2022-03-28", - "shortDescription": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-18", - "notes": "" - }, - { - "cveID": "CVE-2013-1690", - "vendorProject": "Mozilla", - "product": "Firefox and Thunderbird", - "vulnerabilityName": "Mozilla Firefox and Thunderbird Denial-of-Service Vulnerability", - "dateAdded": "2022-03-28", - "shortDescription": "Mozilla Firefox and Thunderbird do not properly handle onreadystatechange events in conjunction with page reloading, which allows remote attackers to cause a denial-of-service or possibly execute arbitrary code via a crafted web site.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-18", - "notes": "" - }, - { - "cveID": "CVE-2012-5076", - "vendorProject": "Oracle", - "product": "Java SE", - "vulnerabilityName": "Oracle Java SE Sandbox Bypass Vulnerability", - "dateAdded": "2022-03-28", - "shortDescription": "The default Java security properties configuration did not restrict access to the com.sun.org.glassfish.external and com.sun.org.glassfish.gmbal packages. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-18", - "notes": "" - }, - { - "cveID": "CVE-2012-2539", - "vendorProject": "Microsoft", - "product": "Word", - "vulnerabilityName": "Microsoft Word Remote Code Execution Vulnerability", - "dateAdded": "2022-03-28", - "shortDescription": "Microsoft Word allows attackers to execute remote code or cause a denial-of-service via crafted RTF data.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-18", - "notes": "" - }, - { - "cveID": "CVE-2012-2034", - "vendorProject": "Adobe", - "product": "Flash Player", - "vulnerabilityName": "Adobe Flash Player Memory Corruption Vulnerability", - "dateAdded": "2022-03-28", - "shortDescription": "Adobe Flash Player contains a memory corruption vulnerability which allows for remote code execution or denial-of-service.", - "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", - "dueDate": "2022-04-18", - "notes": "" - }, - { - "cveID": "CVE-2012-0518", - "vendorProject": "Oracle", - "product": "Fusion Middleware", - "vulnerabilityName": "Oracle Fusion Middleware Unspecified Vulnerability", - "dateAdded": "2022-03-28", - "shortDescription": "Unspecified vulnerability in the Oracle Application Server Single Sign-On component in Oracle Fusion Middleware allows remote attackers to affect integrity via unknown vectors", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-18", - "notes": "" - }, - { - "cveID": "CVE-2011-2005", - "vendorProject": "Microsoft", - "product": "Ancillary Function Driver (afd.sys)", - "vulnerabilityName": "Microsoft Ancillary Function Driver (afd.sys) Improper Input Validation Vulnerability", - "dateAdded": "2022-03-28", - "shortDescription": "afd.sys in the Ancillary Function Driver in Microsoft Windows does not properly validate user-mode input passed to kernel mode, which allows local users to gain privileges via a crafted application.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-18", - "notes": "" - }, - { - "cveID": "CVE-2010-4398", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows Kernel Stack-Based Buffer Overflow Vulnerability", - "dateAdded": "2022-03-28", - "shortDescription": "Stack-based buffer overflow in the RtlQueryRegistryValues function in win32k.sys in Microsoft Windows allows local users to gain privileges, and bypass the User Account Control (UAC) feature.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-21", - "notes": "" - }, - { - "cveID": "CVE-2022-26871", - "vendorProject": "Trend Micro", - "product": "Apex Central", - "vulnerabilityName": "Trend Micro Apex Central Arbitrary File Upload Vulnerability", - "dateAdded": "2022-03-31", - "shortDescription": "An arbitrary file upload vulnerability in Trend Micro Apex Central could allow for remote code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-21", - "notes": "" - }, - { - "cveID": "CVE-2022-1040", - "vendorProject": "Sophos", - "product": "Firewall", - "vulnerabilityName": "Sophos Firewall Authentication Bypass Vulnerability", - "dateAdded": "2022-03-31", - "shortDescription": "An authentication bypass vulnerability in User Portal and Webadmin of Sophos Firewall allows for remote code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-21", - "notes": "" - }, - { - "cveID": "CVE-2021-34484", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows User Profile Service Privilege Escalation Vulnerability", - "dateAdded": "2022-03-31", - "shortDescription": "Microsoft Windows User Profile Service contains an unspecified vulnerability which allows for privilege escalation.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-21", - "notes": "" - }, - { - "cveID": "CVE-2021-28799", - "vendorProject": "QNAP", - "product": "Network Attached Storage (NAS)", - "vulnerabilityName": "QNAP NAS Improper Authorization Vulnerability", - "dateAdded": "2022-03-31", - "shortDescription": "QNAP NAS running HBS 3 contains an improper authorization vulnerability which can allow remote attackers to log in to a device.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-21", - "notes": "" - }, - { - "cveID": "CVE-2021-21551", - "vendorProject": "Dell", - "product": "dbutil Driver", - "vulnerabilityName": "Dell dbutil Driver Insufficient Access Control Vulnerability", - "dateAdded": "2022-03-31", - "shortDescription": "Dell dbutil driver contains an insufficient access control vulnerability which may lead to escalation of privileges, denial-of-service, or information disclosure.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-21", - "notes": "" - }, - { - "cveID": "CVE-2018-10562", - "vendorProject": "Dasan", - "product": "Gigabit Passive Optical Network (GPON) Routers", - "vulnerabilityName": "Dasan GPON Routers Command Injection Vulnerability", - "dateAdded": "2022-03-31", - "shortDescription": "Dasan GPON Routers contain an authentication bypass vulnerability. When combined with CVE-2018-10561, exploitation can allow an attacker to perform remote code execution.", - "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", - "dueDate": "2022-04-21", - "notes": "" - }, - { - "cveID": "CVE-2018-10561", - "vendorProject": "Dasan", - "product": "Gigabit Passive Optical Network (GPON) Routers", - "vulnerabilityName": "Dasan GPON Routers Authentication Bypass Vulnerability", - "dateAdded": "2022-03-31", - "shortDescription": "Dasan GPON Routers contain an authentication bypass vulnerability. When combined with CVE-2018-10562, exploitation can allow an attacker to perform remote code execution.", - "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", - "dueDate": "2022-04-21", - "notes": "" - }, - { - "cveID": "CVE-2022-22965", - "vendorProject": "VMware", - "product": "Spring Framework", - "vulnerabilityName": "Spring Framework JDK 9+ Remote Code Execution Vulnerability", - "dateAdded": "2022-04-04", - "shortDescription": "Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-25", - "notes": "" - }, - { - "cveID": "CVE-2022-22675", - "vendorProject": "Apple", - "product": "macOS", - "vulnerabilityName": "Apple macOS Out-of-Bounds Write Vulnerability", - "dateAdded": "2022-04-04", - "shortDescription": "macOS Monterey contains an out-of-bounds write vulnerability that could allow an application to execute arbitrary code with kernel privileges.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-25", - "notes": "" - }, - { - "cveID": "CVE-2022-22674", - "vendorProject": "Apple", - "product": "macOS", - "vulnerabilityName": "Apple macOS Out-of-Bounds Read Vulnerability", - "dateAdded": "2022-04-04", - "shortDescription": "macOS Monterey contains an out-of-bounds read vulnerability that could allow an application to read kernel memory.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-25", - "notes": "" - }, - { - "cveID": "CVE-2021-45382", - "vendorProject": "D-Link", - "product": "Multiple Routers", - "vulnerabilityName": "D-Link Multiple Routers Remote Code Execution Vulnerability", - "dateAdded": "2022-04-04", - "shortDescription": "A remote code execution vulnerability exists in all series H/W revisions routers via the DDNS function in ncc2 binary file.", - "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", - "dueDate": "2022-04-25", - "notes": "" - }, - { - "cveID": "CVE-2021-3156", - "vendorProject": "Sudo", - "product": "Sudo", - "vulnerabilityName": "Sudo Heap-Based Buffer Overflow Vulnerability", - "dateAdded": "2022-04-06", - "shortDescription": "Sudo contains an off-by-one error that can result in a heap-based buffer overflow, which allows for privilege escalation.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-27", - "notes": "" - }, - { - "cveID": "CVE-2021-31166", - "vendorProject": "Microsoft", - "product": "HTTP Protocol Stack", - "vulnerabilityName": "Microsoft HTTP Protocol Stack Remote Code Execution Vulnerability", - "dateAdded": "2022-04-06", - "shortDescription": "Microsoft HTTP Protocol Stack contains a vulnerability in http.sys that allows for remote code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-27", - "notes": "" - }, - { - "cveID": "CVE-2017-0148", - "vendorProject": "Microsoft", - "product": "SMBv1 server", - "vulnerabilityName": "Microsoft SMBv1 Server Remote Code Execution Vulnerability", - "dateAdded": "2022-04-06", - "shortDescription": "The SMBv1 server in Microsoft allows remote attackers to execute arbitrary code via crafted packets.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-04-27", - "notes": "" - }, - { - "cveID": "CVE-2022-23176", - "vendorProject": "WatchGuard", - "product": "Firebox and XTM", - "vulnerabilityName": "WatchGuard Firebox and XTM Privilege Escalation Vulnerability", - "dateAdded": "2022-04-11", - "shortDescription": "WatchGuard Firebox and XTM appliances allow a remote attacker with unprivileged credentials to access the system with a privileged management session via exposed management access.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-02", - "notes": "" - }, - { - "cveID": "CVE-2021-42287", - "vendorProject": "Microsoft", - "product": "Active Directory", - "vulnerabilityName": "Microsoft Active Directory Domain Services Privilege Escalation Vulnerability", - "dateAdded": "2022-04-11", - "shortDescription": "Microsoft Active Directory Domain Services contains an unspecified vulnerability which allows for privilege escalation.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-02", - "notes": "" - }, - { - "cveID": "CVE-2021-42278", - "vendorProject": "Microsoft", - "product": "Active Directory", - "vulnerabilityName": "Microsoft Active Directory Domain Services Privilege Escalation Vulnerability", - "dateAdded": "2022-04-11", - "shortDescription": "Microsoft Active Directory Domain Services contains an unspecified vulnerability which allows for privilege escalation.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-02", - "notes": "" - }, - { - "cveID": "CVE-2021-39793", - "vendorProject": "Google", - "product": "Pixel", - "vulnerabilityName": "Google Pixel Out-of-Bounds Write Vulnerability", - "dateAdded": "2022-04-11", - "shortDescription": "Google Pixel contains a possible out-of-bounds write due to a logic error in the code that could lead to local escalation of privilege.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-02", - "notes": "" - }, - { - "cveID": "CVE-2021-27852", - "vendorProject": "Checkbox", - "product": "Checkbox Survey", - "vulnerabilityName": "Checkbox Survey Deserialization of Untrusted Data Vulnerability", - "dateAdded": "2022-04-11", - "shortDescription": "Deserialization of Untrusted Data vulnerability in CheckboxWeb.dll of Checkbox Survey allows an unauthenticated remote attacker to execute arbitrary code.", - "requiredAction": "Versions 6 and earlier for this product are end-of-life and must be removed from agency networks. Versions 7 and later are not considered vulnerable.", - "dueDate": "2022-05-02", - "notes": "" - }, - { - "cveID": "CVE-2021-22600", - "vendorProject": "Linux", - "product": "Kernel", - "vulnerabilityName": "Linux Kernel Privilege Escalation Vulnerability", - "dateAdded": "2022-04-11", - "shortDescription": "Linux Kernel contains a flaw in the packet socket (AF_PACKET) implementation which could lead to incorrectly freeing memory. A local user could exploit this for denial-of-service or possibly for privilege escalation.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-02", - "notes": "" - }, - { - "cveID": "CVE-2020-2509", - "vendorProject": "QNAP", - "product": "QNAP Network-Attached Storage (NAS)", - "vulnerabilityName": "QNAP Network-Attached Storage (NAS) Command Injection Vulnerability", - "dateAdded": "2022-04-11", - "shortDescription": "QNAP NAS devices contain a command injection vulnerability which could allow attackers to perform remote code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-02", - "notes": "" - }, - { - "cveID": "CVE-2017-11317", - "vendorProject": "Telerik", - "product": "User Interface (UI) for ASP.NET AJAX", - "vulnerabilityName": "Telerik UI for ASP.NET AJAX Unrestricted File Upload Vulnerability", - "dateAdded": "2022-04-11", - "shortDescription": "Telerik.Web.UI in Progress Telerik UI for ASP.NET AJAX allows remote attackers to perform arbitrary file uploads or execute arbitrary code.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-02", - "notes": "" - }, - { - "cveID": "CVE-2022-24521", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows CLFS Driver Privilege Escalation Vulnerability", - "dateAdded": "2022-04-13", - "shortDescription": "Microsoft Windows Common Log File System (CLFS) Driver contains an unspecified vulnerability that allows for privilege escalation.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-04", - "notes": "" - }, - { - "cveID": "CVE-2018-7602", - "vendorProject": "Drupal", - "product": "Core", - "vulnerabilityName": "Drupal Core Remote Code Execution Vulnerability", - "dateAdded": "2022-04-13", - "shortDescription": "A remote code execution vulnerability exists within multiple subsystems of Drupal that can allow attackers to exploit multiple attack vectors on a Drupal site.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-04", - "notes": "" - }, - { - "cveID": "CVE-2018-20753", - "vendorProject": "Kaseya", - "product": "Virtual System/Server Administrator (VSA)", - "vulnerabilityName": "Kaseya VSA Remote Code Execution Vulnerability", - "dateAdded": "2022-04-13", - "shortDescription": "Kaseya VSA RMM allows unprivileged remote attackers to execute PowerShell payloads on all managed devices.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-04", - "notes": "" - }, - { - "cveID": "CVE-2015-5123", - "vendorProject": "Adobe", - "product": "Flash Player", - "vulnerabilityName": "Adobe Flash Player Use-After-Free Vulnerability", - "dateAdded": "2022-04-13", - "shortDescription": "Use-after-free vulnerability in the BitmapData class in the ActionScript 3 (AS3) implementation in Adobe Flash Player allows remote attackers to execute code or cause a denial-of-service.", - "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", - "dueDate": "2022-05-04", - "notes": "" - }, - { - "cveID": "CVE-2015-5122", - "vendorProject": "Adobe", - "product": "Flash Player", - "vulnerabilityName": "Adobe Flash Player Use-After-Free Vulnerability", - "dateAdded": "2022-04-13", - "shortDescription": "Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 (AS3) implementation in Adobe Flash Player allows remote attackers to execute code or cause a denial-of-service.", - "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", - "dueDate": "2022-05-04", - "notes": "" - }, - { - "cveID": "CVE-2015-3113", - "vendorProject": "Adobe", - "product": "Flash Player", - "vulnerabilityName": "Adobe Flash Player Heap-Based Buffer Overflow Vulnerability", - "dateAdded": "2022-04-13", - "shortDescription": "Heap-based buffer overflow vulnerability in Adobe Flash Player allows remote attackers to execute code.", - "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", - "dueDate": "2022-05-04", - "notes": "" - }, - { - "cveID": "CVE-2015-2502", - "vendorProject": "Microsoft", - "product": "Internet Explorer", - "vulnerabilityName": "Microsoft Internet Explorer Memory Corruption Vulnerability", - "dateAdded": "2022-04-13", - "shortDescription": "Microsoft Internet Explorer contains a memory corruption vulnerability which allows an attacker to execute code or cause a denial-of-service.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-04", - "notes": "" - }, - { - "cveID": "CVE-2015-0313", - "vendorProject": "Adobe", - "product": "Flash Player", - "vulnerabilityName": "Adobe Flash Player Use-After-Free Vulnerability", - "dateAdded": "2022-04-13", - "shortDescription": "Use-after-free vulnerability in Adobe Flash Player allows remote attackers to execute code.", - "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", - "dueDate": "2022-05-04", - "notes": "" - }, - { - "cveID": "CVE-2015-0311", - "vendorProject": "Adobe", - "product": "Flash Player", - "vulnerabilityName": "Adobe Flash Player Remote Code Execution Vulnerability", - "dateAdded": "2022-04-13", - "shortDescription": "Unspecified vulnerability in Adobe Flash Player allows remote attackers to execute code.", - "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", - "dueDate": "2022-05-04", - "notes": "" - }, - { - "cveID": "CVE-2014-9163", - "vendorProject": "Adobe", - "product": "Flash Player", - "vulnerabilityName": "Adobe Flash Player Stack-Based Buffer Overflow Vulnerability", - "dateAdded": "2022-04-13", - "shortDescription": "Stack-based buffer overflow in Adobe Flash Player allows attackers to execute code remotely.", - "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", - "dueDate": "2022-05-04", - "notes": "" - }, - { - "cveID": "CVE-2022-22954", - "vendorProject": "VMware", - "product": "Workspace ONE Access and Identity Manager", - "vulnerabilityName": "VMware Workspace ONE Access and Identity Manager Server-Side Template Injection Vulnerability", - "dateAdded": "2022-04-14", - "shortDescription": "VMware Workspace ONE Access and Identity Manager allow for remote code execution due to server-side template injection.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-05", - "notes": "" - }, - { - "cveID": "CVE-2022-22960", - "vendorProject": "VMware", - "product": "Multiple Products", - "vulnerabilityName": "VMware Multiple Products Privilege Escalation Vulnerability", - "dateAdded": "2022-04-15", - "shortDescription": "VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a privilege escalation vulnerability due to improper permissions in support scripts.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-06", - "notes": "" - }, - { - "cveID": "CVE-2022-1364", - "vendorProject": "Google", - "product": "Chromium V8 Engine", - "vulnerabilityName": "Google Chromium V8 Type Confusion Vulnerability", - "dateAdded": "2022-04-15", - "shortDescription": "Google Chromium V8 engine contains a type confusion vulnerability.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-06", - "notes": "" - }, - { - "cveID": "CVE-2019-3929", - "vendorProject": "Crestron", - "product": "Multiple Products", - "vulnerabilityName": "Crestron Multiple Products Command Injection Vulnerability", - "dateAdded": "2022-04-15", - "shortDescription": "Multiple Crestron products are vulnerable to command injection via the file_transfer.cgi HTTP endpoint. A remote, unauthenticated attacker can use this vulnerability to execute operating system commands as root.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-06", - "notes": "" - }, - { - "cveID": "CVE-2019-16057", - "vendorProject": "D-Link", - "product": "DNS-320 Storage Device", - "vulnerabilityName": "D-Link DNS-320 Remote Code Execution Vulnerability", - "dateAdded": "2022-04-15", - "shortDescription": "The login_mgr.cgi script in D-Link DNS-320 is vulnerable to remote code execution.", - "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", - "dueDate": "2022-05-06", - "notes": "" - }, - { - "cveID": "CVE-2018-7841", - "vendorProject": "Schneider Electric", - "product": "U.motion Builder", - "vulnerabilityName": "Schneider Electric U.motion Builder SQL Injection Vulnerability", - "dateAdded": "2022-04-15", - "shortDescription": "A SQL Injection vulnerability exists in U.motion Builder software which could cause unwanted code execution when an improper set of characters is entered.", - "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", - "dueDate": "2022-05-06", - "notes": "" - }, - { - "cveID": "CVE-2016-4523", - "vendorProject": "Trihedral", - "product": "VTScada (formerly VTS)", - "vulnerabilityName": "Trihedral VTScada (formerly VTS) Denial-of-Service Vulnerability", - "dateAdded": "2022-04-15", - "shortDescription": "The WAP interface in Trihedral VTScada (formerly VTS) allows remote attackers to cause a denial-of-service.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-06", - "notes": "" - }, - { - "cveID": "CVE-2014-0780", - "vendorProject": "InduSoft", - "product": "Web Studio", - "vulnerabilityName": "InduSoft Web Studio NTWebServer Directory Traversal Vulnerability", - "dateAdded": "2022-04-15", - "shortDescription": "InduSoft Web Studio NTWebServer contains a directory traversal vulnerability which allows remote attackers to read administrative passwords in APP files, allowing for remote code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-06", - "notes": "" - }, - { - "cveID": "CVE-2010-5330", - "vendorProject": "Ubiquiti", - "product": "AirOS", - "vulnerabilityName": "Ubiquiti AirOS Command Injection Vulnerability", - "dateAdded": "2022-04-15", - "shortDescription": "Certain Ubiquiti devices contain a command injection vulnerability via a GET request to stainfo.cgi.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-06", - "notes": "" - }, - { - "cveID": "CVE-2007-3010", - "vendorProject": "Alcatel", - "product": "OmniPCX Enterprise", - "vulnerabilityName": "Alcatel OmniPCX Enterprise Remote Code Execution Vulnerability", - "dateAdded": "2022-04-15", - "shortDescription": "masterCGI in the Unified Maintenance Tool in Alcatel OmniPCX Enterprise Communication Server allows remote attackers to execute arbitrary commands.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-06", - "notes": "" - }, - { - "cveID": "CVE-2018-6882", - "vendorProject": "Zimbra", - "product": "Collaboration Suite (ZCS)", - "vulnerabilityName": "Zimbra Collaboration Suite (ZCS) Cross-Site Scripting (XSS) Vulnerability", - "dateAdded": "2022-04-19", - "shortDescription": "Zimbra Collaboration Suite (ZCS) contains a cross-site scripting vulnerability that might allow remote attackers to inject arbitrary web script or HTML.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-10", - "notes": "" - }, - { - "cveID": "CVE-2019-3568", - "vendorProject": "Meta Platforms", - "product": "WhatsApp", - "vulnerabilityName": "WhatsApp VOIP Stack Buffer Overflow Vulnerability", - "dateAdded": "2022-04-19", - "shortDescription": "A buffer overflow vulnerability in WhatsApp VOIP stack allowed remote code execution via specially crafted series of RTCP packets sent to a target phone number.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-10", - "notes": "" - }, - { - "cveID": "CVE-2022-22718", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows Print Spooler Privilege Escalation Vulnerability", - "dateAdded": "2022-04-19", - "shortDescription": "Microsoft Windows Print Spooler contains an unspecified vulnerability which allow for privilege escalation.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-10", - "notes": "" - }, - { - "cveID": "CVE-2022-29464", - "vendorProject": "WSO2", - "product": "Multiple Products", - "vulnerabilityName": "WSO2 Multiple Products Unrestrictive Upload of File Vulnerability", - "dateAdded": "2022-04-25", - "shortDescription": "Multiple WSO2 products allow for unrestricted file upload, resulting in remote code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-16", - "notes": "" - }, - { - "cveID": "CVE-2022-26904", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows User Profile Service Privilege Escalation Vulnerability", - "dateAdded": "2022-04-25", - "shortDescription": "Microsoft Windows User Profile Service contains an unspecified vulnerability that allows for privilege escalation.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-16", - "notes": "" - }, - { - "cveID": "CVE-2022-21919", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows User Profile Service Privilege Escalation Vulnerability", - "dateAdded": "2022-04-25", - "shortDescription": "Microsoft Windows User Profile Service contains an unspecified vulnerability that allows for privilege escalation.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-16", - "notes": "" - }, - { - "cveID": "CVE-2022-0847", - "vendorProject": "Linux", - "product": "Kernel", - "vulnerabilityName": "Linux Kernel Privilege Escalation Vulnerability", - "dateAdded": "2022-04-25", - "shortDescription": "Linux kernel contains an improper initialization vulnerability where an unprivileged local user could escalate their privileges on the system. This vulnerability has the moniker of \"Dirty Pipe.\"", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-16", - "notes": "" - }, - { - "cveID": "CVE-2021-41357", - "vendorProject": "Microsoft", - "product": "Win32k", - "vulnerabilityName": "Microsoft Win32k Privilege Escalation Vulnerability", - "dateAdded": "2022-04-25", - "shortDescription": "Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-16", - "notes": "" - }, - { - "cveID": "CVE-2021-40450", - "vendorProject": "Microsoft", - "product": "Win32k", - "vulnerabilityName": "Microsoft Win32k Privilege Escalation Vulnerability", - "dateAdded": "2022-04-25", - "shortDescription": "Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-16", - "notes": "" - }, - { - "cveID": "CVE-2019-1003029", - "vendorProject": "Jenkins", - "product": "Script Security Plugin", - "vulnerabilityName": "Jenkins Script Security Plugin Sandbox Bypass Vulnerability", - "dateAdded": "2022-04-25", - "shortDescription": "Jenkins Script Security Plugin contains a protection mechanism failure, allowing an attacker to bypass the sandbox.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-16", - "notes": "" - }, - { - "cveID": "CVE-2021-1789", - "vendorProject": "Apple", - "product": "Multiple Products", - "vulnerabilityName": "Apple Multiple Products Type Confusion Vulnerability", - "dateAdded": "2022-05-04", - "shortDescription": "A type confusion issue affecting multiple Apple products allows processing of maliciously crafted web content, leading to arbitrary code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-25", - "notes": "" - }, - { - "cveID": "CVE-2019-8506", - "vendorProject": "Apple", - "product": "Multiple Products", - "vulnerabilityName": "Apple Multiple Products Type Confusion Vulnerability", - "dateAdded": "2022-05-04", - "shortDescription": "A type confusion issue affecting multiple Apple products allows processing of maliciously crafted web content, leading to arbitrary code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-25", - "notes": "" - }, - { - "cveID": "CVE-2014-4113", - "vendorProject": "Microsoft", - "product": "Win32k", - "vulnerabilityName": "Microsoft Win32k Privilege Escalation Vulnerability", - "dateAdded": "2022-05-04", - "shortDescription": "Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-25", - "notes": "" - }, - { - "cveID": "CVE-2014-0322", - "vendorProject": "Microsoft", - "product": "Internet Explorer", - "vulnerabilityName": "Microsoft Internet Explorer Use-After-Free Vulnerability", - "dateAdded": "2022-05-04", - "shortDescription": "Use-after-free vulnerability in Microsoft Internet Explorer allows remote attackers to execute code.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-25", - "notes": "" - }, - { - "cveID": "CVE-2014-0160", - "vendorProject": "OpenSSL", - "product": "OpenSSL", - "vulnerabilityName": "OpenSSL Information Disclosure Vulnerability", - "dateAdded": "2022-05-04", - "shortDescription": "The TLS and DTLS implementations in OpenSSL do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-25", - "notes": "" - }, - { - "cveID": "CVE-2022-1388", - "vendorProject": "F5", - "product": "BIG-IP", - "vulnerabilityName": "F5 BIG-IP Missing Authentication Vulnerability", - "dateAdded": "2022-05-10", - "shortDescription": "F5 BIG-IP contains a missing authentication in critical function vulnerability which can allow for remote code execution, creation or deletion of files, or disabling services.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-05-31", - "notes": "" - }, - { - "cveID": "CVE-2022-30525", - "vendorProject": "Zyxel", - "product": "Multiple Firewalls", - "vulnerabilityName": "Zyxel Multiple Firewalls OS Command Injection Vulnerability", - "dateAdded": "2022-05-16", - "shortDescription": "A command injection vulnerability in the CGI program of some Zyxel firewall versions could allow an attacker to modify specific files and then execute some OS commands on a vulnerable device.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-06", - "notes": "" - }, - { - "cveID": "CVE-2022-22947", - "vendorProject": "VMware", - "product": "Spring Cloud Gateway", - "vulnerabilityName": "VMware Spring Cloud Gateway Code Injection Vulnerability", - "dateAdded": "2022-05-16", - "shortDescription": "Spring Cloud Gateway applications are vulnerable to a code injection attack when the Gateway Actuator endpoint is enabled, exposed and unsecured.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-06", - "notes": "" - }, - { - "cveID": "CVE-2022-20821", - "vendorProject": "Cisco", - "product": "IOS XR", - "vulnerabilityName": "Cisco IOS XR Open Port Vulnerability", - "dateAdded": "2022-05-23", - "shortDescription": "Cisco IOS XR software health check opens TCP port 6379 by default on activation. An attacker can connect to the Redis instance on the open port and allow access to the Redis instance that is running within the NOSi container.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-13", - "notes": "" - }, - { - "cveID": "CVE-2021-1048", - "vendorProject": "Android", - "product": "Kernel", - "vulnerabilityName": "Android Kernel Use-After-Free Vulnerability", - "dateAdded": "2022-05-23", - "shortDescription": "Android kernel contains a use-after-free vulnerability that allows for privilege escalation.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-13", - "notes": "" - }, - { - "cveID": "CVE-2021-0920", - "vendorProject": "Android", - "product": "Kernel", - "vulnerabilityName": "Android Kernel Race Condition Vulnerability", - "dateAdded": "2022-05-23", - "shortDescription": "Android kernel contains a race condition, which allows for a use-after-free vulnerability. Exploitation can allow for privilege escalation.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-13", - "notes": "" - }, - { - "cveID": "CVE-2021-30883", - "vendorProject": "Apple", - "product": "Multiple Products", - "vulnerabilityName": "Apple Multiple Products Memory Corruption Vulnerability", - "dateAdded": "2022-05-23", - "shortDescription": "Apple iOS, macOS, watchOS, and tvOS contain a memory corruption vulnerability that could allow for remote code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-13", - "notes": "" - }, - { - "cveID": "CVE-2020-1027", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows Kernel Privilege Escalation Vulnerability", - "dateAdded": "2022-05-23", - "shortDescription": "An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-13", - "notes": "" - }, - { - "cveID": "CVE-2020-0638", - "vendorProject": "Microsoft", - "product": "Update Notification Manager", - "vulnerabilityName": "Microsoft Update Notification Manager Privilege Escalation Vulnerability", - "dateAdded": "2022-05-23", - "shortDescription": "Microsoft Update Notification Manager contains an unspecified vulnerability that allows for privilege escalation.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-13", - "notes": "" - }, - { - "cveID": "CVE-2019-7286", - "vendorProject": "Apple", - "product": "Multiple Products", - "vulnerabilityName": "Apple Multiple Products Memory Corruption Vulnerability", - "dateAdded": "2022-05-23", - "shortDescription": "Apple iOS, macOS, watchOS, and tvOS contain a memory corruption vulnerability that could allow for privilege escalation.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-13", - "notes": "" - }, - { - "cveID": "CVE-2019-7287", - "vendorProject": "Apple", - "product": "iOS", - "vulnerabilityName": "Apple iOS Memory Corruption Vulnerability", - "dateAdded": "2022-05-23", - "shortDescription": "Apple iOS contains a memory corruption vulnerability which could allow an attacker to perform remote code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-13", - "notes": "" - }, - { - "cveID": "CVE-2019-0676", - "vendorProject": "Microsoft", - "product": "Internet Explorer", - "vulnerabilityName": "Microsoft Internet Explorer Information Disclosure Vulnerability", - "dateAdded": "2022-05-23", - "shortDescription": "An information disclosure vulnerability exists when Internet Explorer improperly handles objects in memory. An attacker who successfully exploited this vulnerability could test for the presence of files on disk.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-13", - "notes": "" - }, - { - "cveID": "CVE-2019-5786", - "vendorProject": "Google", - "product": "Chrome", - "vulnerabilityName": "Google Chrome Use-After-Free Vulnerability", - "dateAdded": "2022-05-23", - "shortDescription": "Google Chrome contains a heap use-after-free vulnerability which allows an attacker to potentially perform out of bounds memory access.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-13", - "notes": "" - }, - { - "cveID": "CVE-2019-0703", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows SMB Information Disclosure Vulnerability", - "dateAdded": "2022-05-23", - "shortDescription": "An information disclosure vulnerability exists in the way that the Windows SMB Server handles certain requests, which could lead to information disclosure from the server.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-13", - "notes": "" - }, - { - "cveID": "CVE-2019-0880", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows Privilege Escalation Vulnerability", - "dateAdded": "2022-05-23", - "shortDescription": "A local elevation of privilege vulnerability exists in how splwow64.exe handles certain calls. An attacker who successfully exploited the vulnerability could elevate privileges on an affected system from low-integrity to medium-integrity.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-13", - "notes": "" - }, - { - "cveID": "CVE-2019-13720", - "vendorProject": "Google", - "product": "Chrome", - "vulnerabilityName": "Google Chrome Use-After-Free Vulnerability", - "dateAdded": "2022-05-23", - "shortDescription": "Use-after-free in WebAudio in Google Chrome allows a remote attacker to potentially exploit heap corruption.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-13", - "notes": "" - }, - { - "cveID": "CVE-2019-11707", - "vendorProject": "Mozilla", - "product": "Firefox and Thunderbird", - "vulnerabilityName": "Mozilla Firefox and Thunderbird Type Confusion Vulnerability", - "dateAdded": "2022-05-23", - "shortDescription": "Mozilla Firefox and Thunderbird contain a type confusion vulnerability that can occur when manipulating JavaScript objects due to issues in Array.pop, allowing for an exploitable crash.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-13", - "notes": "" - }, - { - "cveID": "CVE-2019-11708", - "vendorProject": "Mozilla", - "product": "Firefox and Thunderbird", - "vulnerabilityName": "Mozilla Firefox and Thunderbird Sandbox Escape Vulnerability", - "dateAdded": "2022-05-23", - "shortDescription": "Mozilla Firefox and Thunderbird contain a sandbox escape vulnerability that could result in remote code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-13", - "notes": "" - }, - { - "cveID": "CVE-2019-8720", - "vendorProject": "WebKitGTK", - "product": "WebKitGTK", - "vulnerabilityName": "WebKitGTK Memory Corruption Vulnerability", - "dateAdded": "2022-05-23", - "shortDescription": "WebKitGTK contains a memory corruption vulnerability which can allow an attacker to perform remote code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-13", - "notes": "" - }, - { - "cveID": "CVE-2019-18426", - "vendorProject": "Meta Platforms", - "product": "WhatsApp", - "vulnerabilityName": "WhatsApp Cross-Site Scripting Vulnerability", - "dateAdded": "2022-05-23", - "shortDescription": "A vulnerability in WhatsApp Desktop when paired with WhatsApp for iPhone allows cross-site scripting and local file reading.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-13", - "notes": "" - }, - { - "cveID": "CVE-2019-1385", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows AppX Deployment Extensions Privilege Escalation Vulnerability", - "dateAdded": "2022-05-23", - "shortDescription": "A privilege escalation vulnerability exists when the Windows AppX Deployment Extensions improperly performs privilege management, resulting in access to system files.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-13", - "notes": "" - }, - { - "cveID": "CVE-2019-1130", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows AppX Deployment Service Privilege Escalation Vulnerability", - "dateAdded": "2022-05-23", - "shortDescription": "A privilege escalation vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-13", - "notes": "" - }, - { - "cveID": "CVE-2018-5002", - "vendorProject": "Adobe", - "product": "Flash Player", - "vulnerabilityName": "Adobe Flash Player Stack-based Buffer Overflow Vulnerability", - "dateAdded": "2022-05-23", - "shortDescription": "Adobe Flash Player have a stack-based buffer overflow vulnerability that could lead to remote code execution.", - "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", - "dueDate": "2022-06-13", - "notes": "" - }, - { - "cveID": "CVE-2018-8589", - "vendorProject": "Microsoft", - "product": "Win32k", - "vulnerabilityName": "Microsoft Win32k Privilege Escalation Vulnerability", - "dateAdded": "2022-05-23", - "shortDescription": "A privilege escalation vulnerability exists when Windows improperly handles calls to Win32k.sys. An attacker who successfully exploited this vulnerability could run remote code in the security context of the local system.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-13", - "notes": "" - }, - { - "cveID": "CVE-2018-8611", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows Kernel Privilege Escalation Vulnerability", - "dateAdded": "2022-05-24", - "shortDescription": "A privilege escalation vulnerability exists when the Windows kernel fails to properly handle objects in memory.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-14", - "notes": "" - }, - { - "cveID": "CVE-2018-19953", - "vendorProject": "QNAP", - "product": "Network Attached Storage (NAS)", - "vulnerabilityName": "QNAP NAS File Station Cross-Site Scripting Vulnerability", - "dateAdded": "2022-05-24", - "shortDescription": "A cross-site scripting vulnerability affecting QNAP NAS File Station could allow remote attackers to inject malicious code.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-14", - "notes": "" - }, - { - "cveID": "CVE-2018-19949", - "vendorProject": "QNAP", - "product": "Network Attached Storage (NAS)", - "vulnerabilityName": "QNAP NAS File Station Command Injection Vulnerability", - "dateAdded": "2022-05-24", - "shortDescription": "A command injection vulnerability affecting QNAP NAS File Station could allow remote attackers to run commands.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-14", - "notes": "" - }, - { - "cveID": "CVE-2018-19943", - "vendorProject": "QNAP", - "product": "Network Attached Storage (NAS)", - "vulnerabilityName": "QNAP NAS File Station Cross-Site Scripting Vulnerability", - "dateAdded": "2022-05-24", - "shortDescription": "A cross-site scripting vulnerability affecting QNAP NAS File Station could allow remote attackers to inject malicious code.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-14", - "notes": "" - }, - { - "cveID": "CVE-2017-0147", - "vendorProject": "Microsoft", - "product": "SMBv1 server", - "vulnerabilityName": "Microsoft Windows SMBv1 Information Disclosure Vulnerability", - "dateAdded": "2022-05-24", - "shortDescription": "The SMBv1 server in Microsoft Windows allows remote attackers to obtain sensitive information from process memory via a crafted packet.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-14", - "notes": "" - }, - { - "cveID": "CVE-2017-0022", - "vendorProject": "Microsoft", - "product": "XML Core Services", - "vulnerabilityName": "Microsoft XML Core Services Information Disclosure Vulnerability", - "dateAdded": "2022-05-24", - "shortDescription": "Microsoft XML Core Services (MSXML) improperly handles objects in memory, allowing attackers to test for files on disk via a crafted web site.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-14", - "notes": "" - }, - { - "cveID": "CVE-2017-0005", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows Graphics Device Interface (GDI) Privilege Escalation Vulnerability", - "dateAdded": "2022-05-24", - "shortDescription": "The Graphics Device Interface (GDI) in Microsoft Windows allows local users to gain privileges via a crafted application.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-14", - "notes": "" - }, - { - "cveID": "CVE-2017-0149", - "vendorProject": "Microsoft", - "product": "Internet Explorer", - "vulnerabilityName": "Microsoft Internet Explorer Memory Corruption Vulnerability", - "dateAdded": "2022-05-24", - "shortDescription": "Microsoft Internet Explorer allows remote attackers to execute code or cause a denial-of-service (memory corruption) via a crafted web site.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-14", - "notes": "" - }, - { - "cveID": "CVE-2017-0210", - "vendorProject": "Microsoft", - "product": "Internet Explorer", - "vulnerabilityName": "Microsoft Internet Explorer Privilege Escalation Vulnerability", - "dateAdded": "2022-05-24", - "shortDescription": "A privilege escalation vulnerability exists when Internet Explorer does not properly enforce cross-domain policies, which could allow an attacker to access information.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-14", - "notes": "" - }, - { - "cveID": "CVE-2017-8291", - "vendorProject": "Artifex", - "product": "Ghostscript", - "vulnerabilityName": "Artifex Ghostscript Type Confusion Vulnerability", - "dateAdded": "2022-05-24", - "shortDescription": "Artifex Ghostscript allows -dSAFER bypass and remote command execution via .rsdparams type confusion with a \"/OutputFile.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-14", - "notes": "" - }, - { - "cveID": "CVE-2017-8543", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows Search Remote Code Execution Vulnerability", - "dateAdded": "2022-05-24", - "shortDescription": "Microsoft Windows allows an attacker to take control of the affected system when Windows Search fails to handle objects in memory.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-14", - "notes": "" - }, - { - "cveID": "CVE-2017-18362", - "vendorProject": "Kaseya", - "product": "Virtual System/Server Administrator (VSA)", - "vulnerabilityName": "Kaseya VSA SQL Injection Vulnerability", - "dateAdded": "2022-05-24", - "shortDescription": "ConnectWise ManagedITSync integration for Kaseya VSA is vulnerable to unauthenticated remote commands that allow full direct access to the Kaseya VSA database.", - "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", - "dueDate": "2022-06-14", - "notes": "" - }, - { - "cveID": "CVE-2016-0162", - "vendorProject": "Microsoft", - "product": "Internet Explorer", - "vulnerabilityName": "Microsoft Internet Explorer Information Disclosure Vulnerability", - "dateAdded": "2022-05-24", - "shortDescription": "An information disclosure vulnerability exists when Internet Explorer does not properly handle JavaScript. The vulnerability could allow an attacker to detect specific files on the user\u0027s computer.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-14", - "notes": "" - }, - { - "cveID": "CVE-2016-3351", - "vendorProject": "Microsoft", - "product": "Internet Explorer and Edge", - "vulnerabilityName": "Microsoft Internet Explorer and Edge Information Disclosure Vulnerability", - "dateAdded": "2022-05-24", - "shortDescription": "An information disclosure vulnerability exists in the way that certain functions in Internet Explorer and Edge handle objects in memory. The vulnerability could allow an attacker to detect specific files on the user\u0027s computer.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-14", - "notes": "" - }, - { - "cveID": "CVE-2016-4655", - "vendorProject": "Apple", - "product": "iOS", - "vulnerabilityName": "Apple iOS Information Disclosure Vulnerability", - "dateAdded": "2022-05-24", - "shortDescription": "The Apple iOS kernel allows attackers to obtain sensitive information from memory via a crafted application.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-14", - "notes": "" - }, - { - "cveID": "CVE-2016-4656", - "vendorProject": "Apple", - "product": "iOS", - "vulnerabilityName": "Apple iOS Memory Corruption Vulnerability", - "dateAdded": "2022-05-24", - "shortDescription": "A memory corruption vulnerability in Apple iOS kernel allows attackers to execute code in a privileged context or cause a denial-of-service via a crafted application.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-14", - "notes": "" - }, - { - "cveID": "CVE-2016-4657", - "vendorProject": "Apple", - "product": "iOS", - "vulnerabilityName": "Apple iOS Webkit Memory Corruption Vulnerability", - "dateAdded": "2022-05-24", - "shortDescription": "WebKit in Apple iOS contains a memory corruption vulnerability which allows attackers to execute remote code or cause a denial-of-service via a crafted web site.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-14", - "notes": "" - }, - { - "cveID": "CVE-2016-6366", - "vendorProject": "Cisco", - "product": "Adaptive Security Appliance (ASA)", - "vulnerabilityName": "Cisco Adaptive Security Appliance (ASA) SNMP Buffer Overflow Vulnerability", - "dateAdded": "2022-05-24", - "shortDescription": "A buffer overflow vulnerability in the Simple Network Management Protocol (SNMP) code of Cisco ASA software could allow an attacker to cause a reload of the affected system or to remotely execute code.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-14", - "notes": "" - }, - { - "cveID": "CVE-2016-6367", - "vendorProject": "Cisco", - "product": "Adaptive Security Appliance (ASA)", - "vulnerabilityName": "Cisco Adaptive Security Appliance (ASA) CLI Remote Code Execution Vulnerability", - "dateAdded": "2022-05-24", - "shortDescription": "A vulnerability in the command-line interface (CLI) parser of Cisco ASA software could allow an authenticated, local attacker to create a denial-of-service condition or potentially execute code.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-14", - "notes": "" - }, - { - "cveID": "CVE-2016-3298", - "vendorProject": "Microsoft", - "product": "Internet Explorer", - "vulnerabilityName": "Microsoft Internet Explorer Messaging API Information Disclosure Vulnerability", - "dateAdded": "2022-05-24", - "shortDescription": "An information disclosure vulnerability exists when the Microsoft Internet Messaging API improperly handles objects in memory. An attacker who successfully exploited this vulnerability could allow the attacker to test for the presence of files on disk.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-14", - "notes": "" - }, - { - "cveID": "CVE-2019-3010", - "vendorProject": "Oracle", - "product": "Solaris", - "vulnerabilityName": "Oracle Solaris Privilege Escalation Vulnerability", - "dateAdded": "2022-05-25", - "shortDescription": "Oracle Solaris component: XScreenSaver contains an unspecified vulnerability which allows for privilege escalation.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-15", - "notes": "" - }, - { - "cveID": "CVE-2016-3393", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows Graphics Device Interface (GDI) Remote Code Execution Vulnerability", - "dateAdded": "2022-05-25", - "shortDescription": "A remote code execution vulnerability exists due to the way the Windows GDI component handles objects in the memory. An attacker who successfully exploits this vulnerability could take control of the affected system.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-15", - "notes": "" - }, - { - "cveID": "CVE-2016-7256", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows Open Type Font Remote Code Execution Vulnerability", - "dateAdded": "2022-05-25", - "shortDescription": "A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploits this vulnerability could take control of the affected system.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-15", - "notes": "" - }, - { - "cveID": "CVE-2016-1010", - "vendorProject": "Adobe", - "product": "Flash Player and AIR", - "vulnerabilityName": "Adobe Flash Player and AIR Integer Overflow Vulnerability", - "dateAdded": "2022-05-25", - "shortDescription": "Integer overflow vulnerability in Adobe Flash Player and AIR allows attackers to execute code.", - "requiredAction": "The impacted products are end-of-life and should be disconnected if still in use.", - "dueDate": "2022-06-15", - "notes": "" - }, - { - "cveID": "CVE-2016-0984", - "vendorProject": "Adobe", - "product": "Flash Player and AIR", - "vulnerabilityName": "Adobe Flash Player and AIR Use-After-Free Vulnerability", - "dateAdded": "2022-05-25", - "shortDescription": "Use-after-free vulnerability in Adobe Flash Player and Adobe AIR allows attackers to execute code.", - "requiredAction": "The impacted products are end-of-life and should be disconnected if still in use.", - "dueDate": "2022-06-15", - "notes": "" - }, - { - "cveID": "CVE-2016-0034", - "vendorProject": "Microsoft", - "product": "Silverlight", - "vulnerabilityName": "Microsoft Silverlight Runtime Remote Code Execution Vulnerability", - "dateAdded": "2022-05-25", - "shortDescription": "Microsoft Silverlight mishandles negative offsets during decoding, which allows attackers to execute remote code or cause a denial-of-service.", - "requiredAction": "The impacted products are end-of-life and should be disconnected if still in use.", - "dueDate": "2022-06-15", - "notes": "" - }, - { - "cveID": "CVE-2015-0310", - "vendorProject": "Adobe", - "product": "Flash Player", - "vulnerabilityName": "Adobe Flash Player ASLR Bypass Vulnerability", - "dateAdded": "2022-05-25", - "shortDescription": "Adobe Flash Player does not properly restrict discovery of memory addresses, which allows attackers to bypass the address space layout randomization (ASLR) protection mechanism.", - "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", - "dueDate": "2022-06-15", - "notes": "" - }, - { - "cveID": "CVE-2015-0016", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows TS WebProxy Directory Traversal Vulnerability", - "dateAdded": "2022-05-25", - "shortDescription": "Directory traversal vulnerability in the TS WebProxy (TSWbPrxy) component in Microsoft Windows allows remote attackers to escalate privileges.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-15", - "notes": "" - }, - { - "cveID": "CVE-2015-0071", - "vendorProject": "Microsoft", - "product": "Internet Explorer", - "vulnerabilityName": "Microsoft Internet Explorer ASLR Bypass Vulnerability", - "dateAdded": "2022-05-25", - "shortDescription": "Microsoft Internet Explorer allows remote attackers to bypass the address space layout randomization (ASLR) protection mechanism via a crafted web site.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-15", - "notes": "" - }, - { - "cveID": "CVE-2015-2360", - "vendorProject": "Microsoft", - "product": "Win32k", - "vulnerabilityName": "Microsoft Win32k Privilege Escalation Vulnerability", - "dateAdded": "2022-05-25", - "shortDescription": "Win32k.sys in the kernel-mode drivers in Microsoft Windows allows local users to gain privileges or cause denial-of-service.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-15", - "notes": "" - }, - { - "cveID": "CVE-2015-2425", - "vendorProject": "Microsoft", - "product": "Internet Explorer", - "vulnerabilityName": "Microsoft Internet Explorer Memory Corruption Vulnerability", - "dateAdded": "2022-05-25", - "shortDescription": "Microsoft Internet Explorer contains a memory corruption vulnerability that allows remote attackers to execute code or cause denial-of-service.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-15", - "notes": "" - }, - { - "cveID": "CVE-2015-1769", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows Mount Manager Privilege Escalation Vulnerability", - "dateAdded": "2022-05-25", - "shortDescription": "A privilege escalation vulnerability exists when the Windows Mount Manager component improperly processes symbolic links.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-15", - "notes": "" - }, - { - "cveID": "CVE-2015-4495", - "vendorProject": "Mozilla", - "product": "Firefox", - "vulnerabilityName": "Mozilla Firefox Security Feature Bypass Vulnerability", - "dateAdded": "2022-05-25", - "shortDescription": "Moxilla Firefox allows remote attackers to bypass the Same Origin Policy to read arbitrary files or gain privileges.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-15", - "notes": "" - }, - { - "cveID": "CVE-2015-8651", - "vendorProject": "Adobe", - "product": "Flash Player", - "vulnerabilityName": "Adobe Flash Player Integer Overflow Vulnerability", - "dateAdded": "2022-05-25", - "shortDescription": "Integer overflow in Adobe Flash Player allows attackers to execute code.", - "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", - "dueDate": "2022-06-15", - "notes": "" - }, - { - "cveID": "CVE-2015-6175", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows Kernel Privilege Escalation Vulnerability", - "dateAdded": "2022-05-25", - "shortDescription": "The kernel in Microsoft Windows contains a vulnerability that allows local users to gain privileges via a crafted application.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-15", - "notes": "" - }, - { - "cveID": "CVE-2015-1671", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows Remote Code Execution Vulnerability", - "dateAdded": "2022-05-25", - "shortDescription": "A remote code execution vulnerability exists when components of Windows, .NET Framework, Office, Lync, and Silverlight fail to properly handle TrueType fonts.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-15", - "notes": "" - }, - { - "cveID": "CVE-2014-4148", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows Remote Code Execution Vulnerability", - "dateAdded": "2022-05-25", - "shortDescription": "A remote code execution vulnerability exists when the Windows kernel-mode driver improperly handles TrueType fonts.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-15", - "notes": "" - }, - { - "cveID": "CVE-2014-8439", - "vendorProject": "Adobe", - "product": "Flash Player", - "vulnerabilityName": "Adobe Flash Player Dereferenced Pointer Vulnerability", - "dateAdded": "2022-05-25", - "shortDescription": "Adobe Flash Player has a vulnerability in the way it handles a dereferenced memory pointer which could lead to code execution.", - "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", - "dueDate": "2022-06-15", - "notes": "" - }, - { - "cveID": "CVE-2014-4123", - "vendorProject": "Microsoft", - "product": "Internet Explorer", - "vulnerabilityName": "Microsoft Internet Explorer Privilege Escalation Vulnerability", - "dateAdded": "2022-05-25", - "shortDescription": "Microsoft Internet Explorer contains an unspecified vulnerability that allows remote attackers to gain privileges via a crafted web site.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-15", - "notes": "" - }, - { - "cveID": "CVE-2014-0546", - "vendorProject": "Adobe", - "product": "Acrobat and Reader", - "vulnerabilityName": "Adobe Acrobat and Reader Sandbox Bypass Vulnerability", - "dateAdded": "2022-05-25", - "shortDescription": "Adobe Acrobat and Reader on Windows allow attackers to bypass a sandbox protection mechanism, and consequently execute native code in a privileged context.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-15", - "notes": "" - }, - { - "cveID": "CVE-2014-2817", - "vendorProject": "Microsoft", - "product": "Internet Explorer", - "vulnerabilityName": "Microsoft Internet Explorer Privilege Escalation Vulnerability", - "dateAdded": "2022-05-25", - "shortDescription": "Microsoft Internet Explorer cotains an unspecified vulnerability that allows remote attackers to gain privileges via a crafted web site.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-15", - "notes": "" - }, - { - "cveID": "CVE-2014-4077", - "vendorProject": "Microsoft", - "product": "Input Method Editor (IME) Japanese", - "vulnerabilityName": "Microsoft IME Japanese Privilege Escalation Vulnerability", - "dateAdded": "2022-05-25", - "shortDescription": "Microsoft Input Method Editor (IME) Japanese is a keyboard with Japanese characters that can be enabled on Windows systems as it is included by default (with the default set as disabled). IME Japanese contains an unspecified vulnerability when IMJPDCT.EXE (IME for Japanese) is installed which allows attackers to bypass a sandbox and perform privilege escalation.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-15", - "notes": "" - }, - { - "cveID": "CVE-2014-3153", - "vendorProject": "Linux", - "product": "Kernel", - "vulnerabilityName": "Linux Kernel Privilege Escalation Vulnerability", - "dateAdded": "2022-05-25", - "shortDescription": "The futex_requeue function in kernel/futex.c in Linux kernel does not ensure that calls have two different futex addresses, which allows local users to gain privileges.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-15", - "notes": "" - }, - { - "cveID": "CVE-2013-7331", - "vendorProject": "Microsoft", - "product": "Internet Explorer", - "vulnerabilityName": "Microsoft Internet Explorer Information Disclosure Vulnerability", - "dateAdded": "2022-05-25", - "shortDescription": "An information disclosure vulnerability exists in Internet Explorer which allows resources loaded into memory to be queried. This vulnerability could allow an attacker to detect anti-malware applications.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-15", - "notes": "" - }, - { - "cveID": "CVE-2013-3993", - "vendorProject": "IBM", - "product": "InfoSphere BigInsights", - "vulnerabilityName": "IBM InfoSphere BigInsights Invalid Input Vulnerability", - "dateAdded": "2022-05-25", - "shortDescription": "Certain APIs within BigInsights can take invalid input that might allow attackers unauthorized access to read, write, modify, or delete data.", - "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", - "dueDate": "2022-06-15", - "notes": "" - }, - { - "cveID": "CVE-2013-3896", - "vendorProject": "Microsoft", - "product": "Silverlight", - "vulnerabilityName": "Microsoft Silverlight Information Disclosure Vulnerability", - "dateAdded": "2022-05-25", - "shortDescription": "Microsoft Silverlight does not properly validate pointers during access to Silverlight elements, which allows remote attackers to obtain sensitive information via a crafted Silverlight application.", - "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", - "dueDate": "2022-06-15", - "notes": "" - }, - { - "cveID": "CVE-2013-2423", - "vendorProject": "Oracle", - "product": "Java Runtime Environment (JRE)", - "vulnerabilityName": "Oracle JRE Unspecified Vulnerability", - "dateAdded": "2022-05-25", - "shortDescription": "Unspecified vulnerability in hotspot for Java Runtime Environment (JRE) allows remote attackers to affect integrity.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-15", - "notes": "" - }, - { - "cveID": "CVE-2013-0431", - "vendorProject": "Oracle", - "product": "Java Runtime Environment (JRE)", - "vulnerabilityName": "Oracle JRE Sandbox Bypass Vulnerability", - "dateAdded": "2022-05-25", - "shortDescription": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle allows remote attackers to bypass the Java security sandbox.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-15", - "notes": "" - }, - { - "cveID": "CVE-2013-0422", - "vendorProject": "Oracle", - "product": "Java Runtime Environment (JRE)", - "vulnerabilityName": "Oracle JRE Remote Code Execution Vulnerability", - "dateAdded": "2022-05-25", - "shortDescription": "A vulnerability in the way Java restricts the permissions of Java applets could allow an attacker to execute commands on a vulnerable system.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-15", - "notes": "" - }, - { - "cveID": "CVE-2013-0074", - "vendorProject": "Microsoft", - "product": "Silverlight", - "vulnerabilityName": "Microsoft Silverlight Double Dereference Vulnerability", - "dateAdded": "2022-05-25", - "shortDescription": "Microsoft Silverlight does not properly validate pointers during HTML object rendering, which allows remote attackers to execute code via a crafted Silverlight application.", - "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", - "dueDate": "2022-06-15", - "notes": "" - }, - { - "cveID": "CVE-2012-1710", - "vendorProject": "Oracle", - "product": "Fusion Middleware", - "vulnerabilityName": "Oracle Fusion Middleware Unspecified Vulnerability", - "dateAdded": "2022-05-25", - "shortDescription": "Unspecified vulnerability in the Oracle WebCenter Forms Recognition component in Oracle Fusion Middleware allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Designer.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-15", - "notes": "" - }, - { - "cveID": "CVE-2010-1428", - "vendorProject": "Red Hat", - "product": "JBoss", - "vulnerabilityName": "Red Hat JBoss Information Disclosure Vulnerability", - "dateAdded": "2022-05-25", - "shortDescription": "Unauthenticated access to the JBoss Application Server Web Console (/web-console) is blocked by default. However, it was found that this block was incomplete, and only blocked GET and POST HTTP verbs. A remote attacker could use this flaw to gain access to sensitive information.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-15", - "notes": "" - }, - { - "cveID": "CVE-2010-0840", - "vendorProject": "Oracle", - "product": "Java Runtime Environment (JRE)", - "vulnerabilityName": "Oracle JRE Unspecified Vulnerability", - "dateAdded": "2022-05-25", - "shortDescription": "Unspecified vulnerability in the Java Runtime Environment (JRE) in Java SE component allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-15", - "notes": "" - }, - { - "cveID": "CVE-2010-0738", - "vendorProject": "Red Hat", - "product": "JBoss", - "vulnerabilityName": "Red Hat JBoss Authentication Bypass Vulnerability", - "dateAdded": "2022-05-25", - "shortDescription": "The JMX-Console web application in JBossAs in Red Hat JBoss Enterprise Application Platform performs access control only for the GET and POST methods, which allows remote attackers to send requests to this application\u0027s GET handler by using a different method.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-15", - "notes": "" - }, - { - "cveID": "CVE-2022-26134", - "vendorProject": "Atlassian", - "product": "Confluence Server/Data Center", - "vulnerabilityName": "Atlassian Confluence Server and Data Center Remote Code Execution Vulnerability", - "dateAdded": "2022-06-02", - "shortDescription": "Atlassian Confluence Server and Data Center contain a remote code execution vulnerability that allows for an unauthenticated attacker to perform remote code execution.", - "requiredAction": "Immediately block all internet traffic to and from affected products AND apply the update per vendor instructions [https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html] OR remove the affected products by the due date on the right. Note: Once the update is successfully deployed, agencies can reassess the internet blocking rules.", - "dueDate": "2022-06-06", - "notes": "" - }, - { - "cveID": "CVE-2022-31460", - "vendorProject": "Owl Labs", - "product": "Meeting Owl Pro and Whiteboard Owl", - "vulnerabilityName": "Meeting Owl Pro and Whiteboard Owl Hard-Coded Credentials Vulnerability", - "dateAdded": "2022-06-08", - "shortDescription": "Owl Labs Meeting Owl and Whiteboard Owl allow attackers to activate Tethering Mode with hard-coded hoothoot credentials via a certain c 150 value.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-22", - "notes": "" - }, - { - "cveID": "CVE-2019-7195", - "vendorProject": "QNAP", - "product": "Photo Station", - "vulnerabilityName": "QNAP Photo Station Path Traversal Vulnerability", - "dateAdded": "2022-06-08", - "shortDescription": "QNAP devices running Photo Station contain an external control of file name or path vulnerability allowing remote attackers to access or modify system files.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-22", - "notes": "" - }, - { - "cveID": "CVE-2019-7194", - "vendorProject": "QNAP", - "product": "Photo Station", - "vulnerabilityName": "QNAP Photo Station Path Traversal Vulnerability", - "dateAdded": "2022-06-08", - "shortDescription": "QNAP devices running Photo Station contain an external control of file name or path vulnerability allowing remote attackers to access or modify system files.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-22", - "notes": "" - }, - { - "cveID": "CVE-2019-7193", - "vendorProject": "QNAP", - "product": "QTS", - "vulnerabilityName": "QNAP QTS Improper Input Validation Vulnerability", - "dateAdded": "2022-06-08", - "shortDescription": "QNAP QTS contains an improper input validation vulnerability allowing remote attackers to inject code on the system.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-22", - "notes": "" - }, - { - "cveID": "CVE-2019-7192", - "vendorProject": "QNAP", - "product": "Photo Station", - "vulnerabilityName": "QNAP Photo Station Improper Access Control Vulnerability", - "dateAdded": "2022-06-08", - "shortDescription": "QNAP NAS devices running Photo Station contain an improper access control vulnerability allowing remote attackers to gain unauthorized access to the system.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-22", - "notes": "" - }, - { - "cveID": "CVE-2019-5825", - "vendorProject": "Google", - "product": "Chromium V8 Engine", - "vulnerabilityName": "Google Chromium V8 Out-of-Bounds Write Vulnerability", - "dateAdded": "2022-06-08", - "shortDescription": "Google Chromium V8 Engine contains an out-of-bounds write vulnerability which allows a remote attacker to potentially exploit heap corruption.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-22", - "notes": "" - }, - { - "cveID": "CVE-2019-15271", - "vendorProject": "Cisco", - "product": "RV Series Routers", - "vulnerabilityName": "Cisco RV Series Routers Deserialization of Untrusted Data Vulnerability", - "dateAdded": "2022-06-08", - "shortDescription": "A deserialization of untrusted data vulnerability in the web-based management interface of certain Cisco Small Business RV Series Routers could allow an attacker to execute code with root privileges.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-22", - "notes": "" - }, - { - "cveID": "CVE-2018-6065", - "vendorProject": "Google", - "product": "Chromium V8 Engine", - "vulnerabilityName": "Google Chromium V8 Integer Overflow Vulnerability", - "dateAdded": "2022-06-08", - "shortDescription": "Google Chromium V8 Engine contains an integer overflow vulnerability which allows a remote attacker to potentially exploit heap corruption.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-22", - "notes": "" - }, - { - "cveID": "CVE-2018-4990", - "vendorProject": "Adobe", - "product": "Acrobat and Reader", - "vulnerabilityName": "Adobe Acrobat and Reader Double Free Vulnerability", - "dateAdded": "2022-06-08", - "shortDescription": "Adobe Acrobat and Reader have a double free vulnerability that could lead to remote code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-22", - "notes": "" - }, - { - "cveID": "CVE-2018-17480", - "vendorProject": "Google", - "product": "Chromium V8 Engine", - "vulnerabilityName": "Google Chromium V8 Out-of-Bounds Write Vulnerability", - "dateAdded": "2022-06-08", - "shortDescription": "Google Chromium V8 Engine contains an out-of-bounds write vulnerability which allows a remote attacker to execute code inside a sandbox.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-22", - "notes": "" - }, - { - "cveID": "CVE-2018-17463", - "vendorProject": "Google", - "product": "Chromium V8 Engine", - "vulnerabilityName": "Google Chromium V8 Remote Code Execution Vulnerability", - "dateAdded": "2022-06-08", - "shortDescription": "Google Chromium V8 Engine contains an unspecified vulnerability which allows for remote code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-22", - "notes": "" - }, - { - "cveID": "CVE-2017-6862", - "vendorProject": "NETGEAR", - "product": "Multiple Devices", - "vulnerabilityName": "NETGEAR Multiple Devices Buffer Overflow Vulnerability", - "dateAdded": "2022-06-08", - "shortDescription": "Multiple NETGEAR devices contain a buffer overflow vulnerability that allows for authentication bypass and remote code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-22", - "notes": "" - }, - { - "cveID": "CVE-2017-5070", - "vendorProject": "Google", - "product": "Chromium V8 Engine", - "vulnerabilityName": "Google Chromium V8 Type Confusion Vulnerability", - "dateAdded": "2022-06-08", - "shortDescription": "Google Chromium V8 Engine contains a type confusion vulnerability which allows a remote attacker to execute code inside a sandbox.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-22", - "notes": "" - }, - { - "cveID": "CVE-2017-5030", - "vendorProject": "Google", - "product": "Chromium V8 Engine", - "vulnerabilityName": "Google Chromium V8 Memory Corruption Vulnerability", - "dateAdded": "2022-06-08", - "shortDescription": "Google Chromium V8 Engine contains a memory corruption vulnerability which allows a remote attacker to execute code.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-22", - "notes": "" - }, - { - "cveID": "CVE-2016-5198", - "vendorProject": "Google", - "product": "Chromium V8 Engine", - "vulnerabilityName": "Google Chromium V8 Out-of-Bounds Memory Vulnerability", - "dateAdded": "2022-06-08", - "shortDescription": "Google Chromium V8 Engine contains an out-of-bounds memory vulnerability.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-22", - "notes": "" - }, - { - "cveID": "CVE-2016-1646", - "vendorProject": "Google", - "product": "Chromium V8 Engine", - "vulnerabilityName": "Google Chromium V8 Out-of-Bounds Read Vulnerability", - "dateAdded": "2022-06-08", - "shortDescription": "Google Chromium V8 contains an out-of-bounds read vulnerability.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-22", - "notes": "" - }, - { - "cveID": "CVE-2013-1331", - "vendorProject": "Microsoft", - "product": "Office", - "vulnerabilityName": "Microsoft Office Buffer Overflow Vulnerability", - "dateAdded": "2022-06-08", - "shortDescription": "Microsoft Office contains a buffer overflow vulnerability which allows remote attackers to execute code via crafted PNG data in an Office document.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-22", - "notes": "" - }, - { - "cveID": "CVE-2012-5054", - "vendorProject": "Adobe", - "product": "Flash Player", - "vulnerabilityName": "Adobe Flash Player Integer Overflow Vulnerability", - "dateAdded": "2022-06-08", - "shortDescription": "Adobe Flash Player contains an integer overflow vulnerability which allows remote attackers to execute code via malformed arguments.", - "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", - "dueDate": "2022-06-22", - "notes": "" - }, - { - "cveID": "CVE-2012-4969", - "vendorProject": "Microsoft", - "product": "Internet Explorer", - "vulnerabilityName": "Microsoft Internet Explorer Use-After-Free Vulnerability", - "dateAdded": "2022-06-08", - "shortDescription": "Microsoft Internet Explorer contains a use-after-free vulnerability which allows remote attackers to execute code via a crafted web site.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-22", - "notes": "" - }, - { - "cveID": "CVE-2012-1889", - "vendorProject": "Microsoft", - "product": "XML Core Services", - "vulnerabilityName": "Microsoft XML Core Services Memory Corruption Vulnerability", - "dateAdded": "2022-06-08", - "shortDescription": "Microsoft XML Core Services contains a memory corruption vulnerability which could allow for remote code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-22", - "notes": "" - }, - { - "cveID": "CVE-2012-0767", - "vendorProject": "Adobe", - "product": "Flash Player", - "vulnerabilityName": "Adobe Flash Player Cross-Site Scripting (XSS) Vulnerability", - "dateAdded": "2022-06-08", - "shortDescription": "Adobe Flash Player contains a XSS vulnerability which allows remote attackers to inject web script or HTML.", - "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", - "dueDate": "2022-06-22", - "notes": "" - }, - { - "cveID": "CVE-2012-0754", - "vendorProject": "Adobe", - "product": "Flash Player", - "vulnerabilityName": "Adobe Flash Player Memory Corruption Vulnerability", - "dateAdded": "2022-06-08", - "shortDescription": "Adobe Flash Player contains a memory corruption vulnerability which allows remote attackers to execute code or cause denial-of-service.", - "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", - "dueDate": "2022-06-22", - "notes": "" - }, - { - "cveID": "CVE-2012-0151", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows Authenticode Signature Verification Remote Code Execution Vulnerability", - "dateAdded": "2022-06-08", - "shortDescription": "The Authenticode Signature Verification function in Microsoft Windows (WinVerifyTrust) does not properly validate the digest of a signed portable executable (PE) file, which allows user-assisted remote attackers to execute code.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-22", - "notes": "" - }, - { - "cveID": "CVE-2011-2462", - "vendorProject": "Adobe", - "product": "Acrobat and Reader", - "vulnerabilityName": "Adobe Acrobat and Reader Universal 3D Memory Corruption Vulnerability", - "dateAdded": "2022-06-08", - "shortDescription": "The Universal 3D (U3D) component in Adobe Acrobat and Reader contains a memory corruption vulnerability which could allow remote attackers to execute code or cause denial-of-service.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-22", - "notes": "" - }, - { - "cveID": "CVE-2011-0609", - "vendorProject": "Adobe", - "product": "Flash Player", - "vulnerabilityName": "Adobe Flash Player Unspecified Vulnerability", - "dateAdded": "2022-06-08", - "shortDescription": "Adobe Flash Player contains an unspecified vulnerability which allows remote attackers to execute code or cause denial-of-service.", - "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", - "dueDate": "2022-06-22", - "notes": "" - }, - { - "cveID": "CVE-2010-2883", - "vendorProject": "Adobe", - "product": "Reader and Acrobat", - "vulnerabilityName": "Adobe Acrobat and Reader Stack-Based Buffer Overflow Vulnerability", - "dateAdded": "2022-06-08", - "shortDescription": "Adobe Acrobat and Reader contain a stack-based buffer overflow vulnerability which allows remote attackers to execute code or cause denial-of-service.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-22", - "notes": "" - }, - { - "cveID": "CVE-2010-2572", - "vendorProject": "Microsoft", - "product": "PowerPoint", - "vulnerabilityName": "Microsoft PowerPoint Buffer Overflow Vulnerability", - "dateAdded": "2022-06-08", - "shortDescription": "Microsoft PowerPoint contains a buffer overflow vulnerability that alllows for remote code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-22", - "notes": "" - }, - { - "cveID": "CVE-2010-1297", - "vendorProject": "Adobe", - "product": "Flash Player", - "vulnerabilityName": "Adobe Flash Player Memory Corruption Vulnerability", - "dateAdded": "2022-06-08", - "shortDescription": "Adobe Flash Player contains a memory corruption vulnerability that allows remote attackers to execute code or cause denial-of-service.", - "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", - "dueDate": "2022-06-22", - "notes": "" - }, - { - "cveID": "CVE-2009-4324", - "vendorProject": "Adobe", - "product": "Acrobat and Reader", - "vulnerabilityName": "Adobe Acrobat and Reader Use-After-Free Vulnerability", - "dateAdded": "2022-06-08", - "shortDescription": "Use-after-free vulnerability in Adobe Acrobat and Reader allows remote attackers to execute code via a crafted PDF file.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-22", - "notes": "" - }, - { - "cveID": "CVE-2009-3953", - "vendorProject": "Adobe", - "product": "Acrobat and Reader", - "vulnerabilityName": "Adobe Acrobat and Reader Universal 3D Remote Code Execution Vulnerability", - "dateAdded": "2022-06-08", - "shortDescription": "Adobe Acrobat and Reader contains an array boundary issue in Universal 3D (U3D) support that could lead to remote code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-22", - "notes": "" - }, - { - "cveID": "CVE-2009-1862", - "vendorProject": "Adobe", - "product": "Acrobat and Reader, Flash Player", - "vulnerabilityName": "Adobe Acrobat and Reader, Flash Player Unspecified Vulnerability", - "dateAdded": "2022-06-08", - "shortDescription": "Adobe Acrobat and Reader and Adobe Flash Player allows remote attackers to execute code or cause denial-of-service.", - "requiredAction": "For Adobe Acrobat and Reader, apply updates per vendor instructions. For Adobe Flash Player, the impacted product is end-of-life and should be disconnected if still in use.", - "dueDate": "2022-06-22", - "notes": "" - }, - { - "cveID": "CVE-2009-0563", - "vendorProject": "Microsoft", - "product": "Office", - "vulnerabilityName": "Microsoft Office Buffer Overflow Vulnerability", - "dateAdded": "2022-06-08", - "shortDescription": "Microsoft Office contains a buffer overflow vulnerability that allows remote attackers to execute code via a Word document with a crafted tag containing an invalid length field.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-22", - "notes": "" - }, - { - "cveID": "CVE-2009-0557", - "vendorProject": "Microsoft", - "product": "Office", - "vulnerabilityName": "Microsoft Office Object Record Corruption Vulnerability", - "dateAdded": "2022-06-08", - "shortDescription": "Microsoft Office contains an object record corruption vulnerability which allows remote attackers to execute code via a crafted Excel file with a malformed record object.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-22", - "notes": "" - }, - { - "cveID": "CVE-2008-0655", - "vendorProject": "Adobe", - "product": "Acrobat and Reader", - "vulnerabilityName": "Adobe Acrobat and Reader Unspecified Vulnerability", - "dateAdded": "2022-06-08", - "shortDescription": "Adobe Acrobat and Reader contains an unespecified vulnerability described as a design flaw which could allow a specially crafted file to be printed silently an arbitrary number of times.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-22", - "notes": "" - }, - { - "cveID": "CVE-2007-5659", - "vendorProject": "Adobe", - "product": "Acrobat and Reader", - "vulnerabilityName": "Adobe Acrobat and Reader Buffer Overflow Vulnerability", - "dateAdded": "2022-06-08", - "shortDescription": "Adobe Acrobat and Reader contain a buffer overflow vulnerability which allows remote attackers to execute code via a PDF file with long arguments to unspecified JavaScript methods.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-22", - "notes": "" - }, - { - "cveID": "CVE-2006-2492", - "vendorProject": "Microsoft", - "product": "Word", - "vulnerabilityName": "Microsoft Word Malformed Object Pointer Vulnerability", - "dateAdded": "2022-06-08", - "shortDescription": "Microsoft Word and Microsoft Works Suites contain a malformed object pointer which allows attackers to execute code.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-22", - "notes": "" - }, - { - "cveID": "CVE-2021-38163", - "vendorProject": "SAP", - "product": "NetWeaver", - "vulnerabilityName": "SAP NetWeaver Unrestricted File Upload Vulnerability", - "dateAdded": "2022-06-09", - "shortDescription": "SAP NetWeaver contains a vulnerability that allows unrestricted file upload.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-30", - "notes": "" - }, - { - "cveID": "CVE-2016-2386", - "vendorProject": "SAP", - "product": "NetWeaver", - "vulnerabilityName": "SAP NetWeaver SQL Injection Vulnerability", - "dateAdded": "2022-06-09", - "shortDescription": "SQL injection vulnerability in the UDDI server in SAP NetWeaver J2EE Engine 7.40 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-30", - "notes": "" - }, - { - "cveID": "CVE-2016-2388", - "vendorProject": "SAP", - "product": "NetWeaver", - "vulnerabilityName": "SAP NetWeaver Information Disclosure Vulnerability", - "dateAdded": "2022-06-09", - "shortDescription": "The Universal Worklist Configuration in SAP NetWeaver AS JAVA 7.4 allows remote attackers to obtain sensitive user information via a crafted HTTP request.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-06-30", - "notes": "" - }, - { - "cveID": "CVE-2022-30190", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability", - "dateAdded": "2022-06-14", - "shortDescription": "A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this vulnerability can run code with the privileges of the calling application.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-07-05", - "notes": "" - }, - { - "cveID": "CVE-2022-29499", - "vendorProject": "Mitel", - "product": "MiVoice Connect", - "vulnerabilityName": "Mitel MiVoice Connect Data Validation Vulnerability", - "dateAdded": "2022-06-27", - "shortDescription": "The Service Appliance component in Mitel MiVoice Connect allows remote code execution due to incorrect data validation.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-07-18", - "notes": "" - }, - { - "cveID": "CVE-2021-30533", - "vendorProject": "Google", - "product": "Chromium", - "vulnerabilityName": "Google Chromium Security Bypass Vulnerability", - "dateAdded": "2022-06-27", - "shortDescription": "Insufficient policy enforcement in the PopupBlocker for Chromium allows an attacker to remotely bypass security mechanisms. This vulnerability impacts web browsers using Chromium such as Chrome and Edge.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-07-18", - "notes": "" - }, - { - "cveID": "CVE-2021-4034", - "vendorProject": "Red Hat", - "product": "Polkit", - "vulnerabilityName": "Red Hat Polkit Out-of-Bounds Read and Write Vulnerability", - "dateAdded": "2022-06-27", - "shortDescription": "The Red Hat polkit pkexec utility contains an out-of-bounds read and write vulnerability which allows for privilege escalation with administrative rights.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-07-18", - "notes": "" - }, - { - "cveID": "CVE-2021-30983", - "vendorProject": "Apple", - "product": "iOS and iPadOS", - "vulnerabilityName": "Apple iOS and iPadOS Buffer Overflow Vulnerability", - "dateAdded": "2022-06-27", - "shortDescription": "Apple iOS and iPadOS contain a buffer overflow vulnerability that could allow an application to execute code with kernel privileges.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-07-18", - "notes": "" - }, - { - "cveID": "CVE-2020-3837", - "vendorProject": "Apple", - "product": "Multiple Products", - "vulnerabilityName": "Apple Multiple Products Memory Corruption Vulnerability", - "dateAdded": "2022-06-27", - "shortDescription": "Apple iOS, iPadOS, macOS, tvOS, and watchOS contain a memory corruption vulnerability that could allow an application to execute code with kernel privileges.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-07-18", - "notes": "" - }, - { - "cveID": "CVE-2020-9907", - "vendorProject": "Apple", - "product": "Multiple Products", - "vulnerabilityName": "Apple Multiple Products Memory Corruption Vulnerability", - "dateAdded": "2022-06-27", - "shortDescription": "Apple iOS, iPadOS, and tvOS contain a memory corruption vulnerability that could allow an application to execute code with kernel privileges.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-07-18", - "notes": "" - }, - { - "cveID": "CVE-2019-8605", - "vendorProject": "Apple", - "product": "Multiple Products", - "vulnerabilityName": "Apple Multiple Products Use-After-Free Vulnerability", - "dateAdded": "2022-06-27", - "shortDescription": "A use-after-free vulnerability in Apple iOS, macOS, tvOS, and watchOS could allow a malicious application to execute code with system privileges.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-07-18", - "notes": "" - }, - { - "cveID": "CVE-2018-4344", - "vendorProject": "Apple", - "product": "Multiple Products", - "vulnerabilityName": "Apple Multiple Products Memory Corruption Vulnerability", - "dateAdded": "2022-06-27", - "shortDescription": "Apple iOS, macOS, tvOS, and watchOS contain a memory corruption vulnerability which can allow for code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-07-18", - "notes": "" - }, - { - "cveID": "CVE-2022-26925", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows LSA Spoofing Vulnerability", - "dateAdded": "2022-07-01", - "shortDescription": "Microsoft Windows Local Security Authority (LSA) contains a spoofing vulnerability where an attacker can coerce the domain controller to authenticate to the attacker using NTLM.", - "requiredAction": "Apply remediation actions outlined in CISA guidance [https://www.cisa.gov/guidance-applying-june-microsoft-patch].", - "dueDate": "2022-07-22", - "notes": "WARNING: This update is required on all Microsoft Windows endpoints but if deployed to domain controllers without additional configuration changes the update breaks PIV/CAC authentication. Read CISA implementation guidance carefully before deploying to domain controllers." - }, - { - "cveID": "CVE-2022-22047", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows Client Server Runtime Subsystem (CSRSS) Privilege Escalation Vulnerability", - "dateAdded": "2022-07-12", - "shortDescription": "Microsoft Windows CSRSS contains an unspecified vulnerability which allows for privilege escalation to SYSTEM privileges.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-08-02", - "notes": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22047" - }, - { - "cveID": "CVE-2022-26138", - "vendorProject": "Atlassian", - "product": "Confluence", - "vulnerabilityName": "Atlassian Questions For Confluence App Hard-coded Credentials Vulnerability", - "dateAdded": "2022-07-29", - "shortDescription": "Atlassian Questions For Confluence App has hard-coded credentials, exposing the username and password in plaintext. A remote unauthenticated attacker can use these credentials to log into Confluence and access all content accessible to users in the confluence-users group.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-08-19", - "notes": "https://confluence.atlassian.com/doc/questions-for-confluence-security-advisory-2022-07-20-1142446709.html" - }, - { - "cveID": "CVE-2022-27924", - "vendorProject": "Zimbra", - "product": "Collaboration (ZCS)", - "vulnerabilityName": "Zimbra Collaboration (ZCS) Command Injection Vulnerability", - "dateAdded": "2022-08-04", - "shortDescription": "Zimbra Collaboration (ZCS) allows an attacker to inject memcache commands into a targeted instance which causes an overwrite of arbitrary cached entries.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-08-25", - "notes": "https://wiki.zimbra.com/wiki/Zimbra_Releases/9.0.0/P24.1#Security_Fixes" - }, - { - "cveID": "CVE-2022-34713", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability", - "dateAdded": "2022-08-09", - "shortDescription": "A remote code execution vulnerability exists when Microsoft Windows MSDT is called using the URL protocol from a calling application.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-08-30", - "notes": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34713" - }, - { - "cveID": "CVE-2022-30333", - "vendorProject": "RARLAB", - "product": "UnRAR", - "vulnerabilityName": "RARLAB UnRAR Directory Traversal Vulnerability", - "dateAdded": "2022-08-09", - "shortDescription": "RARLAB UnRAR on Linux and UNIX contains a directory traversal vulnerability, allowing an attacker to write to files during an extract (unpack) operation.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-08-30", - "notes": "Vulnerability updated with version 6.12. Accessing link will download update information: https://www.rarlab.com/rar/rarlinux-x32-612.tar.gz" - }, - { - "cveID": "CVE-2022-27925", - "vendorProject": "Zimbra", - "product": "Collaboration (ZCS)", - "vulnerabilityName": "Zimbra Collaboration (ZCS) Arbitrary File Upload Vulnerability", - "dateAdded": "2022-08-11", - "shortDescription": "Zimbra Collaboration (ZCS) contains flaw in the mboximport functionality, allowing an authenticated attacker to upload arbitrary files to perform remote code execution. This vulnerability was chained with CVE-2022-37042 which allows for unauthenticated remote code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-09-01", - "notes": "https://blog.zimbra.com/2022/08/authentication-bypass-in-mailboximportservlet-vulnerability/" - }, - { - "cveID": "CVE-2022-37042", - "vendorProject": "Zimbra", - "product": "Collaboration (ZCS)", - "vulnerabilityName": "Zimbra Collaboration (ZCS) Authentication Bypass Vulnerability", - "dateAdded": "2022-08-11", - "shortDescription": "Zimbra Collaboration (ZCS) contains an authentication bypass vulnerability in MailboxImportServlet. This vulnerability was chained with CVE-2022-27925 which allows for unauthenticated remote code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-09-01", - "notes": "https://blog.zimbra.com/2022/08/authentication-bypass-in-mailboximportservlet-vulnerability/" - }, - { - "cveID": "CVE-2022-22536", - "vendorProject": "SAP", - "product": "Multiple Products", - "vulnerabilityName": "SAP Multiple Products HTTP Request Smuggling Vulnerability", - "dateAdded": "2022-08-18", - "shortDescription": "SAP NetWeaver Application Server ABAP, SAP NetWeaver Application Server Java, ABAP Platform, SAP Content Server and SAP Web Dispatcher allow HTTP request smuggling. An unauthenticated attacker can prepend a victim\u0027s request with arbitrary data, allowing for function execution impersonating the victim or poisoning intermediary Web caches.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-09-08", - "notes": "SAP users must have an account in order to login and access the patch. https://accounts.sap.com/saml2/idp/sso" - }, - { - "cveID": "CVE-2022-32894", - "vendorProject": "Apple", - "product": "iOS and macOS", - "vulnerabilityName": "Apple iOS and macOS Out-of-Bounds Write Vulnerability", - "dateAdded": "2022-08-18", - "shortDescription": "Apple iOS and macOS contain an out-of-bounds write vulnerability that could allow an application to execute code with kernel privileges.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-09-08", - "notes": "https://support.apple.com/en-gb/HT213412, https://support.apple.com/en-gb/HT213413" - }, - { - "cveID": "CVE-2022-32893", - "vendorProject": "Apple", - "product": "iOS and macOS", - "vulnerabilityName": "Apple iOS and macOS Out-of-Bounds Write Vulnerability", - "dateAdded": "2022-08-18", - "shortDescription": "Apple iOS and macOS contain an out-of-bounds write vulnerability that could allow for remote code execution when processing malicious crafted web content.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-09-08", - "notes": "https://support.apple.com/en-gb/HT213412, https://support.apple.com/en-gb/HT213413" - }, - { - "cveID": "CVE-2022-2856", - "vendorProject": "Google", - "product": "Chrome", - "vulnerabilityName": "Google Chrome Intents Insufficient Input Validation Vulnerability", - "dateAdded": "2022-08-18", - "shortDescription": "Google Chrome Intents allows for insufficient validation of untrusted input, causing unknown impacts. CISA will update this description if more information becomes available.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-09-08", - "notes": "https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_16.html" - }, - { - "cveID": "CVE-2022-26923", - "vendorProject": "Microsoft", - "product": "Active Directory", - "vulnerabilityName": "Microsoft Active Directory Domain Services Privilege Escalation Vulnerability", - "dateAdded": "2022-08-18", - "shortDescription": "An authenticated user could manipulate attributes on computer accounts they own or manage, and acquire a certificate from Active Directory Certificate Services that would allow for privilege escalation to SYSTEM.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-09-08", - "notes": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-26923" - }, - { - "cveID": "CVE-2022-21971", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows Runtime Remote Code Execution Vulnerability", - "dateAdded": "2022-08-18", - "shortDescription": "Microsoft Windows Runtime contains an unspecified vulnerability which allows for remote code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-09-08", - "notes": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21971" - }, - { - "cveID": "CVE-2017-15944", - "vendorProject": "Palo Alto Networks", - "product": "PAN-OS", - "vulnerabilityName": "Palo Alto Networks PAN-OS Remote Code Execution Vulnerability", - "dateAdded": "2022-08-18", - "shortDescription": "Palo Alto Networks PAN-OS contains multiple, unspecified vulnerabilities which can allow for remote code execution when chained.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-09-08", - "notes": "https://security.paloaltonetworks.com/CVE-2017-15944" - }, - { - "cveID": "CVE-2022-0028", - "vendorProject": "Palo Alto Networks", - "product": "PAN-OS", - "vulnerabilityName": "Palo Alto Networks PAN-OS Reflected Amplification Denial-of-Service Vulnerability", - "dateAdded": "2022-08-22", - "shortDescription": "A Palo Alto Networks PAN-OS URL filtering policy misconfiguration could allow a network-based attacker to conduct reflected and amplified TCP denial-of-service (RDoS) attacks.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-09-12", - "notes": "https://security.paloaltonetworks.com/CVE-2022-0028" - }, - { - "cveID": "CVE-2022-26352", - "vendorProject": "dotCMS", - "product": "dotCMS", - "vulnerabilityName": "dotCMS Unrestricted Upload of File Vulnerability", - "dateAdded": "2022-08-25", - "shortDescription": "dotCMS ContentResource API contains an unrestricted upload of file with a dangerous type vulnerability that allows for directory traversal, in which the file is saved outside of the intended storage location. Exploitation allows for remote code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-09-15", - "notes": "https://www.dotcms.com/security/SI-62" - }, - { - "cveID": "CVE-2022-24706", - "vendorProject": "Apache", - "product": "CouchDB", - "vulnerabilityName": "Apache CouchDB Insecure Default Initialization of Resource Vulnerability", - "dateAdded": "2022-08-25", - "shortDescription": "Apache CouchDB contains an insecure default initialization of resource vulnerability which can allow an attacker to escalate to administrative privileges.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-09-15", - "notes": "https://lists.apache.org/thread/w24wo0h8nlctfps65txvk0oc5hdcnv00" - }, - { - "cveID": "CVE-2022-24112", - "vendorProject": "Apache", - "product": "APISIX", - "vulnerabilityName": "Apache APISIX Authentication Bypass Vulnerability", - "dateAdded": "2022-08-25", - "shortDescription": "Apache APISIX contains an authentication bypass vulnerability that allows for remote code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-09-15", - "notes": "https://lists.apache.org/thread/lcdqywz8zy94mdysk7p3gfdgn51jmt94" - }, - { - "cveID": "CVE-2022-22963", - "vendorProject": "VMware Tanzu", - "product": "Spring Cloud", - "vulnerabilityName": "VMware Tanzu Spring Cloud Function Remote Code Execution Vulnerability", - "dateAdded": "2022-08-25", - "shortDescription": "When using routing functionality in VMware Tanzu\u0027s Spring Cloud Function, it is possible for a user to provide a specially crafted SpEL as a routing-expression that may result in remote code execution and access to local resources.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-09-15", - "notes": "https://tanzu.vmware.com/security/cve-2022-22963" - }, - { - "cveID": "CVE-2022-2294", - "vendorProject": "WebRTC", - "product": "WebRTC", - "vulnerabilityName": "WebRTC Heap Buffer Overflow Vulnerability", - "dateAdded": "2022-08-25", - "shortDescription": "WebRTC, an open-source project providing web browsers with real-time communication, contains a heap buffer overflow vulnerability which allows an attacker to perform shellcode execution. This vulnerability impacts web browsers using WebRTC including but not limited to Google Chrome.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-09-15", - "notes": "https://groups.google.com/g/discuss-webrtc/c/5KBtZx2gvcQ" - }, - { - "cveID": "CVE-2021-39226", - "vendorProject": "Grafana Labs", - "product": "Grafana", - "vulnerabilityName": "Grafana Authentication Bypass Vulnerability", - "dateAdded": "2022-08-25", - "shortDescription": "Grafana contains an authentication bypass vulnerability that allows authenticated and unauthenticated users to view and delete all snapshot data, potentially resulting in complete snapshot data loss.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-09-15", - "notes": "https://grafana.com/blog/2021/10/05/grafana-7.5.11-and-8.1.6-released-with-critical-security-fix/" - }, - { - "cveID": "CVE-2021-38406", - "vendorProject": "Delta Electronics", - "product": "DOPSoft 2", - "vulnerabilityName": "Delta Electronics DOPSoft 2 Improper Input Validation Vulnerability", - "dateAdded": "2022-08-25", - "shortDescription": "Delta Electronics DOPSoft 2 lacks proper validation of user-supplied data when parsing specific project files (improper input validation) resulting in an out-of-bounds write that allows for code execution.", - "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", - "dueDate": "2022-09-15", - "notes": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-252-02" - }, - { - "cveID": "CVE-2021-31010", - "vendorProject": "Apple", - "product": "iOS, macOS, watchOS", - "vulnerabilityName": "Apple iOS, macOS, watchOS Sanbox Bypass Vulnerability", - "dateAdded": "2022-08-25", - "shortDescription": "In affected versions of Apple iOS, macOS, and watchOS, a sandboxed process may be able to circumvent sandbox restrictions.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-09-15", - "notes": "https://support.apple.com/en-us/HT212804, https://support.apple.com/en-us/HT212805, https://support.apple.com/en-us/HT212806, https://support.apple.com/en-us/HT212807, https://support.apple.com/en-us/HT212824" - }, - { - "cveID": "CVE-2020-36193", - "vendorProject": "PEAR", - "product": "Archive_Tar", - "vulnerabilityName": "PEAR Archive_Tar Improper Link Resolution Vulnerability", - "dateAdded": "2022-08-25", - "shortDescription": "PEAR Archive_Tar Tar.php allows write operations with directory traversal due to inadequate checking of symbolic links. PEAR stands for PHP Extension and Application Repository and it is an open-source framework and distribution system for reusable PHP components with known usage in third-party products such as Drupal Core and Red Hat Linux.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-09-15", - "notes": "https://github.com/pear/Archive_Tar/commit/cde460582ff389404b5b3ccb59374e9b389de916, https://www.drupal.org/sa-core-2021-001, https://access.redhat.com/security/cve/cve-2020-36193" - }, - { - "cveID": "CVE-2020-28949", - "vendorProject": "PEAR", - "product": "Archive_Tar", - "vulnerabilityName": "PEAR Archive_Tar Deserialization of Untrusted Data Vulnerability", - "dateAdded": "2022-08-25", - "shortDescription": "PEAR Archive_Tar allows an unserialization attack because phar: is blocked but PHAR: is not blocked. PEAR stands for PHP Extension and Application Repository and it is an open-source framework and distribution system for reusable PHP components with known usage in third-party products such as Drupal Core and Red Hat Linux.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-09-15", - "notes": "https://pear.php.net/bugs/bug.php?id=27002, https://www.drupal.org/sa-core-2020-013, https://access.redhat.com/security/cve/cve-2020-28949" - }, - { - "cveID": "CVE-2022-3075", - "vendorProject": "Google", - "product": "Chromium", - "vulnerabilityName": "Google Chromium Insufficient Data Validation Vulnerability", - "dateAdded": "2022-09-08", - "shortDescription": "Google Chromium Mojo contains an insufficient data validation vulnerability. Impacts from exploitation are not yet known. This vulnerability affects web browsers that utilize Chromium, including Google Chrome and Microsoft Edge.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-09-29", - "notes": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop.html, https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3075" - }, - { - "cveID": "CVE-2022-28958", - "vendorProject": "D-Link", - "product": "DIR-816L", - "vulnerabilityName": "D-Link DIR-816L Remote Code Execution Vulnerability", - "dateAdded": "2022-09-08", - "shortDescription": "D-Link DIR-816L contains an unspecified vulnerability in the shareport.php value parameter which allows for remote code execution.", - "requiredAction": "This CVE is currently in disputed status. During the review process, agencies should update per vendor instructions.", - "dueDate": "2022-09-29", - "notes": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10300" - }, - { - "cveID": "CVE-2022-27593", - "vendorProject": "QNAP", - "product": "Photo Station", - "vulnerabilityName": "QNAP Photo Station Externally Controlled Reference Vulnerability", - "dateAdded": "2022-09-08", - "shortDescription": "Certain QNAP NAS running Photo Station with internet exposure contain an externally controlled reference to a resource vulnerability which can allow an attacker to modify system files. This vulnerability was observed being utilized in a Deadbolt ransomware campaign.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-09-29", - "notes": "https://www.qnap.com/en/security-advisory/qsa-22-24" - }, - { - "cveID": "CVE-2022-26258", - "vendorProject": "D-Link", - "product": "DIR-820L", - "vulnerabilityName": "D-Link DIR-820L Remote Code Execution Vulnerability", - "dateAdded": "2022-09-08", - "shortDescription": "D-Link DIR-820L contains an unspecified vulnerability in Device Name parameter in /lan.asp which allows for remote code execution.", - "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", - "dueDate": "2022-09-29", - "notes": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10295" - }, - { - "cveID": "CVE-2020-9934", - "vendorProject": "Apple", - "product": "iOS, iPadOS, and macOS", - "vulnerabilityName": "Apple iOS, iPadOS, and macOS Input Validation Vulnerability", - "dateAdded": "2022-09-08", - "shortDescription": "Apple iOS, iPadOS, and macOS contain an unspecified vulnerability involving input validation which can allow a local attacker to view sensitive user information.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-09-29", - "notes": "https://support.apple.com/en-us/HT211288, https://support.apple.com/en-us/HT211289" - }, - { - "cveID": "CVE-2018-7445", - "vendorProject": "MikroTik", - "product": "RouterOS", - "vulnerabilityName": "MikroTik RouterOS Stack-Based Buffer Overflow Vulnerability", - "dateAdded": "2022-09-08", - "shortDescription": "In MikroTik RouterOS, a stack-based buffer overflow occurs when processing NetBIOS session request messages. Remote attackers with access to the service can exploit this vulnerability and gain code execution on the system.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-09-29", - "notes": "https://www.coresecurity.com/core-labs/advisories/mikrotik-routeros-smb-buffer-overflow#vendor_update, https://mikrotik.com/download" - }, - { - "cveID": "CVE-2018-6530", - "vendorProject": "D-Link", - "product": "Multiple Routers", - "vulnerabilityName": "D-Link Multiple Routers OS Command Injection Vulnerability", - "dateAdded": "2022-09-08", - "shortDescription": "Multiple D-Link routers contain an unspecified vulnerability which allows for execution of OS commands.", - "requiredAction": "The vendor D-Link published an advisory stating the fix under CVE-2018-20114 properly patches KEV entry CVE-2018-6530. If the device is still supported, apply updates per vendor instructions. If the affected device has since entered its end-of-life, it should be disconnected if still in use.", - "dueDate": "2022-09-29", - "notes": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10105" - }, - { - "cveID": "CVE-2018-2628", - "vendorProject": "Oracle", - "product": "WebLogic Server", - "vulnerabilityName": "Oracle WebLogic Server Unspecified Vulnerability", - "dateAdded": "2022-09-08", - "shortDescription": "Oracle WebLogic Server contains an unspecified vulnerability which can allow an unauthenticated attacker with T3 network access to compromise the server.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-09-29", - "notes": "https://www.oracle.com/security-alerts/cpuapr2018.html" - }, - { - "cveID": "CVE-2018-13374", - "vendorProject": "Fortinet", - "product": "FortiOS and FortiADC", - "vulnerabilityName": "Fortinet FortiOS and FortiADC Improper Access Control Vulnerability", - "dateAdded": "2022-09-08", - "shortDescription": "Fortinet FortiOS and FortiADC contain an improper access control vulnerability which allows attackers to obtain the LDAP server login credentials configured in FortiGate by pointing a LDAP server connectivity test request to a rogue LDAP server.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-09-29", - "notes": "https://www.fortiguard.com/psirt/FG-IR-18-157" - }, - { - "cveID": "CVE-2017-5521", - "vendorProject": "NETGEAR", - "product": "Multiple Devices", - "vulnerabilityName": "NETGEAR Multiple Devices Exposure of Sensitive Information Vulnerability", - "dateAdded": "2022-09-08", - "shortDescription": "Multiple NETGEAR devices are prone to admin password disclosure via simple crafted requests to the web management server.", - "requiredAction": "Apply updates per vendor instructions. If the affected device has since entered end-of-life, it should be disconnected if still in use.", - "dueDate": "2022-09-29", - "notes": "https://kb.netgear.com/30632/Web-GUI-Password-Recovery-and-Exposure-Security-Vulnerability" - }, - { - "cveID": "CVE-2011-4723", - "vendorProject": "D-Link", - "product": "DIR-300 Router", - "vulnerabilityName": "D-Link DIR-300 Router Cleartext Storage of a Password Vulnerability", - "dateAdded": "2022-09-08", - "shortDescription": "The D-Link DIR-300 router stores cleartext passwords, which allows context-dependent attackers to obtain sensitive information.", - "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", - "dueDate": "2022-09-29", - "notes": "https://www.dlink.ru/mn/products/2/728.html" - }, - { - "cveID": "CVE-2011-1823", - "vendorProject": "Android", - "product": "Android OS", - "vulnerabilityName": "Android OS Privilege Escalation Vulnerability", - "dateAdded": "2022-09-08", - "shortDescription": "The vold volume manager daemon in Android kernel trusts messages from a PF_NETLINK socket, which allows an attacker to execute code and gain root privileges. This vulnerability is associated with GingerBreak and Exploit.AndroidOS.Lotoor.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-09-29", - "notes": "https://android.googlesource.com/platform/system/vold/+/c51920c82463b240e2be0430849837d6fdc5352e" - }, - { - "cveID": "CVE-2022-37969", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows Common Log File System (CLFS) Driver Privilege Escalation Vulnerability", - "dateAdded": "2022-09-14", - "shortDescription": "Microsoft Windows Common Log File System (CLFS) driver contains an unspecified vulnerability which allows for privilege escalation.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-10-05", - "notes": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-37969" - }, - { - "cveID": "CVE-2022-32917", - "vendorProject": "Apple", - "product": "iOS, iPadOS, and macOS", - "vulnerabilityName": "Apple iOS, iPadOS, and macOS Remote Code Execution Vulnerability", - "dateAdded": "2022-09-14", - "shortDescription": "Apple kernel, which is included in iOS, iPadOS, and macOS, contains an unspecified vulnerability where an application may be able to execute code with kernel privileges.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-10-05", - "notes": "https://support.apple.com/en-us/HT213445, https://support.apple.com/en-us/HT213444" - }, - { - "cveID": "CVE-2022-40139", - "vendorProject": "Trend Micro", - "product": "Apex One and Apex One as a Service", - "vulnerabilityName": "Trend Micro Apex One and Apex One as a Service Improper Validation Vulnerability", - "dateAdded": "2022-09-15", - "shortDescription": "Trend Micro Apex One and Apex One as a Service contain an improper validation of rollback mechanism components that could lead to remote code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-10-06", - "notes": "https://success.trendmicro.com/dcx/s/solution/000291528?language=en_US" - }, - { - "cveID": "CVE-2013-6282", - "vendorProject": "Linux", - "product": "Kernel", - "vulnerabilityName": "Linux Kernel Improper Input Validation Vulnerability", - "dateAdded": "2022-09-15", - "shortDescription": "The get_user and put_user API functions of the Linux kernel fail to validate the target address when being used on ARM v6k/v7 platforms. This allows an application to read and write kernel memory which could lead to privilege escalation.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-10-06", - "notes": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=8404663f81d212918ff85f493649a7991209fa04" - }, - { - "cveID": "CVE-2013-2597", - "vendorProject": "Code Aurora", - "product": "ACDB Audio Driver", - "vulnerabilityName": "Code Aurora ACDB Audio Driver Stack-based Buffer Overflow Vulnerability", - "dateAdded": "2022-09-15", - "shortDescription": "The Code Aurora audio calibration database (acdb) audio driver contains a stack-based buffer overflow vulnerability which allows for privilege escalation. Code Aurora is used in third-party products such as Qualcomm and Android.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-10-06", - "notes": "https://web.archive.org/web/20161226013354/https:/www.codeaurora.org/news/security-advisories/stack-based-buffer-overflow-acdb-audio-driver-cve-2013-2597" - }, - { - "cveID": "CVE-2013-2596", - "vendorProject": "Linux", - "product": "Kernel", - "vulnerabilityName": "Linux Kernel Integer Overflow Vulnerability", - "dateAdded": "2022-09-15", - "shortDescription": "Linux kernel fb_mmap function in drivers/video/fbmem.c contains an integer overflow vulnerability which allows for privilege escalation.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-10-06", - "notes": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=fc9bbca8f650e5f738af8806317c0a041a48ae4a" - }, - { - "cveID": "CVE-2013-2094", - "vendorProject": "Linux", - "product": "Kernel", - "vulnerabilityName": "Linux Kernel Privilege Escalation Vulnerability", - "dateAdded": "2022-09-15", - "shortDescription": "Linux kernel fails to check all 64 bits of attr.config passed by user space, resulting to out-of-bounds access of the perf_swevent_enabled array in sw_perf_event_destroy(). Explotation allows for privilege escalation.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-10-06", - "notes": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=8176cced706b5e5d15887584150764894e94e02f" - }, - { - "cveID": "CVE-2010-2568", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows Remote Code Execution Vulnerability", - "dateAdded": "2022-09-15", - "shortDescription": "Microsoft Windows incorrectly parses shortcuts in such a way that malicious code may be executed when the operating system displays the icon of a malicious shortcut file. An attacker who successfully exploited this vulnerability could execute code as the logged-on user.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-10-06", - "notes": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-046" - }, - { - "cveID": "CVE-2022-35405", - "vendorProject": "Zoho", - "product": "ManageEngine", - "vulnerabilityName": "Zoho ManageEngine Multiple Products Remote Code Execution Vulnerability", - "dateAdded": "2022-09-22", - "shortDescription": "Zoho ManageEngine PAM360, Password Manager Pro, and Access Manager Plus contain an unspecified vulnerability which allows for remote code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-10-13", - "notes": "https://www.manageengine.com/products/passwordmanagerpro/advisory/cve-2022-35405.html" - }, - { - "cveID": "CVE-2022-3236", - "vendorProject": "Sophos", - "product": "Firewall", - "vulnerabilityName": "Sophos Firewall Code Injection Vulnerability", - "dateAdded": "2022-09-23", - "shortDescription": "A code injection vulnerability in the User Portal and Webadmin of Sophos Firewall allows for remote code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-10-14", - "notes": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220923-sfos-rce" - }, - { - "cveID": "CVE-2022-41082", - "vendorProject": "Microsoft", - "product": "Exchange Server", - "vulnerabilityName": "Microsoft Exchange Server Remote Code Execution Vulnerability", - "dateAdded": "2022-09-30", - "shortDescription": "Microsoft Exchange Server contains an unspecified vulnerability which allows for authenticated remote code execution. Dubbed \"ProxyNotShell,\" this vulnerability is chainable with CVE-2022-41040 which allows for the remote code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-10-21", - "notes": "https://msrc-blog.microsoft.com/2022/09/29/customer-guidance-for-reported-zero-day-vulnerabilities-in-microsoft-exchange-server/" - }, - { - "cveID": "CVE-2022-41040", - "vendorProject": "Microsoft", - "product": "Exchange Server", - "vulnerabilityName": "Microsoft Exchange Server Server-Side Request Forgery Vulnerability", - "dateAdded": "2022-09-30", - "shortDescription": "Microsoft Exchange Server allows for server-side request forgery. Dubbed \"ProxyNotShell,\" this vulnerability is chainable with CVE-2022-41082 which allows for remote code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-10-21", - "notes": "https://msrc-blog.microsoft.com/2022/09/29/customer-guidance-for-reported-zero-day-vulnerabilities-in-microsoft-exchange-server/" - }, - { - "cveID": "CVE-2022-36804", - "vendorProject": "Atlassian", - "product": "Bitbucket Server and Data Center", - "vulnerabilityName": "Atlassian Bitbucket Server and Data Center Command Injection Vulnerability", - "dateAdded": "2022-09-30", - "shortDescription": "Multiple API endpoints of Atlassian Bitbucket Server and Data Center contain a command injection vulnerability where an attacker with access to a public Bitbucket repository, or with read permissions to a private one, can execute code by sending a malicious HTTP request.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-10-21", - "notes": "https://jira.atlassian.com/browse/BSERV-13438" - }, - { - "cveID": "CVE-2022-40684", - "vendorProject": "Fortinet", - "product": "Multiple Products", - "vulnerabilityName": "Fortinet Multiple Products Authentication Bypass Vulnerability", - "dateAdded": "2022-10-11", - "shortDescription": "Fortinet FortiOS, FortiProxy, and FortiSwitchManager contain an authentication bypass vulnerability that could allow an unauthenticated attacker to perform operations on the administrative interface via specially crafted HTTP or HTTPS requests.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-11-01", - "notes": "https://www.fortiguard.com/psirt/FG-IR-22-377" - }, - { - "cveID": "CVE-2022-41033", - "vendorProject": "Microsoft", - "product": "Windows COM+ Event System Service", - "vulnerabilityName": "Microsoft Windows COM+ Event System Service Privilege Escalation Vulnerability", - "dateAdded": "2022-10-11", - "shortDescription": "Microsoft Windows COM+ Event System Service contains an unspecified vulnerability that allows for privilege escalation.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-11-01", - "notes": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-41033" - }, - { - "cveID": "CVE-2022-41352", - "vendorProject": "Zimbra", - "product": "Collaboration (ZCS)", - "vulnerabilityName": "Zimbra Collaboration (ZCS) Arbitrary File Upload Vulnerability", - "dateAdded": "2022-10-20", - "shortDescription": "Zimbra Collaboration (ZCS) allows an attacker to upload arbitrary files using cpio package to gain incorrect access to any other user accounts.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-11-10", - "notes": "https://wiki.zimbra.com/wiki/Security_Center" - }, - { - "cveID": "CVE-2021-3493", - "vendorProject": "Linux", - "product": "Kernel", - "vulnerabilityName": "Linux Kernel Privilege Escalation Vulnerability", - "dateAdded": "2022-10-20", - "shortDescription": "The overlayfs stacking file system in Linux kernel does not properly validate the application of file capabilities against user namespaces, which could lead to privilege escalation.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-11-10", - "notes": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7c03e2cda4a584cadc398e8f6641ca9988a39d52" - }, - { - "cveID": "CVE-2020-3433", - "vendorProject": "Cisco", - "product": "AnyConnect Secure", - "vulnerabilityName": "Cisco AnyConnect Secure Mobility Client for Windows DLL Hijacking Vulnerability", - "dateAdded": "2022-10-24", - "shortDescription": "Cisco AnyConnect Secure Mobility Client for Windows interprocess communication (IPC) channel allows for insufficient validation of resources that are loaded by the application at run time. An attacker with valid credentials on Windows could execute code on the affected machine with SYSTEM privileges.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-11-14", - "notes": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-dll-F26WwJW" - }, - { - "cveID": "CVE-2020-3153", - "vendorProject": "Cisco", - "product": "AnyConnect Secure", - "vulnerabilityName": "Cisco AnyConnect Secure Mobility Client for Windows Uncontrolled Search Path Vulnerability", - "dateAdded": "2022-10-24", - "shortDescription": "Cisco AnyConnect Secure Mobility Client for Windows allows for incorrect handling of directory paths. An attacker with valid credentials on Windows would be able to copy malicious files to arbitrary locations with system level privileges. This could include DLL pre-loading, DLL hijacking, and other related attacks.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-11-14", - "notes": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ac-win-path-traverse-qO4HWBsj" - }, - { - "cveID": "CVE-2018-19323", - "vendorProject": "GIGABYTE", - "product": "Multiple Products", - "vulnerabilityName": "GIGABYTE Multiple Products Privilege Escalation Vulnerability", - "dateAdded": "2022-10-24", - "shortDescription": "The GPCIDrv and GDrv low-level drivers in GIGABYTE App Center, AORUS Graphics Engine, XTREME Gaming Engine, and OC GURU expose functionality to read and write arbitrary physical memory. This could be leveraged by a local attacker to elevate privileges.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-11-14", - "notes": "https://www.gigabyte.com/Support/Security/1801" - }, - { - "cveID": "CVE-2018-19322", - "vendorProject": "GIGABYTE", - "product": "Multiple Products", - "vulnerabilityName": "GIGABYTE Multiple Products Code Execution Vulnerability", - "dateAdded": "2022-10-24", - "shortDescription": "The GPCIDrv and GDrv low-level drivers in GIGABYTE App Center, AORUS Graphics Engine, XTREME Gaming Engine, and OC GURU II expose functionality to read/write data from/to IO ports. This could be leveraged in a number of ways to ultimately run code with elevated privileges.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-11-14", - "notes": "https://www.gigabyte.com/Support/Security/1801" - }, - { - "cveID": "CVE-2018-19321", - "vendorProject": "GIGABYTE", - "product": "Multiple Products", - "vulnerabilityName": "GIGABYTE Multiple Products Privilege Escalation Vulnerability", - "dateAdded": "2022-10-24", - "shortDescription": "The GPCIDrv and GDrv low-level drivers in GIGABYTE App Center, AORUS Graphics Engine, XTREME Gaming Engine, and OC GURU II expose functionality to read and write arbitrary physical memory. This could be leveraged by a local attacker to elevate privileges.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-11-14", - "notes": "https://www.gigabyte.com/Support/Security/1801" - }, - { - "cveID": "CVE-2018-19320", - "vendorProject": "GIGABYTE", - "product": "Multiple Products", - "vulnerabilityName": "GIGABYTE Multiple Products Unspecified Vulnerability", - "dateAdded": "2022-10-24", - "shortDescription": "The GDrv low-level driver in GIGABYTE App Center, AORUS Graphics Engine, XTREME Gaming Engine, and OC GURU II exposes ring0 memcpy-like functionality that could allow a local attacker to take complete control of the affected system.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-11-14", - "notes": "https://www.gigabyte.com/Support/Security/1801" - }, - { - "cveID": "CVE-2022-42827", - "vendorProject": "Apple", - "product": "iOS and iPadOS", - "vulnerabilityName": "Apple iOS and iPadOS Out-of-Bounds Write Vulnerability", - "dateAdded": "2022-10-25", - "shortDescription": "Apple iOS and iPadOS kernel contain an out-of-bounds write vulnerability which can allow an application to perform code execution with kernel privileges.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-11-15", - "notes": "https://support.apple.com/en-us/HT213489" - }, - { - "cveID": "CVE-2022-3723", - "vendorProject": "Google", - "product": "Chromium V8 Engine", - "vulnerabilityName": "Google Chromium V8 Type Confusion Vulnerability", - "dateAdded": "2022-10-28", - "shortDescription": "Google Chromium V8 contains a type confusion vulnerability. Specific impacts from exploitation are not available at this time.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-11-18", - "notes": "https://chromereleases.googleblog.com/2022/10/stable-channel-update-for-desktop_27.html" - }, - { - "cveID": "CVE-2022-41091", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows Mark of the Web (MOTW) Security Feature Bypass Vulnerability", - "dateAdded": "2022-11-08", - "shortDescription": "Microsoft Windows Mark of the Web (MOTW) contains a security feature bypass vulnerability resulting in a limited loss of integrity and availability of security features.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-12-09", - "notes": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41091" - }, - { - "cveID": "CVE-2022-41073", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows Print Spooler Privilege Escalation Vulnerability", - "dateAdded": "2022-11-08", - "shortDescription": "Microsoft Windows Print Spooler contains an unspecified vulnerability which allows an attacker to gain SYSTEM-level privileges.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-12-09", - "notes": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41073" - }, - { - "cveID": "CVE-2022-41125", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows CNG Key Isolation Service Privilege Escalation Vulnerability", - "dateAdded": "2022-11-08", - "shortDescription": "Microsoft Windows Cryptographic Next Generation (CNG) Key Isolation Service contains an unspecified vulnerability which allows an attacker to gain SYSTEM-level privileges.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-12-09", - "notes": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41125" - }, - { - "cveID": "CVE-2022-41128", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows Scripting Languages Remote Code Execution Vulnerability", - "dateAdded": "2022-11-08", - "shortDescription": "Microsoft Windows contains an unspecified vulnerability in the JScript9 scripting language which allows for remote code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-12-09", - "notes": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41128" - }, - { - "cveID": "CVE-2021-25337", - "vendorProject": "Samsung", - "product": "Mobile Devices", - "vulnerabilityName": "Samsung Mobile Devices Improper Access Control Vulnerability", - "dateAdded": "2022-11-08", - "shortDescription": "Samsung mobile devices contain an improper access control vulnerability in clipboard service which allows untrusted applications to read or write arbitrary files. This vulnerability was chained with CVE-2021-25369 and CVE-2021-25370.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-11-29", - "notes": "https://security.samsungmobile.com/securityUpdate.smsb" - }, - { - "cveID": "CVE-2021-25369", - "vendorProject": "Samsung", - "product": "Mobile Devices", - "vulnerabilityName": "Samsung Mobile Devices Improper Access Control Vulnerability", - "dateAdded": "2022-11-08", - "shortDescription": "Samsung mobile devices using Mali GPU contains an improper access control vulnerability in sec_log file. Exploitation of the vulnerability exposes sensitive kernel information to the userspace. This vulnerability was chained with CVE-2021-25337 and CVE-2021-25370.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-11-29", - "notes": "https://security.samsungmobile.com/securityUpdate.smsb" - }, - { - "cveID": "CVE-2021-25370", - "vendorProject": "Samsung", - "product": "Mobile Devices", - "vulnerabilityName": "Samsung Mobile Devices Memory Corruption Vulnerability", - "dateAdded": "2022-11-08", - "shortDescription": "Samsung mobile devices using Mali GPU contain an incorrect implementation handling file descriptor in dpu driver. This incorrect implementation results in memory corruption, leading to kernel panic. This vulnerability was chained with CVE-2021-25337 and CVE-2021-25369.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-11-29", - "notes": "https://security.samsungmobile.com/securityUpdate.smsb" - }, - { - "cveID": "CVE-2022-41049", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows Mark of the Web (MOTW) Security Feature Bypass Vulnerability", - "dateAdded": "2022-11-14", - "shortDescription": "Microsoft Windows Mark of the Web (MOTW) contains a security feature bypass vulnerability resulting in a limited loss of integrity and availability of security features.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-12-09", - "notes": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-41049" - }, - { - "cveID": "CVE-2021-35587", - "vendorProject": "Oracle", - "product": "Fusion Middleware", - "vulnerabilityName": "Oracle Fusion Middleware Unspecified Vulnerability", - "dateAdded": "2022-11-28", - "shortDescription": "Oracle Fusion Middleware Access Manager allows an unauthenticated attacker with network access via HTTP to takeover the Access Manager product.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-12-19", - "notes": "https://www.oracle.com/security-alerts/cpujan2022.html" - }, - { - "cveID": "CVE-2022-4135", - "vendorProject": "Google", - "product": "Chromium", - "vulnerabilityName": "Google Chromium Heap Buffer Overflow Vulnerability", - "dateAdded": "2022-11-28", - "shortDescription": "Google Chromium GPU contains a heap buffer overflow vulnerability that allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. This vulnerability affects web browsers that utilize Chromium, including Google Chrome and Microsoft Edge.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-12-19", - "notes": "https://chromereleases.googleblog.com/2022/11/stable-channel-update-for-desktop_24.html" - }, - { - "cveID": "CVE-2022-4262", - "vendorProject": "Google", - "product": "Chromium V8 Engine", - "vulnerabilityName": "Google Chromium V8 Type Confusion Vulnerability", - "dateAdded": "2022-12-05", - "shortDescription": "Google Chromium V8 contains a type confusion vulnerability. Specific impacts from exploitation are not available at this time.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2022-12-26", - "notes": "https://chromereleases.googleblog.com/2022/12/stable-channel-update-for-desktop.html" - }, - { - "cveID": "CVE-2022-42475", - "vendorProject": "Fortinet", - "product": "FortiOS", - "vulnerabilityName": "Fortinet FortiOS Heap-Based Buffer Overflow Vulnerability", - "dateAdded": "2022-12-13", - "shortDescription": "Multiple versions of Fortinet FortiOS SSL-VPN contain a heap-based buffer overflow vulnerability which can allow an unauthenticated, remote attacker to execute arbitrary code or commands via specifically crafted requests.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2023-01-03", - "notes": "https://www.fortiguard.com/psirt/FG-IR-22-398" - }, - { - "cveID": "CVE-2022-44698", - "vendorProject": "Microsoft", - "product": "Defender", - "vulnerabilityName": "Microsoft Defender SmartScreen Security Feature Bypass Vulnerability", - "dateAdded": "2022-12-13", - "shortDescription": "Microsoft Defender SmartScreen contains a security feature bypass vulnerability that could allow an attacker to evade Mark of the Web (MOTW) defenses via a specially crafted malicious file.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2023-01-03", - "notes": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44698" - }, - { - "cveID": "CVE-2022-27518", - "vendorProject": "Citrix", - "product": "Application Delivery Controller (ADC) and Gateway", - "vulnerabilityName": "Citrix Application Delivery Controller (ADC) and Gateway Authentication Bypass Vulnerability", - "dateAdded": "2022-12-13", - "shortDescription": "Citrix Application Delivery Controller (ADC) and Gateway, when configured with SAML SP or IdP configuration, contain an authentication bypass vulnerability which allows an attacker to execute code as administrator.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2023-01-03", - "notes": "https://www.citrix.com/blogs/2022/12/13/critical-security-update-now-available-for-citrix-adc-citrix-gateway/" - }, - { - "cveID": "CVE-2022-26500", - "vendorProject": "Veeam", - "product": "Backup \u0026 Replication", - "vulnerabilityName": "Veeam Backup \u0026 Replication Remote Code Execution Vulnerability", - "dateAdded": "2022-12-13", - "shortDescription": "The Veeam Distribution Service in the Backup \u0026 Replication application allows unauthenticated users to access internal API functions. A remote attacker can send input to the internal API which may lead to uploading and executing of malicious code.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2023-01-03", - "notes": "https://www.veeam.com/kb4288" - }, - { - "cveID": "CVE-2022-26501", - "vendorProject": "Veeam", - "product": "Backup \u0026 Replication", - "vulnerabilityName": "Veeam Backup \u0026 Replication Remote Code Execution Vulnerability", - "dateAdded": "2022-12-13", - "shortDescription": "The Veeam Distribution Service in the Backup \u0026 Replication application allows unauthenticated users to access internal API functions. A remote attacker can send input to the internal API which may lead to uploading and executing of malicious code.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2023-01-03", - "notes": "https://www.veeam.com/kb4288" - }, - { - "cveID": "CVE-2022-42856", - "vendorProject": "Apple", - "product": "iOS", - "vulnerabilityName": "Apple iOS Type Confusion Vulnerability", - "dateAdded": "2022-12-14", - "shortDescription": "Apple iOS contains a type confusion vulnerability when processing maliciously crafted web content leading to code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2023-01-04", - "notes": "https://support.apple.com/en-us/HT213516" - }, - { - "cveID": "CVE-2018-5430", - "vendorProject": "TIBCO", - "product": "JasperReports", - "vulnerabilityName": "TIBCO JasperReports Server Information Disclosure Vulnerability", - "dateAdded": "2022-12-29", - "shortDescription": "TIBCO JasperReports Server contain a vulnerability which may allow any authenticated user read-only access to the contents of the web application, including key configuration files.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2023-01-19", - "notes": "https://www.tibco.com/support/advisories/2018/04/tibco-security-advisory-april-17-2018-tibco-jasperreports-2018-5430" - }, - { - "cveID": "CVE-2018-18809", - "vendorProject": "TIBCO", - "product": "JasperReports", - "vulnerabilityName": "TIBCO JasperReports Library Directory Traversal Vulnerability", - "dateAdded": "2022-12-29", - "shortDescription": "TIBCO JasperReports Library contains a directory-traversal vulnerability that may allow web server users to access contents of the host system.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2023-01-19", - "notes": "https://www.tibco.com/support/advisories/2019/03/tibco-security-advisory-march-6-2019-tibco-jasperreports-library-2018-18809" - }, - { - "cveID": "CVE-2022-41080", - "vendorProject": "Microsoft", - "product": "Exchange Server", - "vulnerabilityName": "Microsoft Exchange Server Privilege Escalation Vulnerability", - "dateAdded": "2023-01-10", - "shortDescription": "Microsoft Exchange Server contains an unspecified vulnerability that allows for privilege escalation. This vulnerability is chainable with CVE-2022-41082, which allows for remote code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2023-01-31", - "notes": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-41080" - }, - { - "cveID": "CVE-2023-21674", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows Advanced Local Procedure Call (ALPC) Privilege Escalation Vulnerability", - "dateAdded": "2023-01-10", - "shortDescription": "Microsoft Windows Advanced Local Procedure Call (ALPC) contains an unspecified vulnerability that allows for privilege escalation.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2023-01-31", - "notes": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-21674" - }, - { - "cveID": "CVE-2022-44877", - "vendorProject": "CWP", - "product": "Control Web Panel", - "vulnerabilityName": "CWP Control Web Panel OS Command Injection Vulnerability", - "dateAdded": "2023-01-17", - "shortDescription": "CWP Control Web Panel (formerly CentOS Web Panel) contains an OS command injection vulnerability that allows remote attackers to execute commands via shell metacharacters in the login parameter.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2023-02-07", - "notes": "https://control-webpanel.com/changelog#1669855527714-450fb335-6194" - }, - { - "cveID": "CVE-2022-47966", - "vendorProject": "Zoho", - "product": "ManageEngine", - "vulnerabilityName": "Zoho ManageEngine Multiple Products Remote Code Execution Vulnerability", - "dateAdded": "2023-01-23", - "shortDescription": "Multiple Zoho ManageEngine products contain an unauthenticated remote code execution vulnerability due to the usage of an outdated third-party dependency, Apache Santuario.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2023-02-13", - "notes": "https://www.manageengine.com/security/advisory/CVE/cve-2022-47966.html" - }, - { - "cveID": "CVE-2017-11357", - "vendorProject": "Telerik", - "product": "User Interface (UI) for ASP.NET AJAX", - "vulnerabilityName": "Telerik UI for ASP.NET AJAX Insecure Direct Object Reference Vulnerability", - "dateAdded": "2023-01-26", - "shortDescription": "Telerik UI for ASP.NET AJAX contains an insecure direct object reference vulnerability in RadAsyncUpload that can result in file uploads in a limited location and/or remote code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2023-02-16", - "notes": "https://docs.telerik.com/devtools/aspnet-ajax/knowledge-base/asyncupload-insecure-direct-object-reference" - }, - { - "cveID": "CVE-2022-21587", - "vendorProject": "Oracle", - "product": "E-Business Suite", - "vulnerabilityName": "Oracle E-Business Suite Unspecified Vulnerability", - "dateAdded": "2023-02-02", - "shortDescription": "Oracle E-Business Suite contains an unspecified vulnerability that allows an unauthenticated attacker with network access via HTTP to compromise Oracle Web Applications Desktop Integrator.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2023-02-23", - "notes": "https://www.oracle.com/security-alerts/cpuoct2022.html" - }, - { - "cveID": "CVE-2023-22952", - "vendorProject": "SugarCRM", - "product": "Multiple Products", - "vulnerabilityName": "Multiple SugarCRM Products Remote Code Execution Vulnerability", - "dateAdded": "2023-02-02", - "shortDescription": "Multiple SugarCRM products contain a remote code execution vulnerability in the EmailTemplates. Using a specially crafted request, custom PHP code can be injected through the EmailTemplates.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2023-02-23", - "notes": "https://support.sugarcrm.com/Resources/Security/sugarcrm-sa-2023-001/" - }, - { - "cveID": "CVE-2015-2291", - "vendorProject": "Intel", - "product": "Ethernet Diagnostics Driver for Windows", - "vulnerabilityName": "Intel Ethernet Diagnostics Driver for Windows Denial-of-Service Vulnerability", - "dateAdded": "2023-02-10", - "shortDescription": "Intel ethernet diagnostics driver for Windows IQVW32.sys and IQVW64.sys contain an unspecified vulnerability that allows for a denial-of-service.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2023-03-03", - "notes": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00051.html" - }, - { - "cveID": "CVE-2022-24990", - "vendorProject": "TerraMaster", - "product": "TerraMaster OS", - "vulnerabilityName": "TerraMaster OS Remote Command Execution Vulnerability", - "dateAdded": "2023-02-10", - "shortDescription": "TerraMaster OS contains a remote command execution vulnerability that allows an unauthenticated user to execute commands on the target endpoint.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2023-03-03", - "notes": "https://forum.terra-master.com/en/viewtopic.php?t=3030" - }, - { - "cveID": "CVE-2023-0669", - "vendorProject": "Fortra", - "product": "GoAnywhere MFT", - "vulnerabilityName": "Fortra GoAnywhere MFT Remote Code Execution Vulnerability", - "dateAdded": "2023-02-10", - "shortDescription": "Fortra (formerly, HelpSystems) GoAnywhere MFT contains a pre-authentication remote code execution vulnerability in the License Response Servlet due to deserializing an attacker-controlled object.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2023-03-03", - "notes": "Fortra users must have an account in order to login and access the patch. https://my.goanywhere.com/webclient/DownloadProductFiles.xhtml" - }, - { - "cveID": "CVE-2023-21715", - "vendorProject": "Microsoft", - "product": "Office", - "vulnerabilityName": "Microsoft Office Publisher Security Feature Bypass Vulnerability", - "dateAdded": "2023-02-14", - "shortDescription": "Microsoft Office Publisher contains a security feature bypass vulnerability which allows for a local, authenticated attack on a targeted system.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2023-03-07", - "notes": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-21715" - }, - { - "cveID": "CVE-2023-23376", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows Common Log File System (CLFS) Driver Privilege Escalation Vulnerability", - "dateAdded": "2023-02-14", - "shortDescription": "Microsoft Windows Common Log File System (CLFS) driver contains an unspecified vulnerability which allows for privilege escalation.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2023-03-07", - "notes": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-23376" - }, - { - "cveID": "CVE-2023-23529", - "vendorProject": "Apple", - "product": "Multiple Products", - "vulnerabilityName": "Apple Multiple Products WebKit Type Confusion Vulnerability", - "dateAdded": "2023-02-14", - "shortDescription": "WebKit in Apple iOS, MacOS, Safari and iPadOS contains a type confusion vulnerability that may lead to code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2023-03-07", - "notes": "https://support.apple.com/en-us/HT213635, https://support.apple.com/en-us/HT213633, https://support.apple.com/en-us/HT213638" - }, - { - "cveID": "CVE-2023-21823", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows Graphic Component Privilege Escalation Vulnerability", - "dateAdded": "2023-02-14", - "shortDescription": "Microsoft Windows Graphic Component contains an unspecified vulnerability which allows for privilege escalation.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2023-03-07", - "notes": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-21823" - }, - { - "cveID": "CVE-2022-46169", - "vendorProject": "Cacti", - "product": "Cacti", - "vulnerabilityName": "Cacti Command Injection Vulnerability", - "dateAdded": "2023-02-16", - "shortDescription": "Cacti contains a command injection vulnerability that allows an unauthenticated user to execute code.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2023-03-09", - "notes": "https://github.com/Cacti/cacti/security/advisories/GHSA-6p93-p743-35gf" - }, - { - "cveID": "CVE-2022-47986", - "vendorProject": "IBM", - "product": "Aspera Faspex", - "vulnerabilityName": "IBM Aspera Faspex Code Execution Vulnerability", - "dateAdded": "2023-02-21", - "shortDescription": "IBM Aspera Faspex could allow a remote attacker to execute code on the system, caused by a YAML deserialization flaw.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2023-03-14", - "notes": "https://exchange.xforce.ibmcloud.com/vulnerabilities/243512?_ga=2.189195179.1800390251.1676559338-700333034.1676325890" - }, - { - "cveID": "CVE-2022-41223", - "vendorProject": "Mitel", - "product": "MiVoice Connect", - "vulnerabilityName": "Mitel MiVoice Connect Code Injection Vulnerability", - "dateAdded": "2023-02-21", - "shortDescription": "The Director component in Mitel MiVoice Connect allows an authenticated attacker with internal network access to execute code within the context of the application.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2023-03-14", - "notes": "https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-22-0008" - }, - { - "cveID": "CVE-2022-40765", - "vendorProject": "Mitel", - "product": "MiVoice Connect", - "vulnerabilityName": "Mitel MiVoice Connect Command Injection Vulnerability", - "dateAdded": "2023-02-21", - "shortDescription": "The Mitel Edge Gateway component of MiVoice Connect allows an authenticated attacker with internal network access to execute commands within the context of the system.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2023-03-14", - "notes": "https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-22-0007" - }, - { - "cveID": "CVE-2022-36537", - "vendorProject": "ZK Framework", - "product": "AuUploader", - "vulnerabilityName": "ZK Framework AuUploader Unspecified Vulnerability", - "dateAdded": "2023-02-27", - "shortDescription": "ZK Framework AuUploader servlets contain an unspecified vulnerability that could allow an attacker to retrieve the content of a file located in the web context. The ZK Framework is an open-source Java framework. This vulnerability can impact multiple products, including but not limited to ConnectWise R1Soft Server Backup Manager.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2023-03-20", - "notes": "https://tracker.zkoss.org/browse/ZK-5150" - }, - { - "cveID": "CVE-2022-28810", - "vendorProject": "Zoho", - "product": "ManageEngine", - "vulnerabilityName": "Zoho ManageEngine ADSelfService Plus Remote Code Execution Vulnerability", - "dateAdded": "2023-03-07", - "shortDescription": "Multiple Zoho ManageEngine ADSelfService Plus contains an unspecified vulnerability allowing for remote code execution when performing a password change or reset.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2023-03-28", - "notes": "https://www.manageengine.com/products/self-service-password/advisory/CVE-2022-28810.html" - }, - { - "cveID": "CVE-2022-33891", - "vendorProject": "Apache", - "product": "Spark", - "vulnerabilityName": "Apache Spark Command Injection Vulnerability", - "dateAdded": "2023-03-07", - "shortDescription": "Apache Spark contains a command injection vulnerability via Spark User Interface (UI) when Access Control Lists (ACLs) are enabled.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2023-03-28", - "notes": "https://lists.apache.org/thread/p847l3kopoo5bjtmxrcwk21xp6tjxqlc" - }, - { - "cveID": "CVE-2022-35914", - "vendorProject": "Teclib", - "product": "GLPI", - "vulnerabilityName": "Teclib GLPI Remote Code Execution Vulnerability", - "dateAdded": "2023-03-07", - "shortDescription": "Teclib GLPI contains a remote code execution vulnerability in the third-party library, htmlawed.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2023-03-28", - "notes": "https://glpi-project.org/fr/glpi-10-0-3-disponible/, http://www.bioinformatics.org/phplabware/sourceer/sourceer.php?\u0026Sfs=htmLawedTest.php\u0026Sl=.%2Finternal_utilities%2FhtmLawed." - }, - { - "cveID": "CVE-2021-39144", - "vendorProject": "XStream", - "product": "XStream", - "vulnerabilityName": "XStream Remote Code Execution Vulnerability", - "dateAdded": "2023-03-10", - "shortDescription": "XStream contains a remote code execution vulnerability that allows an attacker to manipulate the processed input stream and replace or inject objects that result in the execution of a local command on the server. This vulnerability can affect multiple products, including but not limited to VMware Cloud Foundation.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2023-03-31", - "notes": "https://www.vmware.com/security/advisories/VMSA-2022-0027.html, https://x-stream.github.io/CVE-2021-39144.html" - }, - { - "cveID": "CVE-2020-5741", - "vendorProject": "Plex", - "product": "Media Server", - "vulnerabilityName": "Plex Media Server Remote Code Execution Vulnerability", - "dateAdded": "2023-03-10", - "shortDescription": "Plex Media Server contains a remote code execution vulnerability that allows an attacker with access to the server administrator's Plex account to upload a malicious file via the Camera Upload feature and have the media server execute it.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2023-03-31", - "notes": "https://forums.plex.tv/t/security-regarding-cve-2020-5741/586819" - }, - { - "cveID": "CVE-2023-23397", - "vendorProject": "Microsoft", - "product": "Office", - "vulnerabilityName": "Microsoft Office Outlook Privilege Escalation Vulnerability", - "dateAdded": "2023-03-14", - "shortDescription": "Microsoft Office Outlook contains a privilege escalation vulnerability that allows for a NTLM Relay attack against another service to authenticate as the user.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2023-04-04", - "notes": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-23397, https://msrc.microsoft.com/blog/2023/03/microsoft-mitigates-outlook-elevation-of-privilege-vulnerability/," - }, - { - "cveID": "CVE-2023-24880", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows SmartScreen Security Feature Bypass Vulnerability", - "dateAdded": "2023-03-14", - "shortDescription": "Microsoft Windows SmartScreen contains a security feature bypass vulnerability that could allow an attacker to evade Mark of the Web (MOTW) defenses via a specially crafted malicious file.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2023-04-04", - "notes": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-24880" - }, - { - "cveID": "CVE-2022-41328", - "vendorProject": "Fortinet", - "product": "FortiOS", - "vulnerabilityName": "Fortinet FortiOS Path Traversal Vulnerability", - "dateAdded": "2023-03-14", - "shortDescription": "Fortinet FortiOS contains a path traversal vulnerability that may allow a local privileged attacker to read and write files via crafted CLI commands.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2023-04-04", - "notes": "https://www.fortiguard.com/psirt/FG-IR-22-369" - }, - { - "cveID": "CVE-2023-26360", - "vendorProject": "Adobe", - "product": "ColdFusion", - "vulnerabilityName": "Adobe ColdFusion Deserialization of Untrusted Data Vulnerability", - "dateAdded": "2023-03-15", - "shortDescription": "Adobe ColdFusion contains a deserialization of untrusted data vulnerability that allows for remote code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2023-04-05", - "notes": "https://helpx.adobe.com/security/products/coldfusion/apsb23-25.html" - }, - { - "cveID": "CVE-2013-3163", - "vendorProject": "Microsoft", - "product": "Internet Explorer", - "vulnerabilityName": "Microsoft Internet Explorer Memory Corruption Vulnerability", - "dateAdded": "2023-03-30", - "shortDescription": "Microsoft Internet Explorer contains a memory corruption vulnerability that allows remote attackers to execute code or cause a denial of service via a crafted website.", - "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", - "dueDate": "2023-04-20", - "notes": "https://learn.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-055" - }, - { - "cveID": "CVE-2017-7494", - "vendorProject": "Samba", - "product": "Samba", - "vulnerabilityName": "Samba Remote Code Execution Vulnerability", - "dateAdded": "2023-03-30", - "shortDescription": "Samba contains a remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share and then cause the server to load and execute it.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2023-04-20", - "notes": "https://www.samba.org/samba/security/CVE-2017-7494.html" - }, - { - "cveID": "CVE-2022-42948", - "vendorProject": "Fortra", - "product": "Cobalt Strike", - "vulnerabilityName": "Fortra Cobalt Strike User Interface Remote Code Execution Vulnerability", - "dateAdded": "2023-03-30", - "shortDescription": "Fortra Cobalt Strike User Interface contains an unspecified vulnerability rooted in Java Swing that may allow remote code execution.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2023-04-20", - "notes": "https://www.cobaltstrike.com/blog/out-of-band-update-cobalt-strike-4-7-2/" - }, - { - "cveID": "CVE-2022-39197", - "vendorProject": "Fortra", - "product": "Cobalt Strike", - "vulnerabilityName": "Fortra Cobalt Strike Teamserver Cross-Site Scripting (XSS) Vulnerability", - "dateAdded": "2023-03-30", - "shortDescription": "Fortra Cobalt Strike contains a cross-site scripting (XSS) vulnerability in Teamserver that would allow an attacker to set a malformed username in the Beacon configuration, allowing them to execute code remotely.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2023-04-20", - "notes": "https://www.cobaltstrike.com/blog/out-of-band-update-cobalt-strike-4-7-1/" - }, - { - "cveID": "CVE-2021-30900", - "vendorProject": "Apple", - "product": "iOS, iPadOS, and macOS", - "vulnerabilityName": "Apple iOS, iPadOS, and macOS Out-of-Bounds Write Vulnerability", - "dateAdded": "2023-03-30", - "shortDescription": "Apple GPU drivers, included in iOS, iPadOS, and macOS, contain an out-of-bounds write vulnerability that may allow a malicious application to execute code with kernel privileges.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2023-04-20", - "notes": "https://support.apple.com/en-us/HT21286, https://support.apple.com/en-us/HT212868, https://support.apple.com/kb/HT212872" - }, - { - "cveID": "CVE-2022-38181", - "vendorProject": "Arm", - "product": "Mali Graphics Processing Unit (GPU)", - "vulnerabilityName": "Arm Mali GPU Kernel Driver Use-After-Free Vulnerability", - "dateAdded": "2023-03-30", - "shortDescription": "Arm Mali GPU Kernel Driver contains a use-after-free vulnerability that may allow a non-privileged user to gain root privilege and/or disclose information.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2023-04-20", - "notes": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities" - }, - { - "cveID": "CVE-2023-0266", - "vendorProject": "Linux", - "product": "Kernel", - "vulnerabilityName": "Linux Kernel Use-After-Free Vulnerability", - "dateAdded": "2023-03-30", - "shortDescription": "Linux kernel contains a use-after-free vulnerability that allows for privilege escalation to gain ring0 access from the system user.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2023-04-20", - "notes": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/tree/queue-5.10/alsa-pcm-move-rwsem-lock-inside-snd_ctl_elem_read-to-prevent-uaf.patch?id=72783cf35e6c55bca84c4bb7b776c58152856fd4" - }, - { - "cveID": "CVE-2022-3038", - "vendorProject": "Google", - "product": "Chrome", - "vulnerabilityName": "Google Chrome Use-After-Free Vulnerability", - "dateAdded": "2023-03-30", - "shortDescription": "Google Chrome contains a use-after-free vulnerability that allows a remote attacker to potentially exploit heap corruption.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2023-04-20", - "notes": "https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_30.html" - }, - { - "cveID": "CVE-2022-22706", - "vendorProject": "Arm", - "product": "Mali Graphics Processing Unit (GPU)", - "vulnerabilityName": "Arm Mali GPU Kernel Driver Unspecified Vulnerability", - "dateAdded": "2023-03-30", - "shortDescription": "Arm Mali GPU Kernel Driver contains an unspecified vulnerability that allows a non-privileged user to achieve write access to read-only memory pages.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2023-04-20", - "notes": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities" - }, - { - "cveID": "CVE-2022-27926", - "vendorProject": "Zimbra", - "product": "Collaboration (ZCS)", - "vulnerabilityName": "Zimbra Collaboration (ZCS) Cross-Site Scripting (XSS) Vulnerability", - "dateAdded": "2023-04-03", - "shortDescription": "Zimbra Collaboration Suite (ZCS) contains a cross-site scripting vulnerability by allowing an endpoint URL to accept parameters without sanitizing.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2023-04-24", - "notes": "https://wiki.zimbra.com/wiki/Security_Center" - }, - { - "cveID": "CVE-2021-27876", - "vendorProject": "Veritas", - "product": "Backup Exec Agent", - "vulnerabilityName": "Veritas Backup Exec Agent File Access Vulnerability", - "dateAdded": "2023-04-07", - "shortDescription": "Veritas Backup Exec (BE) Agent contains a file access vulnerability that could allow an attacker to specially craft input parameters on a data management protocol command to access files on the BE Agent machine.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2023-04-28", - "notes": "https://www.veritas.com/support/en_US/security/VTS21-001" - }, - { - "cveID": "CVE-2021-27877", - "vendorProject": "Veritas", - "product": "Backup Exec Agent", - "vulnerabilityName": "Veritas Backup Exec Agent Improper Authentication Vulnerability", - "dateAdded": "2023-04-07", - "shortDescription": "Veritas Backup Exec (BE) Agent contains an improper authentication vulnerability that could allow an attacker unauthorized access to the BE Agent via SHA authentication scheme.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2023-04-28", - "notes": "https://www.veritas.com/support/en_US/security/VTS21-001" - }, - { - "cveID": "CVE-2021-27878", - "vendorProject": "Veritas", - "product": "Backup Exec Agent", - "vulnerabilityName": "Veritas Backup Exec Agent Command Execution Vulnerability", - "dateAdded": "2023-04-07", - "shortDescription": "Veritas Backup Exec (BE) Agent contains a command execution vulnerability that could allow an attacker to use a data management protocol command to execute a command on the BE Agent machine.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2023-04-28", - "notes": "https://www.veritas.com/support/en_US/security/VTS21-001" - }, - { - "cveID": "CVE-2019-1388", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows Certificate Dialog Privilege Escalation Vulnerability", - "dateAdded": "2023-04-07", - "shortDescription": "Microsoft Windows Certificate Dialog contains a privilege escalation vulnerability, allowing attackers to run processes in an elevated context.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2023-04-28", - "notes": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1388" - }, - { - "cveID": "CVE-2023-26083", - "vendorProject": "Arm", - "product": "Mali Graphics Processing Unit (GPU)", - "vulnerabilityName": "Arm Mali GPU Kernel Driver Information Disclosure Vulnerability", - "dateAdded": "2023-04-07", - "shortDescription": "Arm Mali GPU Kernel Driver contains an information disclosure vulnerability that allows a non-privileged user to make valid GPU processing operations that expose sensitive kernel metadata.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2023-04-28", - "notes": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities" - }, - { - "cveID": "CVE-2023-28205", - "vendorProject": "Apple", - "product": "Multiple Products", - "vulnerabilityName": "Apple Multiple Products WebKit Use-After-Free Vulnerability", - "dateAdded": "2023-04-10", - "shortDescription": "Apple iOS, iPadOS, macOS, and Safari WebKit contain a use-after-free vulnerability that leads to code execution when processing maliciously crafted web content.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2023-05-01", - "notes": "https://support.apple.com/en-us/HT213720,https://support.apple.com/en-us/HT213721,https://support.apple.com/en-us/HT213722,https://support.apple.com/en-us/HT213723" - }, - { - "cveID": "CVE-2023-28206", - "vendorProject": "Apple", - "product": "iOS, iPadOS, and macOS", - "vulnerabilityName": "Apple iOS, iPadOS, and macOS IOSurfaceAccelerator Out-of-Bounds Write Vulnerability", - "dateAdded": "2023-04-10", - "shortDescription": "Apple iOS, iPadOS, and macOS IOSurfaceAccelerator contain an out-of-bounds write vulnerability that allows an app to execute code with kernel privileges.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2023-05-01", - "notes": "https://support.apple.com/en-us/HT213720, https://support.apple.com/en-us/HT213721" - }, - { - "cveID": "CVE-2023-28252", - "vendorProject": "Microsoft", - "product": "Windows", - "vulnerabilityName": "Microsoft Windows Common Log File System (CLFS) Driver Privilege Escalation Vulnerability", - "dateAdded": "2023-04-11", - "shortDescription": "Microsoft Windows Common Log File System (CLFS) driver contains an unspecified vulnerability that allows for privilege escalation.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2023-05-02", - "notes": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-28252" - }, - { - "cveID": "CVE-2023-20963", - "vendorProject": "Android", - "product": "Framework", - "vulnerabilityName": "Android Framework Privilege Escalation Vulnerability", - "dateAdded": "2023-04-13", - "shortDescription": "Android Framework contains an unspecified vulnerability that allows for privilege escalation after updating an app to a higher Target SDK with no additional execution privileges needed.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2023-05-04", - "notes": "https://source.android.com/docs/security/bulletin/2023-03-01" - }, - { - "cveID": "CVE-2023-29492", - "vendorProject": "Novi Survey", - "product": "Novi Survey", - "vulnerabilityName": "Novi Survey Insecure Deserialization Vulnerability", - "dateAdded": "2023-04-13", - "shortDescription": "Novi Survey contains an insecure deserialization vulnerability that allows remote attackers to execute code on the server in the context of the service account.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2023-05-04", - "notes": "https://novisurvey.net/blog/novi-survey-security-advisory-apr-2023.aspx" - }, - { - "cveID": "CVE-2019-8526", - "vendorProject": "Apple", - "product": "macOS", - "vulnerabilityName": "Apple macOS Use-After-Free Vulnerability", - "dateAdded": "2023-04-17", - "shortDescription": "Apple macOS contains a use-after-free vulnerability that could allow for privilege escalation.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2023-05-08", - "notes": "https://support.apple.com/en-us/HT209600" - }, - { - "cveID": "CVE-2023-2033", - "vendorProject": "Google", - "product": "Chromium V8 Engine", - "vulnerabilityName": "Google Chromium V8 Engine Type Confusion Vulnerability", - "dateAdded": "2023-04-17", - "shortDescription": "Google Chromium V8 contains a type confusion vulnerability. Specific impacts from exploitation are not available at this time.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2023-05-08", - "notes": "https://chromereleases.googleblog.com/2023/04/stable-channel-update-for-desktop_14.html" - }, - { - "cveID": "CVE-2017-6742", - "vendorProject": "Cisco", - "product": "IOS and IOS XE Software", - "vulnerabilityName": "Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability", - "dateAdded": "2023-04-19", - "shortDescription": "The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2023-05-10", - "notes": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp" - }, - { - "cveID": "CVE-2023-28432", - "vendorProject": "MinIO", - "product": "MinIO", - "vulnerabilityName": "MinIO Information Disclosure Vulnerability", - "dateAdded": "2023-04-21", - "shortDescription": "MinIO contains a vulnerability in a cluster deployment where MinIO returns all environment variables, which allows for information disclosure.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2023-05-12", - "notes": "https://github.com/minio/minio/security/advisories/GHSA-6xvq-wj2x-3h3q" - }, - { - "cveID": "CVE-2023-27350", - "vendorProject": "PaperCut", - "product": "MF/NG", - "vulnerabilityName": "PaperCut MF/NG Improper Access Control Vulnerability", - "dateAdded": "2023-04-21", - "shortDescription": "PaperCut MF/NG contains an improper access control vulnerability within the SetupCompleted class that allows authentication bypass and code execution in the context of system.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2023-05-12", - "notes": "https://www.papercut.com/kb/Main/PO-1216-and-PO-1219" - }, - { - "cveID": "CVE-2023-2136", - "vendorProject": "Google", - "product": "Chrome", - "vulnerabilityName": "Google Chrome Skia Integer Overflow Vulnerability", - "dateAdded": "2023-04-21", - "shortDescription": "Google Chrome Skia contains an integer overflow vulnerability. Specific impacts from exploitation are not available at this time. This vulnerability resides in Skia which serves as the graphics engine for Google Chrome and ChromeOS, Android, Flutter, and other products.", - "requiredAction": "Apply updates per vendor instructions.", - "dueDate": "2023-05-12", - "notes": "https://chromereleases.googleblog.com/2023/04/stable-channel-update-for-desktop_18.html" - } - ] -} diff --git a/open-vulnerability-clients/src/test/resources/logback-test.xml b/open-vulnerability-clients/src/test/resources/logback-test.xml deleted file mode 100644 index a16a064b..00000000 --- a/open-vulnerability-clients/src/test/resources/logback-test.xml +++ /dev/null @@ -1,15 +0,0 @@ - - - gh-advisory-tests - - - System.out - - [%level] %msg%n - - - - - - - \ No newline at end of file diff --git a/open-vulnerability-clients/src/test/resources/nvd.json b/open-vulnerability-clients/src/test/resources/nvd.json deleted file mode 100644 index 3d7887f1..00000000 --- a/open-vulnerability-clients/src/test/resources/nvd.json +++ /dev/null @@ -1,323565 +0,0 @@ -{ - "resultsPerPage": 2000, - "startIndex": 224000, - "totalResults": 255494, - "format": "NVD_CVE", - "version": "2.0", - "timestamp": "2024-06-29T14:56:13.233", - "vulnerabilities": [ - { - "cve": { - "id": "CVE-2023-38451", - "sourceIdentifier": "security@unisoc.com", - "published": "2023-09-04T02:15:09.243", - "lastModified": "2023-09-08T00:04:49.200", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges" - }, - { - "lang": "es", - "value": "En vowifiservice, es posible que falte una comprobación de permisos, lo que podría dar lugar a una escalada local de privilegios sin privilegios de ejecución adicionales." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-862" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:11.0:-:*:*:*:*:*:*", - "matchCriteriaId": "F120D280-287A-474F-9DC5-CBBC4B4C7237" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AC867249-B767-4802-868D-6D0E356C8294" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*", - "matchCriteriaId": "25BBD3C5-E87C-4730-970C-19DF855AC3A2" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DE00DFDE-97DD-4D33-B580-73FEF677C71B" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*", - "matchCriteriaId": "905E39DD-7948-40A4-B042-EBB9A9591347" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CDC980D6-B797-4AE1-B553-35395AE80D07" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*", - "matchCriteriaId": "98408A48-561A-49D1-967F-834311742B7F" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*", - "matchCriteriaId": "756E5850-CDC7-46C2-BAFC-1E2A359A2709" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*", - "matchCriteriaId": "39002ECE-636A-4FEB-9A0B-8127E8AAC844" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.unisoc.com\/en_us\/secy\/announcementDetail\/https:\/\/www.unisoc.com\/en_us\/secy\/announcementDetail\/1698296481653522434", - "source": "security@unisoc.com", - "tags": [ - "Broken Link" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-38452", - "sourceIdentifier": "security@unisoc.com", - "published": "2023-09-04T02:15:09.293", - "lastModified": "2023-09-08T00:04:33.893", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges" - }, - { - "lang": "es", - "value": "En vowifiservice es posible que falte una comprobación de permisos, lo que podría dar lugar a una escalada local de privilegios sin privilegios de ejecución adicionales. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-862" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:11.0:-:*:*:*:*:*:*", - "matchCriteriaId": "F120D280-287A-474F-9DC5-CBBC4B4C7237" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AC867249-B767-4802-868D-6D0E356C8294" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*", - "matchCriteriaId": "25BBD3C5-E87C-4730-970C-19DF855AC3A2" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DE00DFDE-97DD-4D33-B580-73FEF677C71B" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*", - "matchCriteriaId": "905E39DD-7948-40A4-B042-EBB9A9591347" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CDC980D6-B797-4AE1-B553-35395AE80D07" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*", - "matchCriteriaId": "98408A48-561A-49D1-967F-834311742B7F" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*", - "matchCriteriaId": "756E5850-CDC7-46C2-BAFC-1E2A359A2709" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*", - "matchCriteriaId": "39002ECE-636A-4FEB-9A0B-8127E8AAC844" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.unisoc.com\/en_us\/secy\/announcementDetail\/https:\/\/www.unisoc.com\/en_us\/secy\/announcementDetail\/1698296481653522434", - "source": "security@unisoc.com", - "tags": [ - "Broken Link" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-38453", - "sourceIdentifier": "security@unisoc.com", - "published": "2023-09-04T02:15:09.347", - "lastModified": "2023-09-08T00:04:17.480", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges" - }, - { - "lang": "es", - "value": "En vowifiservice, es posible que falte una comprobación de permisos, lo que podría dar lugar a una escalada local de privilegios sin privilegios de ejecución adicionales." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-862" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:11.0:-:*:*:*:*:*:*", - "matchCriteriaId": "F120D280-287A-474F-9DC5-CBBC4B4C7237" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AC867249-B767-4802-868D-6D0E356C8294" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*", - "matchCriteriaId": "25BBD3C5-E87C-4730-970C-19DF855AC3A2" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DE00DFDE-97DD-4D33-B580-73FEF677C71B" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*", - "matchCriteriaId": "905E39DD-7948-40A4-B042-EBB9A9591347" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CDC980D6-B797-4AE1-B553-35395AE80D07" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*", - "matchCriteriaId": "98408A48-561A-49D1-967F-834311742B7F" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*", - "matchCriteriaId": "756E5850-CDC7-46C2-BAFC-1E2A359A2709" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*", - "matchCriteriaId": "39002ECE-636A-4FEB-9A0B-8127E8AAC844" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.unisoc.com\/en_us\/secy\/announcementDetail\/https:\/\/www.unisoc.com\/en_us\/secy\/announcementDetail\/1698296481653522434", - "source": "security@unisoc.com", - "tags": [ - "Broken Link" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-38454", - "sourceIdentifier": "security@unisoc.com", - "published": "2023-09-04T02:15:09.403", - "lastModified": "2023-09-08T00:01:33.337", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "In vowifi service, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges" - }, - { - "lang": "es", - "value": "En el servicio vowifi, es posible que falte una comprobación de permisos, lo que podría dar lugar a la divulgación de información local sin privilegios de ejecución adicionales. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 5.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.8, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-862" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*", - "matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AC867249-B767-4802-868D-6D0E356C8294" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*", - "matchCriteriaId": "25BBD3C5-E87C-4730-970C-19DF855AC3A2" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DE00DFDE-97DD-4D33-B580-73FEF677C71B" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*", - "matchCriteriaId": "905E39DD-7948-40A4-B042-EBB9A9591347" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CDC980D6-B797-4AE1-B553-35395AE80D07" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*", - "matchCriteriaId": "98408A48-561A-49D1-967F-834311742B7F" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*", - "matchCriteriaId": "756E5850-CDC7-46C2-BAFC-1E2A359A2709" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*", - "matchCriteriaId": "39002ECE-636A-4FEB-9A0B-8127E8AAC844" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.unisoc.com\/en_us\/secy\/announcementDetail\/https:\/\/www.unisoc.com\/en_us\/secy\/announcementDetail\/1698296481653522434", - "source": "security@unisoc.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-38455", - "sourceIdentifier": "security@unisoc.com", - "published": "2023-09-04T02:15:09.460", - "lastModified": "2023-09-08T00:02:00.457", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges" - }, - { - "lang": "es", - "value": "En vowifiservice, es posible que falte una comprobación de permisos, lo que podría dar lugar a una escalada local de privilegios sin privilegios de ejecución adicionales" - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-862" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*", - "matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AC867249-B767-4802-868D-6D0E356C8294" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*", - "matchCriteriaId": "25BBD3C5-E87C-4730-970C-19DF855AC3A2" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DE00DFDE-97DD-4D33-B580-73FEF677C71B" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*", - "matchCriteriaId": "905E39DD-7948-40A4-B042-EBB9A9591347" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CDC980D6-B797-4AE1-B553-35395AE80D07" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*", - "matchCriteriaId": "98408A48-561A-49D1-967F-834311742B7F" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*", - "matchCriteriaId": "756E5850-CDC7-46C2-BAFC-1E2A359A2709" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*", - "matchCriteriaId": "39002ECE-636A-4FEB-9A0B-8127E8AAC844" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.unisoc.com\/en_us\/secy\/announcementDetail\/https:\/\/www.unisoc.com\/en_us\/secy\/announcementDetail\/1698296481653522434", - "source": "security@unisoc.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-38456", - "sourceIdentifier": "security@unisoc.com", - "published": "2023-09-04T02:15:09.517", - "lastModified": "2023-09-08T00:01:47.710", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges" - }, - { - "lang": "es", - "value": "En vowifiservice, es posible que falte una comprobación de permisos. Esto podría dar lugar a una escalada local de privilegios sin privilegios de ejecución adicionales. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-862" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*", - "matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AC867249-B767-4802-868D-6D0E356C8294" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*", - "matchCriteriaId": "25BBD3C5-E87C-4730-970C-19DF855AC3A2" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DE00DFDE-97DD-4D33-B580-73FEF677C71B" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*", - "matchCriteriaId": "905E39DD-7948-40A4-B042-EBB9A9591347" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CDC980D6-B797-4AE1-B553-35395AE80D07" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*", - "matchCriteriaId": "98408A48-561A-49D1-967F-834311742B7F" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*", - "matchCriteriaId": "756E5850-CDC7-46C2-BAFC-1E2A359A2709" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*", - "matchCriteriaId": "39002ECE-636A-4FEB-9A0B-8127E8AAC844" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.unisoc.com\/en_us\/secy\/announcementDetail\/https:\/\/www.unisoc.com\/en_us\/secy\/announcementDetail\/1698296481653522434", - "source": "security@unisoc.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-38457", - "sourceIdentifier": "security@unisoc.com", - "published": "2023-09-04T02:15:09.563", - "lastModified": "2023-09-08T00:02:10.807", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "In vowifiservice, there is a possible missing permission check.This could lead to local denial of service with no additional execution privileges" - }, - { - "lang": "es", - "value": "En vowifiservice, es posible que falte una comprobación de permisos, lo que podría provocar una denegación de servicio local sin privilegios de ejecución adicionales." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:N\/I:N\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "availabilityImpact": "HIGH", - "baseScore": 5.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.8, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-862" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*", - "matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AC867249-B767-4802-868D-6D0E356C8294" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*", - "matchCriteriaId": "25BBD3C5-E87C-4730-970C-19DF855AC3A2" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DE00DFDE-97DD-4D33-B580-73FEF677C71B" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*", - "matchCriteriaId": "905E39DD-7948-40A4-B042-EBB9A9591347" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CDC980D6-B797-4AE1-B553-35395AE80D07" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*", - "matchCriteriaId": "98408A48-561A-49D1-967F-834311742B7F" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*", - "matchCriteriaId": "756E5850-CDC7-46C2-BAFC-1E2A359A2709" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*", - "matchCriteriaId": "39002ECE-636A-4FEB-9A0B-8127E8AAC844" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.unisoc.com\/en_us\/secy\/announcementDetail\/https:\/\/www.unisoc.com\/en_us\/secy\/announcementDetail\/1698296481653522434", - "source": "security@unisoc.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-38458", - "sourceIdentifier": "security@unisoc.com", - "published": "2023-09-04T02:15:09.617", - "lastModified": "2023-09-08T00:02:21.383", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges" - }, - { - "lang": "es", - "value": "En vowifiservice, es posible que falte una comprobación de permisos, lo que podría dar lugar a una escalada local de privilegios sin privilegios de ejecución adicionales. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-862" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*", - "matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AC867249-B767-4802-868D-6D0E356C8294" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*", - "matchCriteriaId": "25BBD3C5-E87C-4730-970C-19DF855AC3A2" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DE00DFDE-97DD-4D33-B580-73FEF677C71B" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*", - "matchCriteriaId": "905E39DD-7948-40A4-B042-EBB9A9591347" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CDC980D6-B797-4AE1-B553-35395AE80D07" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*", - "matchCriteriaId": "98408A48-561A-49D1-967F-834311742B7F" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*", - "matchCriteriaId": "756E5850-CDC7-46C2-BAFC-1E2A359A2709" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*", - "matchCriteriaId": "39002ECE-636A-4FEB-9A0B-8127E8AAC844" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.unisoc.com\/en_us\/secy\/announcementDetail\/https:\/\/www.unisoc.com\/en_us\/secy\/announcementDetail\/1698296481653522434", - "source": "security@unisoc.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-38459", - "sourceIdentifier": "security@unisoc.com", - "published": "2023-09-04T02:15:09.667", - "lastModified": "2023-09-08T00:02:33.287", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges" - }, - { - "lang": "es", - "value": "En vowifiservice, es posible que falte una comprobación de permisos, lo que podría dar lugar a una escalada local de privilegios sin privilegios de ejecución adicionales." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-862" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*", - "matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AC867249-B767-4802-868D-6D0E356C8294" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*", - "matchCriteriaId": "25BBD3C5-E87C-4730-970C-19DF855AC3A2" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DE00DFDE-97DD-4D33-B580-73FEF677C71B" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*", - "matchCriteriaId": "905E39DD-7948-40A4-B042-EBB9A9591347" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CDC980D6-B797-4AE1-B553-35395AE80D07" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*", - "matchCriteriaId": "98408A48-561A-49D1-967F-834311742B7F" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*", - "matchCriteriaId": "756E5850-CDC7-46C2-BAFC-1E2A359A2709" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*", - "matchCriteriaId": "39002ECE-636A-4FEB-9A0B-8127E8AAC844" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.unisoc.com\/en_us\/secy\/announcementDetail\/https:\/\/www.unisoc.com\/en_us\/secy\/announcementDetail\/1698296481653522434", - "source": "security@unisoc.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-38460", - "sourceIdentifier": "security@unisoc.com", - "published": "2023-09-04T02:15:09.713", - "lastModified": "2023-09-08T00:02:44.077", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges" - }, - { - "lang": "es", - "value": "En vowifiservice es posible que falte una comprobación de permisos. Esto podría dar lugar a una escalada local de privilegios sin privilegios de ejecución adicionales. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-862" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*", - "matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AC867249-B767-4802-868D-6D0E356C8294" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*", - "matchCriteriaId": "25BBD3C5-E87C-4730-970C-19DF855AC3A2" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DE00DFDE-97DD-4D33-B580-73FEF677C71B" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*", - "matchCriteriaId": "905E39DD-7948-40A4-B042-EBB9A9591347" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CDC980D6-B797-4AE1-B553-35395AE80D07" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*", - "matchCriteriaId": "98408A48-561A-49D1-967F-834311742B7F" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*", - "matchCriteriaId": "756E5850-CDC7-46C2-BAFC-1E2A359A2709" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*", - "matchCriteriaId": "39002ECE-636A-4FEB-9A0B-8127E8AAC844" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.unisoc.com\/en_us\/secy\/announcementDetail\/https:\/\/www.unisoc.com\/en_us\/secy\/announcementDetail\/1698296481653522434", - "source": "security@unisoc.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-38461", - "sourceIdentifier": "security@unisoc.com", - "published": "2023-09-04T02:15:09.767", - "lastModified": "2023-09-08T00:02:53.680", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "In vowifiservice, there is a possible missing permission check.This could lead to local denial of service with no additional execution privileges" - }, - { - "lang": "es", - "value": "En vowifiservice, es posible que falte una comprobación de permisos, lo que podría provocar una denegación de servicio local sin privilegios de ejecución adicionales." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:N\/I:N\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "availabilityImpact": "HIGH", - "baseScore": 5.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.8, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-862" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*", - "matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AC867249-B767-4802-868D-6D0E356C8294" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*", - "matchCriteriaId": "25BBD3C5-E87C-4730-970C-19DF855AC3A2" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DE00DFDE-97DD-4D33-B580-73FEF677C71B" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*", - "matchCriteriaId": "905E39DD-7948-40A4-B042-EBB9A9591347" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CDC980D6-B797-4AE1-B553-35395AE80D07" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*", - "matchCriteriaId": "98408A48-561A-49D1-967F-834311742B7F" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*", - "matchCriteriaId": "756E5850-CDC7-46C2-BAFC-1E2A359A2709" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*", - "matchCriteriaId": "39002ECE-636A-4FEB-9A0B-8127E8AAC844" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.unisoc.com\/en_us\/secy\/announcementDetail\/https:\/\/www.unisoc.com\/en_us\/secy\/announcementDetail\/1698296481653522434", - "source": "security@unisoc.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-38462", - "sourceIdentifier": "security@unisoc.com", - "published": "2023-09-04T02:15:09.820", - "lastModified": "2023-09-08T00:03:05.363", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "In vowifiservice, there is a possible missing permission check.This could lead to local denial of service with no additional execution privileges" - }, - { - "lang": "es", - "value": "En vowifiservice, es posible que falte una comprobación de permisos, lo que podría provocar una denegación de servicio local sin privilegios de ejecución adicionales. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:N\/I:N\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "availabilityImpact": "HIGH", - "baseScore": 5.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.8, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-862" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*", - "matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AC867249-B767-4802-868D-6D0E356C8294" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*", - "matchCriteriaId": "25BBD3C5-E87C-4730-970C-19DF855AC3A2" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DE00DFDE-97DD-4D33-B580-73FEF677C71B" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*", - "matchCriteriaId": "905E39DD-7948-40A4-B042-EBB9A9591347" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CDC980D6-B797-4AE1-B553-35395AE80D07" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*", - "matchCriteriaId": "98408A48-561A-49D1-967F-834311742B7F" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*", - "matchCriteriaId": "756E5850-CDC7-46C2-BAFC-1E2A359A2709" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*", - "matchCriteriaId": "39002ECE-636A-4FEB-9A0B-8127E8AAC844" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.unisoc.com\/en_us\/secy\/announcementDetail\/https:\/\/www.unisoc.com\/en_us\/secy\/announcementDetail\/1698296481653522434", - "source": "security@unisoc.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-38463", - "sourceIdentifier": "security@unisoc.com", - "published": "2023-09-04T02:15:09.877", - "lastModified": "2023-09-08T00:03:15.670", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "In vowifiservice, there is a possible missing permission check.This could lead to local denial of service with no additional execution privileges" - }, - { - "lang": "es", - "value": "En vowifiservice, es posible que falte una comprobación de permisos, lo que podría provocar una denegación de servicio local sin privilegios de ejecución adicionales." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:N\/I:N\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "availabilityImpact": "HIGH", - "baseScore": 5.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.8, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-862" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*", - "matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AC867249-B767-4802-868D-6D0E356C8294" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*", - "matchCriteriaId": "25BBD3C5-E87C-4730-970C-19DF855AC3A2" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DE00DFDE-97DD-4D33-B580-73FEF677C71B" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*", - "matchCriteriaId": "905E39DD-7948-40A4-B042-EBB9A9591347" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CDC980D6-B797-4AE1-B553-35395AE80D07" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*", - "matchCriteriaId": "98408A48-561A-49D1-967F-834311742B7F" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*", - "matchCriteriaId": "756E5850-CDC7-46C2-BAFC-1E2A359A2709" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*", - "matchCriteriaId": "39002ECE-636A-4FEB-9A0B-8127E8AAC844" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.unisoc.com\/en_us\/secy\/announcementDetail\/https:\/\/www.unisoc.com\/en_us\/secy\/announcementDetail\/1698296481653522434", - "source": "security@unisoc.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-38464", - "sourceIdentifier": "security@unisoc.com", - "published": "2023-09-04T02:15:09.930", - "lastModified": "2023-09-08T00:03:27.920", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges" - }, - { - "lang": "es", - "value": "En vowifiservice, es posible que falte una comprobación de permisos, lo que podría dar lugar a una escalada local de privilegios sin privilegios de ejecución adicionales. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-862" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*", - "matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AC867249-B767-4802-868D-6D0E356C8294" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*", - "matchCriteriaId": "25BBD3C5-E87C-4730-970C-19DF855AC3A2" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DE00DFDE-97DD-4D33-B580-73FEF677C71B" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*", - "matchCriteriaId": "905E39DD-7948-40A4-B042-EBB9A9591347" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CDC980D6-B797-4AE1-B553-35395AE80D07" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*", - "matchCriteriaId": "98408A48-561A-49D1-967F-834311742B7F" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*", - "matchCriteriaId": "756E5850-CDC7-46C2-BAFC-1E2A359A2709" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*", - "matchCriteriaId": "39002ECE-636A-4FEB-9A0B-8127E8AAC844" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.unisoc.com\/en_us\/secy\/announcementDetail\/https:\/\/www.unisoc.com\/en_us\/secy\/announcementDetail\/1698296481653522434", - "source": "security@unisoc.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-38465", - "sourceIdentifier": "security@unisoc.com", - "published": "2023-09-04T02:15:09.983", - "lastModified": "2023-09-08T06:44:04.463", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "In ims service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges" - }, - { - "lang": "es", - "value": "En el servicio ims, es posible que falte una verificación de permiso. Esto podría dar lugar a la divulgación de información local sin privilegios de ejecución adicionales." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 5.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.8, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-862" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*", - "matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", - "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FDE05D06-C798-4217-8858-8C5DC2C94751" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*", - "matchCriteriaId": "25BBD3C5-E87C-4730-970C-19DF855AC3A2" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DE00DFDE-97DD-4D33-B580-73FEF677C71B" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F20E00D8-2F00-4FA3-9455-37DC89908D96" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*", - "matchCriteriaId": "905E39DD-7948-40A4-B042-EBB9A9591347" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CDC980D6-B797-4AE1-B553-35395AE80D07" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*", - "matchCriteriaId": "98408A48-561A-49D1-967F-834311742B7F" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*", - "matchCriteriaId": "756E5850-CDC7-46C2-BAFC-1E2A359A2709" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*", - "matchCriteriaId": "39002ECE-636A-4FEB-9A0B-8127E8AAC844" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3D965CCA-C963-49E4-ACF0-2A9F458AF470" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0FFEF06A-E3E0-486F-89CC-D52FF3F26F0B" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*", - "matchCriteriaId": "49601008-D3FF-47CC-B961-6FDDFC7A0596" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.unisoc.com\/en_us\/secy\/announcementDetail\/https:\/\/www.unisoc.com\/en_us\/secy\/announcementDetail\/1698296481653522434", - "source": "security@unisoc.com", - "tags": [ - "Broken Link" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-38466", - "sourceIdentifier": "security@unisoc.com", - "published": "2023-09-04T02:15:10.030", - "lastModified": "2023-09-08T06:44:49.057", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "In ims service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges" - }, - { - "lang": "es", - "value": "En el servicio ims, es posible que falte una comprobación de permisos. Esto podría conducir a la divulgación de información local sin privilegios de ejecución adicionales. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 5.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.8, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-862" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*", - "matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", - "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FDE05D06-C798-4217-8858-8C5DC2C94751" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*", - "matchCriteriaId": "25BBD3C5-E87C-4730-970C-19DF855AC3A2" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DE00DFDE-97DD-4D33-B580-73FEF677C71B" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F20E00D8-2F00-4FA3-9455-37DC89908D96" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*", - "matchCriteriaId": "905E39DD-7948-40A4-B042-EBB9A9591347" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CDC980D6-B797-4AE1-B553-35395AE80D07" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*", - "matchCriteriaId": "98408A48-561A-49D1-967F-834311742B7F" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*", - "matchCriteriaId": "756E5850-CDC7-46C2-BAFC-1E2A359A2709" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*", - "matchCriteriaId": "39002ECE-636A-4FEB-9A0B-8127E8AAC844" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3D965CCA-C963-49E4-ACF0-2A9F458AF470" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0FFEF06A-E3E0-486F-89CC-D52FF3F26F0B" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*", - "matchCriteriaId": "49601008-D3FF-47CC-B961-6FDDFC7A0596" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.unisoc.com\/en_us\/secy\/announcementDetail\/https:\/\/www.unisoc.com\/en_us\/secy\/announcementDetail\/1698296481653522434", - "source": "security@unisoc.com", - "tags": [ - "Broken Link" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-38467", - "sourceIdentifier": "security@unisoc.com", - "published": "2023-09-04T02:15:10.083", - "lastModified": "2023-09-08T06:45:06.603", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "In urild service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed" - }, - { - "lang": "es", - "value": "En urild service, existe una posible escritura fuera de límites debido a una comprobación de límites faltantes. Esto podría provocar una denegación de servicio local con privilegios de ejecución de System necesarios." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:H\/UI:N\/S:U\/C:N\/I:N\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "availabilityImpact": "HIGH", - "baseScore": 4.4, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 0.8, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-787" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*", - "matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", - "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*", - "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FDE05D06-C798-4217-8858-8C5DC2C94751" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AC867249-B767-4802-868D-6D0E356C8294" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*", - "matchCriteriaId": "25BBD3C5-E87C-4730-970C-19DF855AC3A2" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DE00DFDE-97DD-4D33-B580-73FEF677C71B" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F20E00D8-2F00-4FA3-9455-37DC89908D96" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*", - "matchCriteriaId": "905E39DD-7948-40A4-B042-EBB9A9591347" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CDC980D6-B797-4AE1-B553-35395AE80D07" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*", - "matchCriteriaId": "98408A48-561A-49D1-967F-834311742B7F" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*", - "matchCriteriaId": "756E5850-CDC7-46C2-BAFC-1E2A359A2709" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*", - "matchCriteriaId": "39002ECE-636A-4FEB-9A0B-8127E8AAC844" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3D965CCA-C963-49E4-ACF0-2A9F458AF470" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0FFEF06A-E3E0-486F-89CC-D52FF3F26F0B" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*", - "matchCriteriaId": "49601008-D3FF-47CC-B961-6FDDFC7A0596" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.unisoc.com\/en_us\/secy\/announcementDetail\/https:\/\/www.unisoc.com\/en_us\/secy\/announcementDetail\/1698296481653522434", - "source": "security@unisoc.com", - "tags": [ - "Broken Link" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-38468", - "sourceIdentifier": "security@unisoc.com", - "published": "2023-09-04T02:15:10.133", - "lastModified": "2023-09-08T06:45:25.753", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "In urild service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed" - }, - { - "lang": "es", - "value": "En el servicio urild, existe una posible escritura fuera de los límites debido a una comprobación de límites omitida. Esto podría dar lugar a una denegación de servicio local con privilegios de ejecución del sistema necesarios. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:H\/UI:N\/S:U\/C:N\/I:N\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "availabilityImpact": "HIGH", - "baseScore": 4.4, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 0.8, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-787" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*", - "matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", - "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*", - "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FDE05D06-C798-4217-8858-8C5DC2C94751" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AC867249-B767-4802-868D-6D0E356C8294" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*", - "matchCriteriaId": "25BBD3C5-E87C-4730-970C-19DF855AC3A2" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DE00DFDE-97DD-4D33-B580-73FEF677C71B" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F20E00D8-2F00-4FA3-9455-37DC89908D96" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*", - "matchCriteriaId": "905E39DD-7948-40A4-B042-EBB9A9591347" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CDC980D6-B797-4AE1-B553-35395AE80D07" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*", - "matchCriteriaId": "98408A48-561A-49D1-967F-834311742B7F" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*", - "matchCriteriaId": "756E5850-CDC7-46C2-BAFC-1E2A359A2709" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*", - "matchCriteriaId": "39002ECE-636A-4FEB-9A0B-8127E8AAC844" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3D965CCA-C963-49E4-ACF0-2A9F458AF470" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0FFEF06A-E3E0-486F-89CC-D52FF3F26F0B" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*", - "matchCriteriaId": "49601008-D3FF-47CC-B961-6FDDFC7A0596" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.unisoc.com\/en_us\/secy\/announcementDetail\/https:\/\/www.unisoc.com\/en_us\/secy\/announcementDetail\/1698296481653522434", - "source": "security@unisoc.com", - "tags": [ - "Broken Link" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-38553", - "sourceIdentifier": "security@unisoc.com", - "published": "2023-09-04T02:15:10.187", - "lastModified": "2023-09-08T06:45:58.037", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "In gnss service, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed" - }, - { - "lang": "es", - "value": "En gnss service, existe una posible escritura fuera de límites debido a una comprobación de límites faltantes. Esto podría provocar una denegación de servicio local con privilegios de ejecución de System necesarios." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:H\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 6.7, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 0.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-787" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*", - "matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FDE05D06-C798-4217-8858-8C5DC2C94751" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AC867249-B767-4802-868D-6D0E356C8294" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*", - "matchCriteriaId": "25BBD3C5-E87C-4730-970C-19DF855AC3A2" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DE00DFDE-97DD-4D33-B580-73FEF677C71B" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F20E00D8-2F00-4FA3-9455-37DC89908D96" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*", - "matchCriteriaId": "905E39DD-7948-40A4-B042-EBB9A9591347" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CDC980D6-B797-4AE1-B553-35395AE80D07" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*", - "matchCriteriaId": "98408A48-561A-49D1-967F-834311742B7F" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*", - "matchCriteriaId": "756E5850-CDC7-46C2-BAFC-1E2A359A2709" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*", - "matchCriteriaId": "39002ECE-636A-4FEB-9A0B-8127E8AAC844" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3D965CCA-C963-49E4-ACF0-2A9F458AF470" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0FFEF06A-E3E0-486F-89CC-D52FF3F26F0B" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*", - "matchCriteriaId": "49601008-D3FF-47CC-B961-6FDDFC7A0596" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.unisoc.com\/en_us\/secy\/announcementDetail\/https:\/\/www.unisoc.com\/en_us\/secy\/announcementDetail\/1698296481653522434", - "source": "security@unisoc.com", - "tags": [ - "Broken Link" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-38554", - "sourceIdentifier": "security@unisoc.com", - "published": "2023-09-04T02:15:10.247", - "lastModified": "2023-09-08T06:46:18.607", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "In wcn bsp driver, there is a possible out of bounds write due to a missing bounds check.This could lead to local denial of service with no additional execution privileges" - }, - { - "lang": "es", - "value": "En wcn bsp driver, existe una posible escritura fuera de límites debido a una comprobación de límites omitida, lo que podría provocar una denegación de servicio local sin privilegios de ejecución adicionales. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:N\/I:N\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "availabilityImpact": "HIGH", - "baseScore": 5.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.8, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-787" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*", - "matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", - "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*", - "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FDE05D06-C798-4217-8858-8C5DC2C94751" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AC867249-B767-4802-868D-6D0E356C8294" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*", - "matchCriteriaId": "25BBD3C5-E87C-4730-970C-19DF855AC3A2" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DE00DFDE-97DD-4D33-B580-73FEF677C71B" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F20E00D8-2F00-4FA3-9455-37DC89908D96" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*", - "matchCriteriaId": "905E39DD-7948-40A4-B042-EBB9A9591347" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CDC980D6-B797-4AE1-B553-35395AE80D07" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*", - "matchCriteriaId": "98408A48-561A-49D1-967F-834311742B7F" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*", - "matchCriteriaId": "756E5850-CDC7-46C2-BAFC-1E2A359A2709" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*", - "matchCriteriaId": "39002ECE-636A-4FEB-9A0B-8127E8AAC844" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3D965CCA-C963-49E4-ACF0-2A9F458AF470" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0FFEF06A-E3E0-486F-89CC-D52FF3F26F0B" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*", - "matchCriteriaId": "49601008-D3FF-47CC-B961-6FDDFC7A0596" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.unisoc.com\/en_us\/secy\/announcementDetail\/https:\/\/www.unisoc.com\/en_us\/secy\/announcementDetail\/1698296481653522434", - "source": "security@unisoc.com", - "tags": [ - "Broken Link" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-20820", - "sourceIdentifier": "security@mediatek.com", - "published": "2023-09-04T03:15:07.840", - "lastModified": "2023-09-07T19:14:49.727", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "In wlan service, there is a possible command injection due to improper input validation. This could lead to remote code execution with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00244189; Issue ID: WCNCR00244189." - }, - { - "lang": "es", - "value": "En wlan service, se presenta una posible inyección de comando debido a una comprobación de entrada inapropiada. Esto podría conducir a la divulgación de información local con privilegios de ejecución del sistema necesarios. No es necesaria la interacción del usuario para su explotación. ID del parche: WCNCR00244189; ID de la incidencia: WCNCR00244189." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.2, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.2, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "NVD-CWE-noinfo" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:openwrt:openwrt:19.07.0:-:*:*:*:*:*:*", - "matchCriteriaId": "4FA469E2-9E63-4C9A-8EBA-10C8C870063A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:openwrt:openwrt:21.02.0:-:*:*:*:*:*:*", - "matchCriteriaId": "F0133207-2EED-4625-854F-8DB7770D5BF7" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*", - "matchCriteriaId": "171D1C08-F055-44C0-913C-AA2B73AF5B72" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt7603:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8A45CDA9-95E6-4C02-8C3C-3B0CF7272A6F" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt7612:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EF2E9975-607D-4F06-A85A-B1C2BE3C5B75" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4979BA07-DC09-4DF8-BA7F-E4143A0ECFE6" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*", - "matchCriteriaId": "05748BB1-0D48-4097-932E-E8E2E574FD8D" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*", - "matchCriteriaId": "55EB4B27-6264-45BE-9A22-BE8418BB0C06" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt7626:-:*:*:*:*:*:*:*", - "matchCriteriaId": "79C6A4C1-BAB5-4C53-91CF-2637C2ECF37F" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*", - "matchCriteriaId": "29C210A3-C71E-4010-9DD6-9E36CADC9EED" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3AB22996-9C22-4B6C-9E94-E4C055D16335" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt7916:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DD5AA441-5381-4179-89EB-1642120F72B4" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt7981:-:*:*:*:*:*:*:*", - "matchCriteriaId": "490CD97B-021F-4350-AEE7-A2FA866D5889" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt7986:-:*:*:*:*:*:*:*", - "matchCriteriaId": "40A9E917-4B34-403F-B512-09EEBEA46811" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt7990:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4901B2A5-B0C8-4A0C-AC17-87D469744817" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/corp.mediatek.com\/product-security-bulletin\/September-2023", - "source": "security@mediatek.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-20821", - "sourceIdentifier": "security@mediatek.com", - "published": "2023-09-04T03:15:08.480", - "lastModified": "2023-09-07T19:14:35.620", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "In nvram, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07937113; Issue ID: ALPS07937113." - }, - { - "lang": "es", - "value": "En nvram, existe una posible escritura fuera de límites debido a una inexistente comprobación de límites. Esto podría llevar a una escalada local de privilegios con necesidad de privilegios de ejecución del sistema. No es necesaria la interacción del usuario para la explotación. ID del parche: ALPS07937113; ID de la incidencia: ALPS07937113." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:H\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 6.7, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 0.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-787" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:linuxfoundation:yocto:2.6:*:*:*:*:*:*:*", - "matchCriteriaId": "397C75CA-D217-4617-B8B1-80F74CFB04CE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:rdkcentral:rdk-b:2022q3:*:*:*:*:*:*:*", - "matchCriteriaId": "A1488152-CC93-40DF-8D1F-BF33DC8444FF" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*", - "matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", - "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*", - "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:openwrt:openwrt:19.07.0:-:*:*:*:*:*:*", - "matchCriteriaId": "4FA469E2-9E63-4C9A-8EBA-10C8C870063A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:openwrt:openwrt:21.02.0:-:*:*:*:*:*:*", - "matchCriteriaId": "F0133207-2EED-4625-854F-8DB7770D5BF7" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt2713:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7D1135F9-E38C-4308-BD32-A4D83959282E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7F1D09FC-5BE9-4B23-82F1-3C6EAC5711A6" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*", - "matchCriteriaId": "19A63103-C708-48EC-B44D-5E465A6B79C5" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*", - "matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*", - "matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*", - "matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", - "matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*", - "matchCriteriaId": "68CF4A7A-3136-4C4C-A795-81323896BE11" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*", - "matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AF3E2B84-DAFE-4E11-B23B-026F719475F5" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*", - "matchCriteriaId": "171D1C08-F055-44C0-913C-AA2B73AF5B72" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*", - "matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1A76806D-A4E3-466A-90CB-E9FFE478E7A0" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*", - "matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*", - "matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*", - "matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8188:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BA3D4A45-38EE-4125-AE67-89D1C707F95A" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ED210E64-6CE7-42B1-849E-68C0E22521F6" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*", - "matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*", - "matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*", - "matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8395:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D98FBE1C-D57B-49D9-9C4E-8A133A0C1C89" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*", - "matchCriteriaId": "152F6606-FA23-4530-AA07-419866B74CB3" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*", - "matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*", - "matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/corp.mediatek.com\/product-security-bulletin\/September-2023", - "source": "security@mediatek.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-20822", - "sourceIdentifier": "security@mediatek.com", - "published": "2023-09-04T03:15:08.647", - "lastModified": "2023-09-07T19:14:27.697", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "In netdagent, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07944012; Issue ID: ALPS07944012." - }, - { - "lang": "es", - "value": "En netdagent, existe una posible divulgación de información debido a una comprobación de límites omitida. Esto podría conducir a la divulgación de información local con privilegios de ejecución del sistema necesarios. No es necesaria la interacción del usuario para su explotación. ID del parche: ALPS07944012; ID de la incidencia: ALPS07944012." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:H\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 6.7, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 0.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-787" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", - "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*", - "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*", - "matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*", - "matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*", - "matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*", - "matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ED210E64-6CE7-42B1-849E-68C0E22521F6" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8195z:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9B3A37B9-F500-4B3C-B77C-B2BD7B015154" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/corp.mediatek.com\/product-security-bulletin\/September-2023", - "source": "security@mediatek.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-20823", - "sourceIdentifier": "security@mediatek.com", - "published": "2023-09-04T03:15:08.773", - "lastModified": "2023-09-07T19:06:39.267", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "In cmdq, there is a possible out of bounds read due to an incorrect status check. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08021592; Issue ID: ALPS08021592." - }, - { - "lang": "es", - "value": "En cmdq, existe una posible lectura fuera de límites debido a una comprobación de estado incorrecta. Esto podría conducir a una denegación de servicio local con privilegios de ejecución del sistema necesarios. No es necesaria la interacción del usuario para su explotación. ID del parche: ALPS08021592; ID de la incidencia: LPS08021592. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:H\/UI:N\/S:U\/C:N\/I:N\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "availabilityImpact": "HIGH", - "baseScore": 4.4, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 0.8, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-125" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", - "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*", - "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*", - "matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*", - "matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*", - "matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*", - "matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*", - "matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*", - "matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/corp.mediatek.com\/product-security-bulletin\/September-2023", - "source": "security@mediatek.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-20824", - "sourceIdentifier": "security@mediatek.com", - "published": "2023-09-04T03:15:08.893", - "lastModified": "2023-09-07T19:06:55.563", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "In duraspeed, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with no additional execution privilege needed. User interaction is not needed for exploitation. Patch ID: ALPS07951402; Issue ID: ALPS07951402." - }, - { - "lang": "es", - "value": "En duraspeed, existe una posible divulgación de información debido a la falta de comprobación de permisos. Esto podría conducir a la divulgación de información local sin necesidad de privilegios de ejecución adicionales. No es necesaria la interacción del usuario para su explotación. ID del parche: ALPS07951402; ID de la incidencia: ALPS07951402." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 5.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.8, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-862" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", - "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*", - "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt2713:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7D1135F9-E38C-4308-BD32-A4D83959282E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*", - "matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*", - "matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*", - "matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*", - "matchCriteriaId": "19A63103-C708-48EC-B44D-5E465A6B79C5" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*", - "matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*", - "matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*", - "matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", - "matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*", - "matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AF3E2B84-DAFE-4E11-B23B-026F719475F5" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*", - "matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*", - "matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8188:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BA3D4A45-38EE-4125-AE67-89D1C707F95A" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ED210E64-6CE7-42B1-849E-68C0E22521F6" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*", - "matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*", - "matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*", - "matchCriteriaId": "152F6606-FA23-4530-AA07-419866B74CB3" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*", - "matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/corp.mediatek.com\/product-security-bulletin\/September-2023", - "source": "security@mediatek.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-20825", - "sourceIdentifier": "security@mediatek.com", - "published": "2023-09-04T03:15:09.023", - "lastModified": "2023-09-07T19:14:16.880", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "In duraspeed, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with no additional execution privilege needed. User interaction is not needed for exploitation. Patch ID: ALPS07951402; Issue ID: ALPS07951413." - }, - { - "lang": "es", - "value": "En duraspeed, existe una posible divulgación de información debido a la falta de comprobación de permisos. Esto podría conducir a la divulgación de información local sin necesidad de privilegios de ejecución adicionales. No es necesaria la interacción del usuario para su explotación. ID del parche: ALPS07951402; ID de la incidencia: ALPS07951413." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 5.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.8, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-862" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", - "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*", - "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt2713:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7D1135F9-E38C-4308-BD32-A4D83959282E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*", - "matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*", - "matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*", - "matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*", - "matchCriteriaId": "19A63103-C708-48EC-B44D-5E465A6B79C5" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*", - "matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*", - "matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*", - "matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", - "matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*", - "matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AF3E2B84-DAFE-4E11-B23B-026F719475F5" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*", - "matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*", - "matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8188:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BA3D4A45-38EE-4125-AE67-89D1C707F95A" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ED210E64-6CE7-42B1-849E-68C0E22521F6" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*", - "matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*", - "matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*", - "matchCriteriaId": "152F6606-FA23-4530-AA07-419866B74CB3" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*", - "matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/corp.mediatek.com\/product-security-bulletin\/September-2023", - "source": "security@mediatek.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-20826", - "sourceIdentifier": "security@mediatek.com", - "published": "2023-09-04T03:15:09.137", - "lastModified": "2023-09-07T19:13:15.787", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "In cta, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with no additional execution privilege needed. User interaction is not needed for exploitation. Patch ID: ALPS07978550; Issue ID: ALPS07978550." - }, - { - "lang": "es", - "value": "En cta,existe una posible divulgación de información debido a la falta de comprobación de permisos. Esto podría conducir a la divulgación de información local sin necesidad de privilegios de ejecución adicionales. No es necesaria la interacción del usuario para su explotación. ID del parche:ALPS07978550; ID de la incidencia: ALPS07978550." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 5.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.8, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-862" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", - "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*", - "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*", - "matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*", - "matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*", - "matchCriteriaId": "19A63103-C708-48EC-B44D-5E465A6B79C5" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*", - "matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*", - "matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*", - "matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", - "matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*", - "matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AF3E2B84-DAFE-4E11-B23B-026F719475F5" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*", - "matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8188:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BA3D4A45-38EE-4125-AE67-89D1C707F95A" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ED210E64-6CE7-42B1-849E-68C0E22521F6" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*", - "matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*", - "matchCriteriaId": "152F6606-FA23-4530-AA07-419866B74CB3" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/corp.mediatek.com\/product-security-bulletin\/September-2023", - "source": "security@mediatek.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-20827", - "sourceIdentifier": "security@mediatek.com", - "published": "2023-09-04T03:15:09.270", - "lastModified": "2023-09-07T19:13:24.850", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "In ims service, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07937105; Issue ID: ALPS07937105." - }, - { - "lang": "es", - "value": "En el servicio ims, existe una posible corrupción de memoria debido a una condición de carrera. Esto podría llevar a una escalada local de privilegios con necesidad de privilegios de ejecución del sistema. No es necesaria la interacción del usuario para su explotación. ID del parche: ALPS07937105; ID de la incidencia: ALPS07937105." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:H\/PR:H\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "HIGH", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 6.4, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 0.5, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-362" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", - "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*", - "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*", - "matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*", - "matchCriteriaId": "19A63103-C708-48EC-B44D-5E465A6B79C5" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*", - "matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*", - "matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*", - "matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*", - "matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", - "matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*", - "matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AF3E2B84-DAFE-4E11-B23B-026F719475F5" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*", - "matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*", - "matchCriteriaId": "152F6606-FA23-4530-AA07-419866B74CB3" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/corp.mediatek.com\/product-security-bulletin\/September-2023", - "source": "security@mediatek.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-20828", - "sourceIdentifier": "security@mediatek.com", - "published": "2023-09-04T03:15:09.413", - "lastModified": "2023-09-07T19:13:33.270", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08014144; Issue ID: ALPS08014144." - }, - { - "lang": "es", - "value": "en gps,existe una posible escritura fuera de límites debido a una comprobación de límites faltantes. Esto podría conducir a una escalada local de privilegios sin necesidad de permisos de ejecución adicionales. La interacción del usuario no es necesaria para la explotación. ID de parche: ALPS08014144; ID del problema: ALPS08014144." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:H\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 6.7, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 0.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-787" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:linuxfoundation:yocto:2.6:*:*:*:*:*:*:*", - "matchCriteriaId": "397C75CA-D217-4617-B8B1-80F74CFB04CE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:rdkcentral:rdk-b:2022q3:*:*:*:*:*:*:*", - "matchCriteriaId": "A1488152-CC93-40DF-8D1F-BF33DC8444FF" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", - "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*", - "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:openwrt:openwrt:19.07.0:-:*:*:*:*:*:*", - "matchCriteriaId": "4FA469E2-9E63-4C9A-8EBA-10C8C870063A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:openwrt:openwrt:21.02.0:-:*:*:*:*:*:*", - "matchCriteriaId": "F0133207-2EED-4625-854F-8DB7770D5BF7" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7F1D09FC-5BE9-4B23-82F1-3C6EAC5711A6" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*", - "matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*", - "matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*", - "matchCriteriaId": "19A63103-C708-48EC-B44D-5E465A6B79C5" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*", - "matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*", - "matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*", - "matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*", - "matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", - "matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*", - "matchCriteriaId": "68CF4A7A-3136-4C4C-A795-81323896BE11" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*", - "matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AF3E2B84-DAFE-4E11-B23B-026F719475F5" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*", - "matchCriteriaId": "171D1C08-F055-44C0-913C-AA2B73AF5B72" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*", - "matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1A76806D-A4E3-466A-90CB-E9FFE478E7A0" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*", - "matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*", - "matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*", - "matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/corp.mediatek.com\/product-security-bulletin\/September-2023", - "source": "security@mediatek.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-20829", - "sourceIdentifier": "security@mediatek.com", - "published": "2023-09-04T03:15:09.527", - "lastModified": "2023-09-07T19:07:12.237", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08014144; Issue ID: ALPS08014148." - }, - { - "lang": "es", - "value": "En GPS, existe una posible escritura fuera de límites debido a una inexistente comprobación de límites. Esto podría llevar a una escalada local de privilegios con necesidad de privilegios de ejecución del sistema. No es necesaria la interacción del usuario para su explotación. ID del parche: ALPS08014144; ID de la incidencia: ALPS08014148." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:H\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 6.7, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 0.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-787" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:linuxfoundation:yocto:2.6:*:*:*:*:*:*:*", - "matchCriteriaId": "397C75CA-D217-4617-B8B1-80F74CFB04CE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:rdkcentral:rdk-b:2022q3:*:*:*:*:*:*:*", - "matchCriteriaId": "A1488152-CC93-40DF-8D1F-BF33DC8444FF" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", - "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*", - "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:openwrt:openwrt:19.07.0:-:*:*:*:*:*:*", - "matchCriteriaId": "4FA469E2-9E63-4C9A-8EBA-10C8C870063A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:openwrt:openwrt:21.02.0:-:*:*:*:*:*:*", - "matchCriteriaId": "F0133207-2EED-4625-854F-8DB7770D5BF7" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7F1D09FC-5BE9-4B23-82F1-3C6EAC5711A6" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*", - "matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*", - "matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*", - "matchCriteriaId": "19A63103-C708-48EC-B44D-5E465A6B79C5" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*", - "matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*", - "matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*", - "matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*", - "matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", - "matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*", - "matchCriteriaId": "68CF4A7A-3136-4C4C-A795-81323896BE11" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*", - "matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AF3E2B84-DAFE-4E11-B23B-026F719475F5" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*", - "matchCriteriaId": "171D1C08-F055-44C0-913C-AA2B73AF5B72" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*", - "matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1A76806D-A4E3-466A-90CB-E9FFE478E7A0" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*", - "matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*", - "matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*", - "matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/corp.mediatek.com\/product-security-bulletin\/September-2023", - "source": "security@mediatek.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-20830", - "sourceIdentifier": "security@mediatek.com", - "published": "2023-09-04T03:15:09.650", - "lastModified": "2023-09-07T19:07:25.423", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08014144; Issue ID: ALPS08014156." - }, - { - "lang": "es", - "value": "En gps, existe una posible escritura fuera de los límites debido a una falta de verificación de los límites. Esto podría conducir a una escalada local de privilegios con permisos de ejecución de System necesarios. La interacción del usuario no es necesaria para la explotación.ID de parche: ALPS08014144; ID del problema: ALPS08014156." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:H\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 6.7, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 0.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-787" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:linuxfoundation:yocto:2.6:*:*:*:*:*:*:*", - "matchCriteriaId": "397C75CA-D217-4617-B8B1-80F74CFB04CE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:rdkcentral:rdk-b:2022q3:*:*:*:*:*:*:*", - "matchCriteriaId": "A1488152-CC93-40DF-8D1F-BF33DC8444FF" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", - "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*", - "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:openwrt:openwrt:19.07.0:-:*:*:*:*:*:*", - "matchCriteriaId": "4FA469E2-9E63-4C9A-8EBA-10C8C870063A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:openwrt:openwrt:21.02.0:-:*:*:*:*:*:*", - "matchCriteriaId": "F0133207-2EED-4625-854F-8DB7770D5BF7" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt2713:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7D1135F9-E38C-4308-BD32-A4D83959282E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7F1D09FC-5BE9-4B23-82F1-3C6EAC5711A6" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*", - "matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*", - "matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*", - "matchCriteriaId": "19A63103-C708-48EC-B44D-5E465A6B79C5" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*", - "matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*", - "matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*", - "matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*", - "matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", - "matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*", - "matchCriteriaId": "68CF4A7A-3136-4C4C-A795-81323896BE11" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*", - "matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AF3E2B84-DAFE-4E11-B23B-026F719475F5" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*", - "matchCriteriaId": "171D1C08-F055-44C0-913C-AA2B73AF5B72" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*", - "matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1A76806D-A4E3-466A-90CB-E9FFE478E7A0" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*", - "matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ED210E64-6CE7-42B1-849E-68C0E22521F6" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*", - "matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*", - "matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/corp.mediatek.com\/product-security-bulletin\/September-2023", - "source": "security@mediatek.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-20831", - "sourceIdentifier": "security@mediatek.com", - "published": "2023-09-04T03:15:09.770", - "lastModified": "2023-09-07T19:07:47.907", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08014144; Issue ID: ALPS08014162." - }, - { - "lang": "es", - "value": "En gps, existe una posible escritura fuera de límites debido a una comprobación de límites omitida. Esto podría llevar a una escalada local de privilegios con necesidad de privilegios de ejecución del sistema. No es necesaria la interacción del usuario para su explotación. ID del parche: ALPS08014144; ID de la incidencia: ALPS08014162. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:H\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 6.7, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 0.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-787" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:linuxfoundation:yocto:2.6:*:*:*:*:*:*:*", - "matchCriteriaId": "397C75CA-D217-4617-B8B1-80F74CFB04CE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:rdkcentral:rdk-b:2022q3:*:*:*:*:*:*:*", - "matchCriteriaId": "A1488152-CC93-40DF-8D1F-BF33DC8444FF" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", - "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*", - "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:openwrt:openwrt:19.07.0:-:*:*:*:*:*:*", - "matchCriteriaId": "4FA469E2-9E63-4C9A-8EBA-10C8C870063A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:openwrt:openwrt:21.02.0:-:*:*:*:*:*:*", - "matchCriteriaId": "F0133207-2EED-4625-854F-8DB7770D5BF7" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7F1D09FC-5BE9-4B23-82F1-3C6EAC5711A6" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*", - "matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*", - "matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*", - "matchCriteriaId": "19A63103-C708-48EC-B44D-5E465A6B79C5" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*", - "matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*", - "matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*", - "matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*", - "matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", - "matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*", - "matchCriteriaId": "68CF4A7A-3136-4C4C-A795-81323896BE11" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*", - "matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AF3E2B84-DAFE-4E11-B23B-026F719475F5" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*", - "matchCriteriaId": "171D1C08-F055-44C0-913C-AA2B73AF5B72" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*", - "matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1A76806D-A4E3-466A-90CB-E9FFE478E7A0" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*", - "matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*", - "matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ED210E64-6CE7-42B1-849E-68C0E22521F6" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*", - "matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/corp.mediatek.com\/product-security-bulletin\/September-2023", - "source": "security@mediatek.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-20832", - "sourceIdentifier": "security@mediatek.com", - "published": "2023-09-04T03:15:09.873", - "lastModified": "2023-09-07T19:08:10.287", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08014144; Issue ID: ALPS08013530." - }, - { - "lang": "es", - "value": "En gps, existe una posible escritura fuera de los límites debido a una falta de verificación de los límites. Esto podría conducir a una escalada local de privilegios con permisos de ejecución de System necesarios. La interacción del usuario no es necesaria para la explotación. ID de parche: ALPS08014144; ID del problema: ALPS08013530." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:H\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 6.7, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 0.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-787" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:linuxfoundation:yocto:2.6:*:*:*:*:*:*:*", - "matchCriteriaId": "397C75CA-D217-4617-B8B1-80F74CFB04CE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:rdkcentral:rdk-b:2022q3:*:*:*:*:*:*:*", - "matchCriteriaId": "A1488152-CC93-40DF-8D1F-BF33DC8444FF" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", - "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*", - "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:openwrt:openwrt:19.07.0:-:*:*:*:*:*:*", - "matchCriteriaId": "4FA469E2-9E63-4C9A-8EBA-10C8C870063A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:openwrt:openwrt:21.02.0:-:*:*:*:*:*:*", - "matchCriteriaId": "F0133207-2EED-4625-854F-8DB7770D5BF7" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7F1D09FC-5BE9-4B23-82F1-3C6EAC5711A6" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*", - "matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*", - "matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*", - "matchCriteriaId": "19A63103-C708-48EC-B44D-5E465A6B79C5" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*", - "matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*", - "matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*", - "matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*", - "matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", - "matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*", - "matchCriteriaId": "68CF4A7A-3136-4C4C-A795-81323896BE11" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*", - "matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AF3E2B84-DAFE-4E11-B23B-026F719475F5" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*", - "matchCriteriaId": "171D1C08-F055-44C0-913C-AA2B73AF5B72" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*", - "matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1A76806D-A4E3-466A-90CB-E9FFE478E7A0" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*", - "matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*", - "matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ED210E64-6CE7-42B1-849E-68C0E22521F6" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*", - "matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/corp.mediatek.com\/product-security-bulletin\/September-2023", - "source": "security@mediatek.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-20833", - "sourceIdentifier": "security@mediatek.com", - "published": "2023-09-04T03:15:10.010", - "lastModified": "2023-09-07T19:08:21.983", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "In keyinstall, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08017756; Issue ID: ALPS08017764." - }, - { - "lang": "es", - "value": "En keyinstall, existe una posible divulgación de información debido a una comprobación de límites omitida. Esto podría conducir a la divulgación de información local con privilegios de ejecución del sistema necesarios. No es necesaria la interacción del usuario para su explotación. ID del parche: ALPS08017756; ID de la incidencia: ALPS08017764." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:H\/UI:N\/S:U\/C:H\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 4.4, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 0.8, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-862" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", - "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*", - "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*", - "matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6731:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8BF784DB-3560-4045-BB32-F12DCF4C43B1" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4E76B29F-007E-4445-B3F3-3FDC054FEB84" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7362AED0-47F2-4D48-A292-89F717F0697E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B4C27948-65A7-4B1E-9F10-6744D176A5C3" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6757c:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D808EF4D-0A54-4324-8341-240F7AFABC40" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6757cd:-:*:*:*:*:*:*:*", - "matchCriteriaId": "64EDB89E-8140-4202-97B3-9D7337E90FDE" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6757ch:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D2C5CC4F-DA66-4980-A4BB-693987431A38" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*", - "matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*", - "matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*", - "matchCriteriaId": "19A63103-C708-48EC-B44D-5E465A6B79C5" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*", - "matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*", - "matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*", - "matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*", - "matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", - "matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*", - "matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AF3E2B84-DAFE-4E11-B23B-026F719475F5" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*", - "matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*", - "matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*", - "matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*", - "matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*", - "matchCriteriaId": "152F6606-FA23-4530-AA07-419866B74CB3" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*", - "matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*", - "matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/corp.mediatek.com\/product-security-bulletin\/September-2023", - "source": "security@mediatek.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-20834", - "sourceIdentifier": "security@mediatek.com", - "published": "2023-09-04T03:15:10.063", - "lastModified": "2023-09-07T19:08:44.343", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "In pda, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07608514; Issue ID: ALPS07608514." - }, - { - "lang": "es", - "value": "En pda, existe un posible use after free debido a una condición de ejecución. Esto podría llevar a una escalada local de privilegios con necesidad de privilegios de ejecución del sistema. No es necesaria la interacción del usuario para la explotación. ID de parche: ALPS07608514; ID del problema: ALPS07608514." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:H\/PR:H\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "HIGH", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 6.4, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 0.5, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-362" - }, - { - "lang": "en", - "value": "CWE-416" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", - "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*", - "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", - "matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AF3E2B84-DAFE-4E11-B23B-026F719475F5" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*", - "matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8188:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BA3D4A45-38EE-4125-AE67-89D1C707F95A" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ED210E64-6CE7-42B1-849E-68C0E22521F6" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*", - "matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*", - "matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/corp.mediatek.com\/product-security-bulletin\/September-2023", - "source": "security@mediatek.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-20835", - "sourceIdentifier": "security@mediatek.com", - "published": "2023-09-04T03:15:10.183", - "lastModified": "2023-09-07T19:13:46.380", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "In camsys, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07341261; Issue ID: ALPS07326570." - }, - { - "lang": "es", - "value": "En camsys, existe un posible Use After Free debido a una condición de carrera. Esto podría llevar a una escalada local de privilegios con necesidad de privilegios de ejecución del sistema. No es necesaria la interacción del usuario para la explotación. ID del parche: ALPS07341261; ID de la incidencia: ALPS07326570. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:H\/PR:H\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "HIGH", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 6.4, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 0.5, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-362" - }, - { - "lang": "en", - "value": "CWE-416" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*", - "matchCriteriaId": "437D8F9D-67DF-47A5-9C96-5B51D1562951" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:mediatek:iot_yocto:23.0:*:*:*:*:*:*:*", - "matchCriteriaId": "3C9ED712-53EF-4AF7-AB45-A87B50F6BE16" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", - "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*", - "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8188:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BA3D4A45-38EE-4125-AE67-89D1C707F95A" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ED210E64-6CE7-42B1-849E-68C0E22521F6" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8395:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D98FBE1C-D57B-49D9-9C4E-8A133A0C1C89" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*", - "matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/corp.mediatek.com\/product-security-bulletin\/September-2023", - "source": "security@mediatek.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-20836", - "sourceIdentifier": "security@mediatek.com", - "published": "2023-09-04T03:15:10.257", - "lastModified": "2023-09-07T19:14:40.490", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "In camsys, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07505629; Issue ID: ALPS07505629." - }, - { - "lang": "es", - "value": "En camsys, hay una posible lectura fuera de los límites debido a una verificación de los límites faltantes Esto podría conducir a la divulgación de información local con privilegios de ejecución del sistema necesarios. La interacción del usuario no es necesaria para la explotación. ID de parche: ALPS07505629; ID del problema: ALPS07505629." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:H\/UI:N\/S:U\/C:H\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 4.4, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 0.8, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-125" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*", - "matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", - "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*", - "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*", - "matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*", - "matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*", - "matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*", - "matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/corp.mediatek.com\/product-security-bulletin\/September-2023", - "source": "security@mediatek.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-20837", - "sourceIdentifier": "security@mediatek.com", - "published": "2023-09-04T03:15:10.430", - "lastModified": "2023-09-07T14:39:00.457", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "In seninf, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07992786; Issue ID: ALPS07992786." - }, - { - "lang": "es", - "value": "En seninf, existe una posible escritura fuera de los límites debido a una comprobación de límites omitida. Esto podría llevar a una escalada local de privilegios con necesidad de privilegios de ejecución del sistema. No es necesaria la interacción del usuario para su explotación. ID del parche: ALPS07992786; ID de la incidencia: ALPS07992786." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:H\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 6.7, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 0.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-787" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", - "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*", - "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*", - "matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*", - "matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*", - "matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*", - "matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*", - "matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*", - "matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/corp.mediatek.com\/product-security-bulletin\/September-2023", - "source": "security@mediatek.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-20838", - "sourceIdentifier": "security@mediatek.com", - "published": "2023-09-04T03:15:10.560", - "lastModified": "2023-09-07T14:41:14.693", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "In imgsys, there is a possible out of bounds read due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07326455; Issue ID: ALPS07326418." - }, - { - "lang": "es", - "value": "En imgsys, existe una posible lectura fuera de límites debido a una condición de carrera. Esto podría conducir a la divulgación de información local con privilegios de ejecución del sistema necesarios. Se necesita la interacción del usuario para la explotación. ID de parche: ALPS07326455; ID del problema: ALPS07326418." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:H\/PR:H\/UI:R\/S:U\/C:H\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "HIGH", - "privilegesRequired": "HIGH", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 4.0, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 0.3, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-125" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:linuxfoundation:yocto:3.1:*:*:*:*:*:*:*", - "matchCriteriaId": "B2EECB3C-723A-492D-A6D7-6A1A73EDBFDF" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:linuxfoundation:yocto:3.3:*:*:*:*:*:*:*", - "matchCriteriaId": "2385F2C9-3EA1-424B-AB8D-A672BF1CBE56" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*", - "matchCriteriaId": "437D8F9D-67DF-47A5-9C96-5B51D1562951" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", - "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*", - "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:linux:linux_kernel:4.19:-:*:*:*:*:*:*", - "matchCriteriaId": "CFDAD450-8799-4C2D-80CE-2AA45DEC35CE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt2713:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7D1135F9-E38C-4308-BD32-A4D83959282E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt5221:-:*:*:*:*:*:*:*", - "matchCriteriaId": "518D4593-D5E2-489C-92C3-343716A621E9" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*", - "matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*", - "matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", - "matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*", - "matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*", - "matchCriteriaId": "171D1C08-F055-44C0-913C-AA2B73AF5B72" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*", - "matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*", - "matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*", - "matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8188:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BA3D4A45-38EE-4125-AE67-89D1C707F95A" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8188t:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A4675A09-0147-4690-8AA1-E3802CA1B3EB" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ED210E64-6CE7-42B1-849E-68C0E22521F6" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*", - "matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*", - "matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*", - "matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8518s:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6069CD03-6AB1-4A06-88CF-EFBDEA84CDE2" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8532:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EE18D5C2-0423-4CE5-86E7-69E7BB131BBF" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*", - "matchCriteriaId": "152F6606-FA23-4530-AA07-419866B74CB3" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*", - "matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/corp.mediatek.com\/product-security-bulletin\/September-2023", - "source": "security@mediatek.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-20839", - "sourceIdentifier": "security@mediatek.com", - "published": "2023-09-04T03:15:10.677", - "lastModified": "2023-09-07T14:41:27.213", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "In imgsys, there is a possible out of bounds read due to a missing valid range checking. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07326455; Issue ID: ALPS07326409." - }, - { - "lang": "es", - "value": "En imgsys, existe una posible lectura fuera de los límites debido a una falta de comprobación de rango válido. Esto podría conducir a la divulgación de información local con privilegios de ejecución del sistema necesarios. Se necesita la interacción del usuario para la explotación. ID del parche: ALPS07326455; ID de la incidencia: ALPS07326409. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:H\/UI:R\/S:U\/C:H\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 4.2, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 0.6, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-125" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*", - "matchCriteriaId": "437D8F9D-67DF-47A5-9C96-5B51D1562951" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:mediatek:iot_yocto:23.0:*:*:*:*:*:*:*", - "matchCriteriaId": "3C9ED712-53EF-4AF7-AB45-A87B50F6BE16" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*", - "matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", - "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:-:*:*:*:*:*:*", - "matchCriteriaId": "DE093B34-F4CD-4052-8122-730D6537A91A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt2713:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7D1135F9-E38C-4308-BD32-A4D83959282E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2A7D8055-F4B6-41EE-A078-11D56285AB66" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8188:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BA3D4A45-38EE-4125-AE67-89D1C707F95A" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ED210E64-6CE7-42B1-849E-68C0E22521F6" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8395:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D98FBE1C-D57B-49D9-9C4E-8A133A0C1C89" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*", - "matchCriteriaId": "152F6606-FA23-4530-AA07-419866B74CB3" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/corp.mediatek.com\/product-security-bulletin\/September-2023", - "source": "security@mediatek.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-20840", - "sourceIdentifier": "security@mediatek.com", - "published": "2023-09-04T03:15:10.827", - "lastModified": "2023-09-07T14:38:08.260", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "In imgsys, there is a possible out of bounds read and write due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07326430; Issue ID: ALPS07326430." - }, - { - "lang": "es", - "value": "En imgsys, existe una posible lectura y escritura fuera de límites debido a que falta una verificación de rango válido. Esto podría conducir a una escalada local de privilegios con privilegios de ejecución del sistema necesarios. Se necesita la interacción del usuario para la explotación. ID de parche: ALPS07326430; ID del problema: ALPS07326430." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:H\/UI:R\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 6.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 0.6, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-125" - }, - { - "lang": "en", - "value": "CWE-787" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*", - "matchCriteriaId": "437D8F9D-67DF-47A5-9C96-5B51D1562951" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:mediatek:iot_yocto:23.0:*:*:*:*:*:*:*", - "matchCriteriaId": "3C9ED712-53EF-4AF7-AB45-A87B50F6BE16" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*", - "matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", - "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:-:*:*:*:*:*:*", - "matchCriteriaId": "DE093B34-F4CD-4052-8122-730D6537A91A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2A7D8055-F4B6-41EE-A078-11D56285AB66" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8188:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BA3D4A45-38EE-4125-AE67-89D1C707F95A" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ED210E64-6CE7-42B1-849E-68C0E22521F6" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8395:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D98FBE1C-D57B-49D9-9C4E-8A133A0C1C89" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/corp.mediatek.com\/product-security-bulletin\/September-2023", - "source": "security@mediatek.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-20841", - "sourceIdentifier": "security@mediatek.com", - "published": "2023-09-04T03:15:11.003", - "lastModified": "2023-09-07T14:38:22.917", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "In imgsys, there is a possible out of bounds write due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07326455; Issue ID: ALPS07326441." - }, - { - "lang": "es", - "value": "En imgsys, hay una posible escritura fuera de los límites debido a una falta de comprobación de rango válido. Esto podría llevar a una escalada local de privilegios con necesidad de privilegios de ejecución del sistema. Se necesita la interacción del usuario para la explotación. ID del parche: ALPS07326455; ID de la incidencia: ALPS07326441. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:H\/UI:R\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 6.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 0.6, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-787" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*", - "matchCriteriaId": "437D8F9D-67DF-47A5-9C96-5B51D1562951" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:mediatek:iot_yocto:23.0:*:*:*:*:*:*:*", - "matchCriteriaId": "3C9ED712-53EF-4AF7-AB45-A87B50F6BE16" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*", - "matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", - "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:-:*:*:*:*:*:*", - "matchCriteriaId": "DE093B34-F4CD-4052-8122-730D6537A91A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt2713:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7D1135F9-E38C-4308-BD32-A4D83959282E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2A7D8055-F4B6-41EE-A078-11D56285AB66" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8188:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BA3D4A45-38EE-4125-AE67-89D1C707F95A" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ED210E64-6CE7-42B1-849E-68C0E22521F6" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8395:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D98FBE1C-D57B-49D9-9C4E-8A133A0C1C89" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*", - "matchCriteriaId": "152F6606-FA23-4530-AA07-419866B74CB3" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/corp.mediatek.com\/product-security-bulletin\/September-2023", - "source": "security@mediatek.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-20842", - "sourceIdentifier": "security@mediatek.com", - "published": "2023-09-04T03:15:11.163", - "lastModified": "2023-09-07T14:38:36.610", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "In imgsys_cmdq, there is a possible out of bounds write due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07354259; Issue ID: ALPS07340477." - }, - { - "lang": "es", - "value": "En imgsys_cmdq, existe una posible escritura fuera de límites debido a que falta una verificación de rango válido. Esto podría conducir a una escalada local de privilegios con privilegios de ejecución del sistema necesarios. Se necesita la interacción del usuario para la explotación. ID de parche: ALPS07354259; ID del problema: ALPS07340477." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:H\/UI:R\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 6.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 0.6, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-787" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*", - "matchCriteriaId": "437D8F9D-67DF-47A5-9C96-5B51D1562951" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:mediatek:iot_yocto:23.0:*:*:*:*:*:*:*", - "matchCriteriaId": "3C9ED712-53EF-4AF7-AB45-A87B50F6BE16" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*", - "matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", - "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:-:*:*:*:*:*:*", - "matchCriteriaId": "DE093B34-F4CD-4052-8122-730D6537A91A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt2713:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7D1135F9-E38C-4308-BD32-A4D83959282E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2A7D8055-F4B6-41EE-A078-11D56285AB66" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8188:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BA3D4A45-38EE-4125-AE67-89D1C707F95A" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ED210E64-6CE7-42B1-849E-68C0E22521F6" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8395:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D98FBE1C-D57B-49D9-9C4E-8A133A0C1C89" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*", - "matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/corp.mediatek.com\/product-security-bulletin\/September-2023", - "source": "security@mediatek.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-20843", - "sourceIdentifier": "security@mediatek.com", - "published": "2023-09-04T03:15:11.343", - "lastModified": "2023-09-07T14:41:36.843", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07340119; Issue ID: ALPS07340119." - }, - { - "lang": "es", - "value": "En imgsys_cmdq, existe una posible lectura fuera de los límites debido a la falta de comprobación de rango válido. Esto podría conducir a la divulgación de información local con privilegios de ejecución del sistema necesarios. Se necesita la interacción del usuario para su explotación. ID del parche: ALPS07340119; ID de la incidencia: ALPS07340119. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:H\/UI:R\/S:U\/C:H\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 4.2, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 0.6, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-125" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*", - "matchCriteriaId": "437D8F9D-67DF-47A5-9C96-5B51D1562951" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:mediatek:iot_yocto:23.0:*:*:*:*:*:*:*", - "matchCriteriaId": "3C9ED712-53EF-4AF7-AB45-A87B50F6BE16" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*", - "matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", - "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:-:*:*:*:*:*:*", - "matchCriteriaId": "DE093B34-F4CD-4052-8122-730D6537A91A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2A7D8055-F4B6-41EE-A078-11D56285AB66" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8188:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BA3D4A45-38EE-4125-AE67-89D1C707F95A" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ED210E64-6CE7-42B1-849E-68C0E22521F6" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8395:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D98FBE1C-D57B-49D9-9C4E-8A133A0C1C89" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*", - "matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/corp.mediatek.com\/product-security-bulletin\/September-2023", - "source": "security@mediatek.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-20844", - "sourceIdentifier": "security@mediatek.com", - "published": "2023-09-04T03:15:11.443", - "lastModified": "2023-09-07T14:41:45.870", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07354058; Issue ID: ALPS07340121." - }, - { - "lang": "es", - "value": "En imgsys_cmdq, existe una posible lectura fuera de los límites debido a la falta de comprobación de rango válido. Esto podría conducir a la divulgación de información local con privilegios de ejecución del sistema necesarios. Se necesita la interacción del usuario para su explotación. ID del parche: ALPS07354058; ID de la incidencia: ALPS07340121." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:H\/UI:R\/S:U\/C:H\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 4.2, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 0.6, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-125" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*", - "matchCriteriaId": "437D8F9D-67DF-47A5-9C96-5B51D1562951" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:mediatek:iot_yocto:23.0:*:*:*:*:*:*:*", - "matchCriteriaId": "3C9ED712-53EF-4AF7-AB45-A87B50F6BE16" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*", - "matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", - "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:-:*:*:*:*:*:*", - "matchCriteriaId": "DE093B34-F4CD-4052-8122-730D6537A91A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2A7D8055-F4B6-41EE-A078-11D56285AB66" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8188:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BA3D4A45-38EE-4125-AE67-89D1C707F95A" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ED210E64-6CE7-42B1-849E-68C0E22521F6" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8395:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D98FBE1C-D57B-49D9-9C4E-8A133A0C1C89" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*", - "matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/corp.mediatek.com\/product-security-bulletin\/September-2023", - "source": "security@mediatek.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-20845", - "sourceIdentifier": "security@mediatek.com", - "published": "2023-09-04T03:15:11.523", - "lastModified": "2023-09-07T14:41:57.077", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "In imgsys, there is a possible out of bounds read due to a missing valid range checking. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07197795; Issue ID: ALPS07340357." - }, - { - "lang": "es", - "value": "En imgsys, existe una posible lectura fuera de los límites debido a una falta de comprobación de rango válido. Esto podría conducir a la divulgación de información local con privilegios de ejecución del sistema necesarios. Se necesita la interacción del usuario para la explotación. ID del parche: ALPS07197795; ID de la incidencia: ALPS07340357." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:H\/UI:R\/S:U\/C:H\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 4.2, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 0.6, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-125" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*", - "matchCriteriaId": "437D8F9D-67DF-47A5-9C96-5B51D1562951" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:mediatek:iot_yocto:23.0:*:*:*:*:*:*:*", - "matchCriteriaId": "3C9ED712-53EF-4AF7-AB45-A87B50F6BE16" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*", - "matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", - "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:-:*:*:*:*:*:*", - "matchCriteriaId": "DE093B34-F4CD-4052-8122-730D6537A91A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2A7D8055-F4B6-41EE-A078-11D56285AB66" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8188:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BA3D4A45-38EE-4125-AE67-89D1C707F95A" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ED210E64-6CE7-42B1-849E-68C0E22521F6" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8395:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D98FBE1C-D57B-49D9-9C4E-8A133A0C1C89" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/corp.mediatek.com\/product-security-bulletin\/September-2023", - "source": "security@mediatek.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-20846", - "sourceIdentifier": "security@mediatek.com", - "published": "2023-09-04T03:15:11.637", - "lastModified": "2023-09-07T14:42:09.063", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07354023; Issue ID: ALPS07340098." - }, - { - "lang": "es", - "value": "En imgsys_cmdq, existe una posible lectura fuera de los límites debido a la falta de comprobación de rango válido. Esto podría conducir a la divulgación de información local con privilegios de ejecución del sistema necesarios. Se necesita la interacción del usuario para su explotación. ID del parche: ALPS07354023; ID de la incidencia: ALPS07340098." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:H\/UI:R\/S:U\/C:H\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 4.2, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 0.6, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-125" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*", - "matchCriteriaId": "437D8F9D-67DF-47A5-9C96-5B51D1562951" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:mediatek:iot_yocto:23.0:*:*:*:*:*:*:*", - "matchCriteriaId": "3C9ED712-53EF-4AF7-AB45-A87B50F6BE16" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*", - "matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", - "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:-:*:*:*:*:*:*", - "matchCriteriaId": "DE093B34-F4CD-4052-8122-730D6537A91A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2A7D8055-F4B6-41EE-A078-11D56285AB66" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8188:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BA3D4A45-38EE-4125-AE67-89D1C707F95A" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ED210E64-6CE7-42B1-849E-68C0E22521F6" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8395:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D98FBE1C-D57B-49D9-9C4E-8A133A0C1C89" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*", - "matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/corp.mediatek.com\/product-security-bulletin\/September-2023", - "source": "security@mediatek.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-20847", - "sourceIdentifier": "security@mediatek.com", - "published": "2023-09-04T03:15:11.717", - "lastModified": "2023-09-07T14:43:55.820", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. This could lead to local denial of service with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07354025; Issue ID: ALPS07340108." - }, - { - "lang": "es", - "value": "En imgsys_cmdq, existe una posible lectura fuera de los límites debido a la falta de comprobación de rango válido. Esto podría conducir a una denegación de servicio local con privilegios de ejecución del sistema necesarios. Se necesita la interacción del usuario para su explotación. ID del parche: ALPS07354025; ID de la incidencia: ALPS07340108. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:H\/UI:R\/S:U\/C:N\/I:N\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "availabilityImpact": "HIGH", - "baseScore": 4.2, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 0.6, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-125" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*", - "matchCriteriaId": "437D8F9D-67DF-47A5-9C96-5B51D1562951" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:mediatek:iot_yocto:23.0:*:*:*:*:*:*:*", - "matchCriteriaId": "3C9ED712-53EF-4AF7-AB45-A87B50F6BE16" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*", - "matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", - "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:-:*:*:*:*:*:*", - "matchCriteriaId": "DE093B34-F4CD-4052-8122-730D6537A91A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2A7D8055-F4B6-41EE-A078-11D56285AB66" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8188:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BA3D4A45-38EE-4125-AE67-89D1C707F95A" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ED210E64-6CE7-42B1-849E-68C0E22521F6" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8395:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D98FBE1C-D57B-49D9-9C4E-8A133A0C1C89" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*", - "matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/corp.mediatek.com\/product-security-bulletin\/September-2023", - "source": "security@mediatek.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-20848", - "sourceIdentifier": "security@mediatek.com", - "published": "2023-09-04T03:15:11.830", - "lastModified": "2023-09-07T14:44:06.117", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07340433; Issue ID: ALPS07340433." - }, - { - "lang": "es", - "value": "En imgsys_cmdq, existe una posible lectura fuera de los límites debido a la falta de comprobación de rango válido. Esto podría llevar a una escalada local de privilegios con necesidad de privilegios de ejecución del sistema. Se necesita la interacción del usuario para la explotación. ID del parche: ALPS07340433; ID de la incidencia: ALPS07340433." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:H\/UI:R\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 6.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 0.6, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-125" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*", - "matchCriteriaId": "437D8F9D-67DF-47A5-9C96-5B51D1562951" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:mediatek:iot_yocto:23.0:*:*:*:*:*:*:*", - "matchCriteriaId": "3C9ED712-53EF-4AF7-AB45-A87B50F6BE16" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*", - "matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", - "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:-:*:*:*:*:*:*", - "matchCriteriaId": "DE093B34-F4CD-4052-8122-730D6537A91A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt2713:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7D1135F9-E38C-4308-BD32-A4D83959282E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2A7D8055-F4B6-41EE-A078-11D56285AB66" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8188:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BA3D4A45-38EE-4125-AE67-89D1C707F95A" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ED210E64-6CE7-42B1-849E-68C0E22521F6" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8395:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D98FBE1C-D57B-49D9-9C4E-8A133A0C1C89" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*", - "matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/corp.mediatek.com\/product-security-bulletin\/September-2023", - "source": "security@mediatek.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-20849", - "sourceIdentifier": "security@mediatek.com", - "published": "2023-09-04T03:15:11.983", - "lastModified": "2023-09-07T14:44:14.570", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "In imgsys_cmdq, there is a possible use after free due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07340433; Issue ID: ALPS07340350." - }, - { - "lang": "es", - "value": "En imgsys_cmdq, existe un posible Use After Free debido a una falta de comprobación de rango válido. Esto podría llevar a una escalada local de privilegios con necesidad de privilegios de ejecución del sistema. Se necesita la interacción del usuario para la explotación. ID del parche: ALPS07340433; ID de incidencia: ALPS07340350." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:H\/UI:R\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 6.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 0.6, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-416" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*", - "matchCriteriaId": "437D8F9D-67DF-47A5-9C96-5B51D1562951" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:mediatek:iot_yocto:23.0:*:*:*:*:*:*:*", - "matchCriteriaId": "3C9ED712-53EF-4AF7-AB45-A87B50F6BE16" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*", - "matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", - "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:-:*:*:*:*:*:*", - "matchCriteriaId": "DE093B34-F4CD-4052-8122-730D6537A91A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt2713:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7D1135F9-E38C-4308-BD32-A4D83959282E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2A7D8055-F4B6-41EE-A078-11D56285AB66" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8188:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BA3D4A45-38EE-4125-AE67-89D1C707F95A" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ED210E64-6CE7-42B1-849E-68C0E22521F6" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8395:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D98FBE1C-D57B-49D9-9C4E-8A133A0C1C89" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*", - "matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/corp.mediatek.com\/product-security-bulletin\/September-2023", - "source": "security@mediatek.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-20850", - "sourceIdentifier": "security@mediatek.com", - "published": "2023-09-04T03:15:12.033", - "lastModified": "2023-09-07T14:44:28.573", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "In imgsys_cmdq, there is a possible out of bounds write due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07340433; Issue ID: ALPS07340381." - }, - { - "lang": "es", - "value": "En imgsys_cmdq, existe una posible escritura fuera de límites debido a que falta una verificación de rango válido. Esto podría conducir a una escalada local de privilegios con privilegios de ejecución del sistema necesarios. Se necesita la interacción del usuario para la explotación. ID de parche: ALPS07340433; ID del problema: ALPS07340381." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:H\/UI:R\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 6.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 0.6, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-787" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*", - "matchCriteriaId": "437D8F9D-67DF-47A5-9C96-5B51D1562951" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:mediatek:iot_yocto:23.0:*:*:*:*:*:*:*", - "matchCriteriaId": "3C9ED712-53EF-4AF7-AB45-A87B50F6BE16" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*", - "matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", - "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:-:*:*:*:*:*:*", - "matchCriteriaId": "DE093B34-F4CD-4052-8122-730D6537A91A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt2713:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7D1135F9-E38C-4308-BD32-A4D83959282E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2A7D8055-F4B6-41EE-A078-11D56285AB66" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8188:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BA3D4A45-38EE-4125-AE67-89D1C707F95A" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ED210E64-6CE7-42B1-849E-68C0E22521F6" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8395:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D98FBE1C-D57B-49D9-9C4E-8A133A0C1C89" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*", - "matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/corp.mediatek.com\/product-security-bulletin\/September-2023", - "source": "security@mediatek.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-20851", - "sourceIdentifier": "security@mediatek.com", - "published": "2023-09-04T03:15:12.083", - "lastModified": "2023-09-07T19:10:10.583", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "In stc, there is a possible out of bounds read due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08048635; Issue ID: ALPS08048635." - }, - { - "lang": "es", - "value": "En el componente stc, hay una posible lectura fuera de límites debido a una condición de carrera. Esto podría llevar a una escalada local de privilegios con necesidad de privilegios de ejecución del sistema. Se necesita la interacción del usuario para la explotación. ID del parche: ALPS08048635; ID de la incidencia: ALPS08048635. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:H\/PR:H\/UI:R\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "HIGH", - "privilegesRequired": "HIGH", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 6.3, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 0.3, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-125" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*", - "matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*", - "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8188:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BA3D4A45-38EE-4125-AE67-89D1C707F95A" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/corp.mediatek.com\/product-security-bulletin\/September-2023", - "source": "security@mediatek.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-32805", - "sourceIdentifier": "security@mediatek.com", - "published": "2023-09-04T03:15:12.140", - "lastModified": "2023-09-07T19:10:30.657", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "In power, there is a possible out of bounds write due to an insecure default value. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08102892; Issue ID: ALPS08102892." - }, - { - "lang": "es", - "value": "En power, existe una posible escritura fuera de límites debido a un valor predeterminado inseguro. Esto podría conducir a una escalada local de privilegios con privilegios de ejecución del sistema necesarios. Se necesita la interacción del usuario para la explotación. ID de parche: ALPS08102892; ID del problema: ALPS08102892." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:H\/UI:R\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 6.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 0.6, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-787" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*", - "matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", - "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*", - "matchCriteriaId": "03E6123A-7603-4EAB-AFFB-229E8A040709" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/corp.mediatek.com\/product-security-bulletin\/September-2023", - "source": "security@mediatek.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-32806", - "sourceIdentifier": "security@mediatek.com", - "published": "2023-09-04T03:15:12.393", - "lastModified": "2023-09-07T19:10:40.267", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07441589; Issue ID: ALPS07441589." - }, - { - "lang": "es", - "value": "En el controlador wlan, existe una posible escritura fuera de límites debido a una validación de entrada incorrecta. Esto podría llevar a una escalada local de privilegios con necesidad de privilegios de ejecución del sistema. No es necesaria la interacción del usuario para su explotación. ID del parche: ALPS07441589; ID de la incidencia: ALPS07441589. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:H\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 6.7, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 0.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-787" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*", - "matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*", - "matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*", - "matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*", - "matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", - "matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*", - "matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AF3E2B84-DAFE-4E11-B23B-026F719475F5" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*", - "matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1A76806D-A4E3-466A-90CB-E9FFE478E7A0" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*", - "matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*", - "matchCriteriaId": "152F6606-FA23-4530-AA07-419866B74CB3" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*", - "matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*", - "matchCriteriaId": "437D8F9D-67DF-47A5-9C96-5B51D1562951" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:mediatek:iot_yocto:23.0:*:*:*:*:*:*:*", - "matchCriteriaId": "3C9ED712-53EF-4AF7-AB45-A87B50F6BE16" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", - "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*", - "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:openwrt:openwrt:21.02.0:-:*:*:*:*:*:*", - "matchCriteriaId": "F0133207-2EED-4625-854F-8DB7770D5BF7" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/corp.mediatek.com\/product-security-bulletin\/September-2023", - "source": "security@mediatek.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-32807", - "sourceIdentifier": "security@mediatek.com", - "published": "2023-09-04T03:15:12.657", - "lastModified": "2023-09-07T19:12:25.147", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "In wlan service, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588360; Issue ID: ALPS07588360." - }, - { - "lang": "es", - "value": "En el servicio wlan, existe una posible lectura fuera de límites debido a una validación de entrada incorrecta. Esto podría conducir a la divulgación de información local con privilegios de ejecución del sistema necesarios. La interacción del usuario no es necesaria para la explotación. ID de parche: ALPS07588360; ID del problema: ALPS07588360." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:H\/UI:N\/S:U\/C:H\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 4.4, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 0.8, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-125" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*", - "matchCriteriaId": "437D8F9D-67DF-47A5-9C96-5B51D1562951" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:mediatek:iot_yocto:23.0:*:*:*:*:*:*:*", - "matchCriteriaId": "3C9ED712-53EF-4AF7-AB45-A87B50F6BE16" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*", - "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*", - "matchCriteriaId": "19A63103-C708-48EC-B44D-5E465A6B79C5" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*", - "matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*", - "matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*", - "matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*", - "matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*", - "matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*", - "matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*", - "matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/corp.mediatek.com\/product-security-bulletin\/September-2023", - "source": "security@mediatek.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-32808", - "sourceIdentifier": "security@mediatek.com", - "published": "2023-09-04T03:15:12.840", - "lastModified": "2023-09-07T19:12:34.423", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "In bluetooth driver, there is a possible read and write access to registers due to improper access control of register interface. This could lead to local leak of sensitive information with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07849751; Issue ID: ALPS07849751." - }, - { - "lang": "es", - "value": "En el controlador Bluetooth, existe un posible acceso de lectura y escritura a los registros debido a un control de acceso inadecuado de la interfaz de registro. Esto podría conducir a la fuga local de información sensible con privilegios de ejecución del sistema necesarios. No es necesaria la interacción del usuario para su explotación. ID del parche: ALPS07849751; ID de la incidencia: ALPS07849751." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:H\/UI:N\/S:U\/C:H\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 4.4, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 0.8, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "NVD-CWE-Other" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*", - "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt2713:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7D1135F9-E38C-4308-BD32-A4D83959282E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*", - "matchCriteriaId": "19A63103-C708-48EC-B44D-5E465A6B79C5" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*", - "matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*", - "matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", - "matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AF3E2B84-DAFE-4E11-B23B-026F719475F5" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*", - "matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*", - "matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8188:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BA3D4A45-38EE-4125-AE67-89D1C707F95A" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ED210E64-6CE7-42B1-849E-68C0E22521F6" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*", - "matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*", - "matchCriteriaId": "152F6606-FA23-4530-AA07-419866B74CB3" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*", - "matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8781wifi:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DC1B2D4B-C7C3-420C-9361-6C056B4BCA9E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8791wifi:-:*:*:*:*:*:*:*", - "matchCriteriaId": "720F4AA0-6AAE-465F-8F50-F11DD11B5FA3" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8797wifi:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9BD3FB61-EA42-4D3D-9867-7EBCD0B8F647" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/corp.mediatek.com\/product-security-bulletin\/September-2023", - "source": "security@mediatek.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-32809", - "sourceIdentifier": "security@mediatek.com", - "published": "2023-09-04T03:15:13.023", - "lastModified": "2023-09-07T19:12:43.770", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "In bluetooth driver, there is a possible read and write access to registers due to improper access control of register interface. This could lead to local leak of sensitive information with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07849753; Issue ID: ALPS07849753." - }, - { - "lang": "es", - "value": "En bluetooth driver, existe un posible acceso de lectura y escritura a los registros debido a un control de acceso inadecuado de la interfaz de registro. Esto podría provocar una fuga local de información confidencial que requiera privilegios de ejecución del sistema. La interacción del usuario no es necesaria para la explotación. ID de parche: ALPS07849753; ID del problema: ALPS07849753." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:H\/UI:N\/S:U\/C:H\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 4.4, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 0.8, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "NVD-CWE-Other" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*", - "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt2713:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7D1135F9-E38C-4308-BD32-A4D83959282E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*", - "matchCriteriaId": "19A63103-C708-48EC-B44D-5E465A6B79C5" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*", - "matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*", - "matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", - "matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AF3E2B84-DAFE-4E11-B23B-026F719475F5" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*", - "matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*", - "matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8188:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BA3D4A45-38EE-4125-AE67-89D1C707F95A" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ED210E64-6CE7-42B1-849E-68C0E22521F6" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*", - "matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*", - "matchCriteriaId": "152F6606-FA23-4530-AA07-419866B74CB3" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*", - "matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8781wifi:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DC1B2D4B-C7C3-420C-9361-6C056B4BCA9E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8791wifi:-:*:*:*:*:*:*:*", - "matchCriteriaId": "720F4AA0-6AAE-465F-8F50-F11DD11B5FA3" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8797wifi:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9BD3FB61-EA42-4D3D-9867-7EBCD0B8F647" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/corp.mediatek.com\/product-security-bulletin\/September-2023", - "source": "security@mediatek.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-32810", - "sourceIdentifier": "security@mediatek.com", - "published": "2023-09-04T03:15:13.223", - "lastModified": "2023-09-07T19:12:56.850", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "In bluetooth driver, there is a possible out of bounds read due to improper input validation. This could lead to local information leak with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07867212; Issue ID: ALPS07867212." - }, - { - "lang": "es", - "value": "En el controlador Bluetooth, existe una posible lectura fuera de los límites debido a una validación de entrada incorrecta. Esto podría dar lugar a una fuga de información local con privilegios de ejecución del sistema necesarios. No es necesaria la interacción del usuario para su explotación. ID del parche: ALPS07867212; ID de la incidencia: LPS07867212. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:H\/UI:N\/S:U\/C:H\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 4.4, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 0.8, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-125" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:linuxfoundation:yocto:3.1:*:*:*:*:*:*:*", - "matchCriteriaId": "B2EECB3C-723A-492D-A6D7-6A1A73EDBFDF" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:linuxfoundation:yocto:3.3:*:*:*:*:*:*:*", - "matchCriteriaId": "2385F2C9-3EA1-424B-AB8D-A672BF1CBE56" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*", - "matchCriteriaId": "437D8F9D-67DF-47A5-9C96-5B51D1562951" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", - "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*", - "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:linux:linux_kernel:4.19:-:*:*:*:*:*:*", - "matchCriteriaId": "CFDAD450-8799-4C2D-80CE-2AA45DEC35CE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt2713:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7D1135F9-E38C-4308-BD32-A4D83959282E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt5221:-:*:*:*:*:*:*:*", - "matchCriteriaId": "518D4593-D5E2-489C-92C3-343716A621E9" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*", - "matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*", - "matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", - "matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*", - "matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*", - "matchCriteriaId": "171D1C08-F055-44C0-913C-AA2B73AF5B72" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*", - "matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*", - "matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*", - "matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8188:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BA3D4A45-38EE-4125-AE67-89D1C707F95A" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8188t:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A4675A09-0147-4690-8AA1-E3802CA1B3EB" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ED210E64-6CE7-42B1-849E-68C0E22521F6" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*", - "matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*", - "matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*", - "matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8518s:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6069CD03-6AB1-4A06-88CF-EFBDEA84CDE2" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8532:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EE18D5C2-0423-4CE5-86E7-69E7BB131BBF" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*", - "matchCriteriaId": "152F6606-FA23-4530-AA07-419866B74CB3" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*", - "matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/corp.mediatek.com\/product-security-bulletin\/September-2023", - "source": "security@mediatek.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-32811", - "sourceIdentifier": "security@mediatek.com", - "published": "2023-09-04T03:15:13.387", - "lastModified": "2023-09-07T19:13:05.170", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "In connectivity system driver, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07929848; Issue ID: ALPS07929848." - }, - { - "lang": "es", - "value": "En connectivity system driver, existe una posible escritura fuera de límites debido a una validación de entrada incorrecta. Esto podría conducir a una escalada local de privilegios con privilegios de ejecución del sistema necesarios. La interacción del usuario no es necesaria para la explotación. ID de parche: ALPS07929848; ID del problema: ALPS07929848." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:H\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 6.7, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 0.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-787" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*", - "matchCriteriaId": "437D8F9D-67DF-47A5-9C96-5B51D1562951" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:mediatek:iot_yocto:23.0:*:*:*:*:*:*:*", - "matchCriteriaId": "3C9ED712-53EF-4AF7-AB45-A87B50F6BE16" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", - "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*", - "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt2713:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7D1135F9-E38C-4308-BD32-A4D83959282E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*", - "matchCriteriaId": "19A63103-C708-48EC-B44D-5E465A6B79C5" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*", - "matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*", - "matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*", - "matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8188:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BA3D4A45-38EE-4125-AE67-89D1C707F95A" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ED210E64-6CE7-42B1-849E-68C0E22521F6" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*", - "matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*", - "matchCriteriaId": "152F6606-FA23-4530-AA07-419866B74CB3" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/corp.mediatek.com\/product-security-bulletin\/September-2023", - "source": "security@mediatek.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-32812", - "sourceIdentifier": "security@mediatek.com", - "published": "2023-09-04T03:15:13.440", - "lastModified": "2023-09-07T14:42:25.327", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "In gnss service, there is a possible out of bounds write due to improper input validation. This could lead to local esclation of privileges with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08017365; Issue ID: ALPS08017365." - }, - { - "lang": "es", - "value": "En el servicio gnss, existe una posible escritura fuera de límites debido a una validación de entrada incorrecta. Esto podría conducir a una escalada local de privilegios con necesidad de privilegios de ejecución del sistema. No es necesaria la interacción del usuario para la explotación. ID del parche: ALPS08017365; ID de la incidencia: ALPS08017365. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:H\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 6.7, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 0.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-787" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:linuxfoundation:yocto:2.6:*:*:*:*:*:*:*", - "matchCriteriaId": "397C75CA-D217-4617-B8B1-80F74CFB04CE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*", - "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:openwrt:openwrt:19.07.0:-:*:*:*:*:*:*", - "matchCriteriaId": "4FA469E2-9E63-4C9A-8EBA-10C8C870063A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:openwrt:openwrt:21.02.0:-:*:*:*:*:*:*", - "matchCriteriaId": "F0133207-2EED-4625-854F-8DB7770D5BF7" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt2713:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7D1135F9-E38C-4308-BD32-A4D83959282E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7F1D09FC-5BE9-4B23-82F1-3C6EAC5711A6" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*", - "matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*", - "matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*", - "matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*", - "matchCriteriaId": "19A63103-C708-48EC-B44D-5E465A6B79C5" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*", - "matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*", - "matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*", - "matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6855t:-:*:*:*:*:*:*:*", - "matchCriteriaId": "083F6134-FF26-4F1B-9B77-971D342AF774" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", - "matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*", - "matchCriteriaId": "68CF4A7A-3136-4C4C-A795-81323896BE11" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*", - "matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AF3E2B84-DAFE-4E11-B23B-026F719475F5" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*", - "matchCriteriaId": "171D1C08-F055-44C0-913C-AA2B73AF5B72" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1A76806D-A4E3-466A-90CB-E9FFE478E7A0" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*", - "matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8188:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BA3D4A45-38EE-4125-AE67-89D1C707F95A" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ED210E64-6CE7-42B1-849E-68C0E22521F6" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*", - "matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/corp.mediatek.com\/product-security-bulletin\/September-2023", - "source": "security@mediatek.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-32813", - "sourceIdentifier": "security@mediatek.com", - "published": "2023-09-04T03:15:13.527", - "lastModified": "2023-09-07T14:42:39.470", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "In gnss service, there is a possible out of bounds write due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08017370; Issue ID: ALPS08017370." - }, - { - "lang": "es", - "value": "En el servicio gnss, existe una posible escritura fuera de límites debido a una validación de entrada incorrecta. Esto podría conducir a la divulgación de información local con privilegios de ejecución de System necesarios. La interacción del usuario no es necesaria para la explotación.ID de parche: ALPS08017370; ID del problema: ALPS08017370." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:H\/UI:N\/S:U\/C:H\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 4.4, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 0.8, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-787" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:linuxfoundation:yocto:2.6:*:*:*:*:*:*:*", - "matchCriteriaId": "397C75CA-D217-4617-B8B1-80F74CFB04CE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*", - "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:openwrt:openwrt:19.07.0:-:*:*:*:*:*:*", - "matchCriteriaId": "4FA469E2-9E63-4C9A-8EBA-10C8C870063A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:openwrt:openwrt:21.02.0:-:*:*:*:*:*:*", - "matchCriteriaId": "F0133207-2EED-4625-854F-8DB7770D5BF7" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt2713:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7D1135F9-E38C-4308-BD32-A4D83959282E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7F1D09FC-5BE9-4B23-82F1-3C6EAC5711A6" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*", - "matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*", - "matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*", - "matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*", - "matchCriteriaId": "19A63103-C708-48EC-B44D-5E465A6B79C5" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*", - "matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*", - "matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*", - "matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6855t:-:*:*:*:*:*:*:*", - "matchCriteriaId": "083F6134-FF26-4F1B-9B77-971D342AF774" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", - "matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*", - "matchCriteriaId": "68CF4A7A-3136-4C4C-A795-81323896BE11" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*", - "matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AF3E2B84-DAFE-4E11-B23B-026F719475F5" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*", - "matchCriteriaId": "171D1C08-F055-44C0-913C-AA2B73AF5B72" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1A76806D-A4E3-466A-90CB-E9FFE478E7A0" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*", - "matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8188:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BA3D4A45-38EE-4125-AE67-89D1C707F95A" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ED210E64-6CE7-42B1-849E-68C0E22521F6" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*", - "matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*", - "matchCriteriaId": "152F6606-FA23-4530-AA07-419866B74CB3" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/corp.mediatek.com\/product-security-bulletin\/September-2023", - "source": "security@mediatek.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-32814", - "sourceIdentifier": "security@mediatek.com", - "published": "2023-09-04T03:15:13.783", - "lastModified": "2023-09-07T14:42:58.513", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "In gnss service, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08031947; Issue ID: ALPS08031947." - }, - { - "lang": "es", - "value": "En el servicio gnss, existe una posible lectura fuera de límites debido a una validación de entrada incorrecta. Esto podría conducir a la divulgación de información local con privilegios de ejecución del sistema necesarios. No es necesaria la interacción del usuario para su explotación. ID del parche: ALPS08031947; ID de la incidencia: ALPS08031947. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:H\/UI:N\/S:U\/C:H\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 4.4, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 0.8, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-125" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*", - "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt2713:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7D1135F9-E38C-4308-BD32-A4D83959282E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7F1D09FC-5BE9-4B23-82F1-3C6EAC5711A6" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*", - "matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*", - "matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*", - "matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*", - "matchCriteriaId": "19A63103-C708-48EC-B44D-5E465A6B79C5" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*", - "matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*", - "matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*", - "matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6855t:-:*:*:*:*:*:*:*", - "matchCriteriaId": "083F6134-FF26-4F1B-9B77-971D342AF774" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", - "matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*", - "matchCriteriaId": "68CF4A7A-3136-4C4C-A795-81323896BE11" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*", - "matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AF3E2B84-DAFE-4E11-B23B-026F719475F5" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*", - "matchCriteriaId": "171D1C08-F055-44C0-913C-AA2B73AF5B72" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1A76806D-A4E3-466A-90CB-E9FFE478E7A0" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*", - "matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8188:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BA3D4A45-38EE-4125-AE67-89D1C707F95A" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ED210E64-6CE7-42B1-849E-68C0E22521F6" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*", - "matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*", - "matchCriteriaId": "152F6606-FA23-4530-AA07-419866B74CB3" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/corp.mediatek.com\/product-security-bulletin\/September-2023", - "source": "security@mediatek.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-32815", - "sourceIdentifier": "security@mediatek.com", - "published": "2023-09-04T03:15:13.990", - "lastModified": "2023-09-07T14:43:12.923", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "In gnss service, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08037801; Issue ID: ALPS08037801." - }, - { - "lang": "es", - "value": "En el servicio gnss, existe una posible lectura fuera de límites debido a una validación de entrada incorrecta. Esto podría conducir a la divulgación de información local con privilegios de ejecución del sistema necesarios. No es necesaria la interacción del usuario para su explotación. ID del parche: ALPS08037801; ID de la incidencia: ALPS08037801." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:H\/UI:N\/S:U\/C:H\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 4.4, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 0.8, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-125" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:linuxfoundation:yocto:2.6:*:*:*:*:*:*:*", - "matchCriteriaId": "397C75CA-D217-4617-B8B1-80F74CFB04CE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*", - "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:openwrt:openwrt:19.07.0:-:*:*:*:*:*:*", - "matchCriteriaId": "4FA469E2-9E63-4C9A-8EBA-10C8C870063A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:openwrt:openwrt:21.02.0:-:*:*:*:*:*:*", - "matchCriteriaId": "F0133207-2EED-4625-854F-8DB7770D5BF7" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt2713:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7D1135F9-E38C-4308-BD32-A4D83959282E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7F1D09FC-5BE9-4B23-82F1-3C6EAC5711A6" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*", - "matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*", - "matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*", - "matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*", - "matchCriteriaId": "19A63103-C708-48EC-B44D-5E465A6B79C5" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*", - "matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*", - "matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*", - "matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6855t:-:*:*:*:*:*:*:*", - "matchCriteriaId": "083F6134-FF26-4F1B-9B77-971D342AF774" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", - "matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*", - "matchCriteriaId": "68CF4A7A-3136-4C4C-A795-81323896BE11" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*", - "matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AF3E2B84-DAFE-4E11-B23B-026F719475F5" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*", - "matchCriteriaId": "171D1C08-F055-44C0-913C-AA2B73AF5B72" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1A76806D-A4E3-466A-90CB-E9FFE478E7A0" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*", - "matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8188:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BA3D4A45-38EE-4125-AE67-89D1C707F95A" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8188t:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A4675A09-0147-4690-8AA1-E3802CA1B3EB" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ED210E64-6CE7-42B1-849E-68C0E22521F6" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*", - "matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/corp.mediatek.com\/product-security-bulletin\/September-2023", - "source": "security@mediatek.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-32816", - "sourceIdentifier": "security@mediatek.com", - "published": "2023-09-04T03:15:14.220", - "lastModified": "2023-09-07T14:43:32.837", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "In gnss service, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08044040; Issue ID: ALPS08044032." - }, - { - "lang": "es", - "value": "En el servicio gnss, existe una posible lectura fuera de límites debido a una validación de entrada incorrecta. Esto podría conducir a la divulgación de información local con privilegios de ejecución del sistema necesarios. No es necesaria la interacción del usuario para su explotación. ID del parche: ALPS08044040; ID de la incidencia: ALPS08044032. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:H\/UI:N\/S:U\/C:H\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 4.4, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 0.8, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-125" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*", - "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt2713:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7D1135F9-E38C-4308-BD32-A4D83959282E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*", - "matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*", - "matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*", - "matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*", - "matchCriteriaId": "19A63103-C708-48EC-B44D-5E465A6B79C5" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*", - "matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*", - "matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*", - "matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6855t:-:*:*:*:*:*:*:*", - "matchCriteriaId": "083F6134-FF26-4F1B-9B77-971D342AF774" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", - "matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*", - "matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AF3E2B84-DAFE-4E11-B23B-026F719475F5" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*", - "matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8188:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BA3D4A45-38EE-4125-AE67-89D1C707F95A" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ED210E64-6CE7-42B1-849E-68C0E22521F6" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*", - "matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*", - "matchCriteriaId": "152F6606-FA23-4530-AA07-419866B74CB3" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/corp.mediatek.com\/product-security-bulletin\/September-2023", - "source": "security@mediatek.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-32817", - "sourceIdentifier": "security@mediatek.com", - "published": "2023-09-04T03:15:14.277", - "lastModified": "2023-09-07T14:43:42.350", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "In gnss service, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08044040; Issue ID: ALPS08044035." - }, - { - "lang": "es", - "value": "En el servicio gnss, existe una posible lectura fuera de límites debido a una validación de entrada incorrecta. Esto podría conducir a la divulgación de información local con privilegios de ejecución del sistema necesarios. No es necesaria la interacción del usuario para su explotación. ID del parche: ALPS08044040; ID de la incidencia: ALPS08044035." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:H\/UI:N\/S:U\/C:H\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 4.4, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 0.8, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-125" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*", - "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt2713:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7D1135F9-E38C-4308-BD32-A4D83959282E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*", - "matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*", - "matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*", - "matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*", - "matchCriteriaId": "19A63103-C708-48EC-B44D-5E465A6B79C5" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*", - "matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*", - "matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*", - "matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6855t:-:*:*:*:*:*:*:*", - "matchCriteriaId": "083F6134-FF26-4F1B-9B77-971D342AF774" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", - "matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*", - "matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AF3E2B84-DAFE-4E11-B23B-026F719475F5" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*", - "matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8188:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BA3D4A45-38EE-4125-AE67-89D1C707F95A" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ED210E64-6CE7-42B1-849E-68C0E22521F6" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*", - "matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*", - "matchCriteriaId": "152F6606-FA23-4530-AA07-419866B74CB3" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/corp.mediatek.com\/product-security-bulletin\/September-2023", - "source": "security@mediatek.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-4613", - "sourceIdentifier": "product.security@lge.com", - "published": "2023-09-04T09:15:07.510", - "lastModified": "2023-09-08T14:14:54.583", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG LED Assistant. Authentication is not required to exploit this vulnerability. The specific flaw exists within the \/api\/settings\/upload endpoint. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of the current user." - }, - { - "lang": "es", - "value": "Esta vulnerabilidad permite a atacantes remotos ejecutar código arbitrario en las instalaciones afectadas de LG LED Assistant. No se requiere autenticación para explotar esta vulnerabilidad. El fallo específico existe dentro del endpoint \"\/api\/settings\/upload\". El problema se debe a la falta de validación adecuada de una ruta proporcionada por el usuario antes de utilizarla en operaciones de archivo. Un atacante puede aprovechar esta vulnerabilidad para ejecutar código en el contexto del usuario actual. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL" - }, - "exploitabilityScore": 3.9, - "impactScore": 5.9 - }, - { - "source": "product.security@lge.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL" - }, - "exploitabilityScore": 3.9, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-22" - } - ] - }, - { - "source": "product.security@lge.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-22" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:lg:lg_led_assistant:2.1.45:*:*:*:*:*:*:*", - "matchCriteriaId": "01BF17A2-A252-43A4-867B-64380FFC9A92" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/lgsecurity.lge.com\/bulletins\/idproducts#updateDetails", - "source": "product.security@lge.com", - "tags": [ - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/www.zerodayinitiative.com\/advisories\/ZDI-23-1221\/", - "source": "product.security@lge.com", - "tags": [ - "Third Party Advisory", - "VDB Entry" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-4754", - "sourceIdentifier": "security@huntr.dev", - "published": "2023-09-04T09:15:07.897", - "lastModified": "2023-09-06T22:23:47.563", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Out-of-bounds Write in GitHub repository gpac\/gpac prior to 2.3-DEV." - }, - { - "lang": "es", - "value": "Escritura fuera de límites en el repositorio de GitHub gpac\/gpac en versiones anteriores a 2.3-DEV." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:N\/I:N\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "availabilityImpact": "HIGH", - "baseScore": 5.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.8, - "impactScore": 3.6 - } - ], - "cvssMetricV30": [ - { - "source": "security@huntr.dev", - "type": "Secondary", - "cvssData": { - "version": "3.0", - "vectorString": "CVSS:3.0\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:L\/I:L\/A:L", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "LOW", - "baseScore": 5.3, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.8, - "impactScore": 3.4 - } - ] - }, - "weaknesses": [ - { - "source": "security@huntr.dev", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-787" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:gpac:gpac:*:*:*:*:*:*:*:*", - "versionEndExcluding": "2.3", - "matchCriteriaId": "422EDAFD-56FE-49AE-ADCF-7D33CFA0C56B" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/github.com\/gpac\/gpac\/commit\/7e2e92feb1b30fac1d659f6620d743b5a188ffe0", - "source": "security@huntr.dev", - "tags": [ - "Patch" - ] - }, - { - "url": "https:\/\/huntr.dev\/bounties\/b7ed24ad-7d0b-40b7-8f4d-3c18a906620c", - "source": "security@huntr.dev", - "tags": [ - "Exploit", - "Issue Tracking", - "Patch", - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-4756", - "sourceIdentifier": "security@huntr.dev", - "published": "2023-09-04T09:15:07.990", - "lastModified": "2023-09-06T22:24:03.187", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Stack-based Buffer Overflow in GitHub repository gpac\/gpac prior to 2.3-DEV." - }, - { - "lang": "es", - "value": "Se ha encontrado un desbordamiento de búfer de pila en el repositorio de GitHub gpac\/gpac anterior a la versión 2.3-DEV." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:N\/I:N\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "availabilityImpact": "HIGH", - "baseScore": 5.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.8, - "impactScore": 3.6 - } - ], - "cvssMetricV30": [ - { - "source": "security@huntr.dev", - "type": "Secondary", - "cvssData": { - "version": "3.0", - "vectorString": "CVSS:3.0\/AV:L\/AC:L\/PR:N\/UI:N\/S:U\/C:L\/I:L\/A:L", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "LOW", - "baseScore": 5.9, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.5, - "impactScore": 3.4 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-787" - } - ] - }, - { - "source": "security@huntr.dev", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-121" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:gpac:gpac:*:*:*:*:*:*:*:*", - "versionEndExcluding": "2.3", - "matchCriteriaId": "422EDAFD-56FE-49AE-ADCF-7D33CFA0C56B" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/github.com\/gpac\/gpac\/commit\/6914d016e2b540bac2c471c4aea156ddef8e8e01", - "source": "security@huntr.dev", - "tags": [ - "Patch" - ] - }, - { - "url": "https:\/\/huntr.dev\/bounties\/2342da0e-f097-4ce7-bfdc-3ec0ba446e05", - "source": "security@huntr.dev", - "tags": [ - "Exploit", - "Issue Tracking", - "Patch", - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-25465", - "sourceIdentifier": "audit@patchstack.com", - "published": "2023-09-04T10:15:07.940", - "lastModified": "2023-09-06T22:24:13.500", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy wp tell a friend popup form plugin <= 7.1 versions." - }, - { - "lang": "es", - "value": "Vulnerabilidad de Coss-Site Scripting (XSS) autenticada (con permisos de admin o superiores) almacenada en el plugin Gopi Ramasamy wp tell a friend popup form en versiones inferiores e incluyendo la 7.1. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:R\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 4.8, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.7, - "impactScore": 2.7 - }, - { - "source": "audit@patchstack.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:R\/S:C\/C:L\/I:L\/A:L", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "LOW", - "baseScore": 5.9, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.7, - "impactScore": 3.7 - } - ] - }, - "weaknesses": [ - { - "source": "audit@patchstack.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-79" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:gopiplus:wp-tell-a-friend-popup-form:*:*:*:*:*:wordpress:*:*", - "versionEndIncluding": "7.1", - "matchCriteriaId": "A9C0F7D7-950A-4F23-8AC4-C612B19B3050" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/patchstack.com\/database\/vulnerability\/wp-tell-a-friend-popup-form\/wordpress-wp-tell-a-friend-popup-form-plugin-7-1-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-36382", - "sourceIdentifier": "audit@patchstack.com", - "published": "2023-09-04T10:15:08.730", - "lastModified": "2023-09-06T22:24:22.910", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Jeffrey-WP Media Library Categories plugin <= 2.0.0 versions." - }, - { - "lang": "es", - "value": "Vulnerabilidad de Cross-Site Scripting (XSS) Almacenada autenticada (con permisos de admin o superior) en el complemento Jeffrey-WP Media Library Categories en versiones <= 2.0.0" - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:R\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 4.8, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.7, - "impactScore": 2.7 - }, - { - "source": "audit@patchstack.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:R\/S:C\/C:L\/I:L\/A:L", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "LOW", - "baseScore": 5.9, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.7, - "impactScore": 3.7 - } - ] - }, - "weaknesses": [ - { - "source": "audit@patchstack.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-79" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:jeffrey-wp:media_library_categories:*:*:*:*:*:wordpress:*:*", - "versionEndExcluding": "2.0.1", - "matchCriteriaId": "969EF919-FC7D-4493-8DA4-BC89FDBA2304" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/patchstack.com\/database\/vulnerability\/wp-media-library-categories\/wordpress-media-library-categories-plugin-2-0-0-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-39162", - "sourceIdentifier": "audit@patchstack.com", - "published": "2023-09-04T10:15:08.913", - "lastModified": "2023-09-06T22:24:31.437", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in XLPlugins User Email Verification for WooCommerce plugin <= 3.5.0 versions." - }, - { - "lang": "es", - "value": "Se ha encontrado una vulnerabilidad de Cross-Site Scripting (XSS) reflejado no autenticado en el plugin de XLPlugins llamado User Email Verification para WooCommerce en versiones anteriores e incluyendo la 3.5.0. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 6.1, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 2.7 - }, - { - "source": "audit@patchstack.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:C\/C:L\/I:L\/A:L", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "LOW", - "baseScore": 7.1, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.8, - "impactScore": 3.7 - } - ] - }, - "weaknesses": [ - { - "source": "audit@patchstack.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-79" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:xlplugins:woo-confirmation-email:*:*:*:*:*:wordpress:*:*", - "versionEndIncluding": "3.5.0", - "matchCriteriaId": "2D025551-1467-4FAB-86A4-F71DD77C281E" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/patchstack.com\/database\/vulnerability\/woo-confirmation-email\/wordpress-user-email-verification-for-woocommerce-plugin-3-5-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-39164", - "sourceIdentifier": "audit@patchstack.com", - "published": "2023-09-04T10:15:09.097", - "lastModified": "2023-09-12T19:42:29.390", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Molongui Author Box for Authors, Co-Authors, Multiple Authors and Guest Authors – Molongui plugin <= 4.6.19 versions." - }, - { - "lang": "es", - "value": "Vulnerabilidad de Cross-Site Scripting (XSS) Reflejada No Autenticada en Molongui Author Box para Autores, Coautores, Múltiples Autores y Autores Invitados: el complemento Molongui en versiones <= 4.6.19." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 6.1, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 2.7 - }, - { - "source": "audit@patchstack.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:C\/C:L\/I:L\/A:L", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "LOW", - "baseScore": 7.1, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.8, - "impactScore": 3.7 - } - ] - }, - "weaknesses": [ - { - "source": "audit@patchstack.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-79" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:amitzy:molongui:*:*:*:*:*:wordpress:*:*", - "versionEndExcluding": "4.6.20", - "matchCriteriaId": "EDAC446F-73BC-4F20-9EB6-F999961B2760" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/patchstack.com\/database\/vulnerability\/molongui-authorship\/wordpress-molongui-plugin-4-6-18-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-30494", - "sourceIdentifier": "audit@patchstack.com", - "published": "2023-09-04T11:15:39.627", - "lastModified": "2023-09-06T22:24:54.537", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in ImageRecycle ImageRecycle pdf & image compression plugin <= 3.1.10 versions." - }, - { - "lang": "es", - "value": "Vulnerabilidad de Cross-Site Scripting (XSS) Reflejada no autenticada en el plugin ImageRecycle pdf & image compression en versiones anteriores e incluyendo la 3.1.10. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 6.1, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 2.7 - }, - { - "source": "audit@patchstack.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:C\/C:L\/I:L\/A:L", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "LOW", - "baseScore": 7.1, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.8, - "impactScore": 3.7 - } - ] - }, - "weaknesses": [ - { - "source": "audit@patchstack.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-79" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:imagerecycle:imagerecycle_pdf_\\&_image_compression:*:*:*:*:*:wordpress:*:*", - "versionEndExcluding": "3.1.11", - "matchCriteriaId": "482CBB3F-C701-444D-A79E-C2A79C6E34D0" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/patchstack.com\/database\/vulnerability\/imagerecycle-pdf-image-compression\/wordpress-imagerecycle-pdf-image-compression-plugin-3-1-10-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-31220", - "sourceIdentifier": "audit@patchstack.com", - "published": "2023-09-04T11:15:40.123", - "lastModified": "2023-09-06T22:25:04.397", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WP-EXPERTS.IN TEAM WP Categories Widget plugin <= 2.2 versions." - }, - { - "lang": "es", - "value": "Vulnerabilidad de Cross-Site Scripting (XSS) Reflejada No Autenticada en el complemento en WP-EXPERTS.IN TEAM WP Categories Widge versiones <= 2.2 " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 6.1, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 2.7 - }, - { - "source": "audit@patchstack.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:C\/C:L\/I:L\/A:L", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "LOW", - "baseScore": 7.1, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.8, - "impactScore": 3.7 - } - ] - }, - "weaknesses": [ - { - "source": "audit@patchstack.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-79" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:wp-experts:wp-categories-widget:*:*:*:*:*:wordpress:*:*", - "versionEndIncluding": "2.2", - "matchCriteriaId": "69479C27-EB03-4C7B-A715-F0886E8E1292" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/patchstack.com\/database\/vulnerability\/wp-categories-widget\/wordpress-wp-categories-widget-plugin-2-2-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-37393", - "sourceIdentifier": "audit@patchstack.com", - "published": "2023-09-04T11:15:40.383", - "lastModified": "2023-09-06T22:25:13.517", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Atarim Visual Website Collaboration, Feedback & Project Management – Atarim plugin <= 3.9.3 versions." - }, - { - "lang": "es", - "value": "Se ha encontrado una vulnerabilidad de Cross-Site Scripting (XSS) almacenado y autenticado (con permisos de administrador o superiores) en el plugin Atarim Visual Website Collaboration, Feedback & Project Management – Atarim en versiones anteriores e incluyendo la 3.9.3. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:R\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 4.8, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.7, - "impactScore": 2.7 - }, - { - "source": "audit@patchstack.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:C\/C:L\/I:L\/A:L", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "LOW", - "baseScore": 7.1, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.8, - "impactScore": 3.7 - } - ] - }, - "weaknesses": [ - { - "source": "audit@patchstack.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-79" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:atarim:atarim:*:*:*:*:*:wordpress:*:*", - "versionEndExcluding": "3.9.4", - "matchCriteriaId": "EF87BDBB-2979-47C9-B3D8-4CC14F6C4868" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/patchstack.com\/database\/vulnerability\/atarim-visual-collaboration\/wordpress-atarim-plugin-3-9-3-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-39918", - "sourceIdentifier": "audit@patchstack.com", - "published": "2023-09-04T11:15:40.483", - "lastModified": "2023-09-06T22:25:23.327", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in SAASPROJECT Booking Package Booking Package plugin <= 1.6.01 versions." - }, - { - "lang": "es", - "value": "Vulnerabilidad de Cross-Site Scripting (XSS) Reflejada No Autenticada en el complemento SAASPROJECT Booking Package Booking Package versiones <= 1.6.01" - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 6.1, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 2.7 - }, - { - "source": "audit@patchstack.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:C\/C:L\/I:L\/A:L", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "LOW", - "baseScore": 7.1, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.8, - "impactScore": 3.7 - } - ] - }, - "weaknesses": [ - { - "source": "audit@patchstack.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-79" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:saasproject:booking_package:*:*:*:*:*:wordpress:*:*", - "versionEndExcluding": "1.6.02", - "matchCriteriaId": "B6C4693F-2A45-4813-9215-A4C01AC36F82" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/patchstack.com\/database\/vulnerability\/booking-package\/wordpress-booking-package-plugin-1-6-01-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-39919", - "sourceIdentifier": "audit@patchstack.com", - "published": "2023-09-04T11:15:40.627", - "lastModified": "2023-09-06T22:25:35.907", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in maennchen1.De wpShopGermany – Protected Shops plugin <= 2.0 versions." - }, - { - "lang": "es", - "value": "Se ha encontrado una vulnerabilidad de Cross-Site Scripting (XSS) almacenado y autenticado con permisos de administrador o superiores en el plugin maennchen1.De wpShopGermany – Protected Shops en versiones anteriores e incluyendo la 2.0. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:R\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 4.8, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.7, - "impactScore": 2.7 - }, - { - "source": "audit@patchstack.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:R\/S:C\/C:L\/I:L\/A:L", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "LOW", - "baseScore": 5.9, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.7, - "impactScore": 3.7 - } - ] - }, - "weaknesses": [ - { - "source": "audit@patchstack.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-79" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:maennchen1:wpshopgermany_-_protected_shops:*:*:*:*:*:wordpress:*:*", - "versionEndExcluding": "2.1", - "matchCriteriaId": "FCE4F01F-B4E5-4FF3-BA2D-4D63A9829C32" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/patchstack.com\/database\/vulnerability\/wpshopgermany-protectedshops\/wordpress-wpshopgermany-protected-shops-plugin-2-0-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-39987", - "sourceIdentifier": "audit@patchstack.com", - "published": "2023-09-04T11:15:40.737", - "lastModified": "2023-09-06T22:25:44.800", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Ajay Lulia wSecure Lite plugin <= 2.5 versions." - }, - { - "lang": "es", - "value": "Vulnerabilidad de Coss-Site Scripting (XSS) autenticada (con permisos de admin o superiores) almacenada en el complemento Ajay Lulia wSecure Lite versiones <= 2.5 " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:R\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 4.8, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.7, - "impactScore": 2.7 - }, - { - "source": "audit@patchstack.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:R\/S:C\/C:L\/I:L\/A:L", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "LOW", - "baseScore": 5.9, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.7, - "impactScore": 3.7 - } - ] - }, - "weaknesses": [ - { - "source": "audit@patchstack.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-79" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:joomlaserviceprovider:wsecure:*:*:*:*:lite:wordpress:*:*", - "versionEndIncluding": "2.5", - "matchCriteriaId": "769CE48F-8B96-4029-90E3-DF3F59C56BB6" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/patchstack.com\/database\/vulnerability\/wsecure\/wordpress-wsecure-lite-plugin-2-5-cross-site-scripting-xss?_s_id=cve", - "source": "audit@patchstack.com", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-39988", - "sourceIdentifier": "audit@patchstack.com", - "published": "2023-09-04T11:15:40.840", - "lastModified": "2023-11-07T04:17:44.050", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in 标准云(std.Cloud) WxSync plugin <= 2.7.23 versions." - }, - { - "lang": "es", - "value": "Se ha encontrado una vulnerabilidad de Cross-Site Scripting (XSS) reflejado y autenticado (con permisos de contribuidor o superiores) en el plugin WxSync en versiones anteriores e incluyendo la 2.7.23. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:R\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 5.4, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.3, - "impactScore": 2.7 - }, - { - "source": "audit@patchstack.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:R\/S:C\/C:L\/I:L\/A:L", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "LOW", - "baseScore": 6.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.3, - "impactScore": 3.7 - } - ] - }, - "weaknesses": [ - { - "source": "audit@patchstack.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-79" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:tencent:wxsync:*:*:*:*:*:wordpress:*:*", - "versionEndIncluding": "2.7.23", - "matchCriteriaId": "5FB15F10-6D2D-43C3-B01C-54F08DE690C2" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/patchstack.com\/database\/vulnerability\/wxsync\/wordpress-wxsync-plugin-2-7-23-cross-site-scripting-xss?_s_id=cve", - "source": "audit@patchstack.com", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-39991", - "sourceIdentifier": "audit@patchstack.com", - "published": "2023-09-04T11:15:40.933", - "lastModified": "2023-09-08T14:05:34.107", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Blindside Networks BigBlueButton plugin <= 3.0.0-beta.4 versions." - }, - { - "lang": "es", - "value": "Vulnerabilidad de Cross-Site Scripting (XSS) reflejada no Autenticada en el complemento Blindside Networks BigBlueButton en versiones <= 3.0.0-beta.4" - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 6.1, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 2.7 - }, - { - "source": "audit@patchstack.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:C\/C:L\/I:L\/A:L", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "LOW", - "baseScore": 7.1, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.8, - "impactScore": 3.7 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-79" - } - ] - }, - { - "source": "audit@patchstack.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-79" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:blindsidenetworks:bigbluebutton:*:*:*:*:*:wordpress:*:*", - "versionEndExcluding": "3.0.0", - "matchCriteriaId": "0F2E0415-2A61-47D3-A093-DA000BE271D0" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:blindsidenetworks:bigbluebutton:3.0.0:beta1:*:*:*:wordpress:*:*", - "matchCriteriaId": "A318CF14-A9CD-44FF-8D96-E5EA46C94A86" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:blindsidenetworks:bigbluebutton:3.0.0:beta2:*:*:*:wordpress:*:*", - "matchCriteriaId": "A571F96D-8435-4404-94C2-E755E64803BD" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:blindsidenetworks:bigbluebutton:3.0.0:beta3:*:*:*:wordpress:*:*", - "matchCriteriaId": "2CB5CD5B-A00A-4D9F-B008-3BBD05836B81" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:blindsidenetworks:bigbluebutton:3.0.0:beta4:*:*:*:wordpress:*:*", - "matchCriteriaId": "1E8C6565-6A53-46FA-BCF4-C73820651D0F" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/patchstack.com\/database\/vulnerability\/bigbluebutton\/wordpress-bigbluebutton-plugin-3-0-0-beta-4-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-39992", - "sourceIdentifier": "audit@patchstack.com", - "published": "2023-09-04T11:15:41.030", - "lastModified": "2023-09-06T22:32:25.333", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in vCita.Com Online Booking & Scheduling Calendar for WordPress by vcita plugin <= 4.3.2 versions." - }, - { - "lang": "es", - "value": "Se ha encontrado una vulnerabilidad de Cross-Site Scripting (XSS) reflejado no autenticado en el plugin vCita.Com Online Booking & Scheduling Calendar para WordPress de vcita en versiones anteriores e incluyendo la 4.3.2. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 6.1, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 2.7 - }, - { - "source": "audit@patchstack.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:C\/C:L\/I:L\/A:L", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "LOW", - "baseScore": 7.1, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.8, - "impactScore": 3.7 - } - ] - }, - "weaknesses": [ - { - "source": "audit@patchstack.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-79" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:vcita:online_booking_\\&_scheduling_calendar_for_wordpress_by_vcita:*:*:*:*:*:wordpress:*:*", - "versionEndExcluding": "4.3.3", - "matchCriteriaId": "8BF8819C-9FBF-40E4-BC21-D552BE257E48" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/patchstack.com\/database\/vulnerability\/meeting-scheduler-by-vcita\/wordpress-online-booking-scheduling-calendar-for-wordpress-by-vcita-plugin-4-3-2-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-40206", - "sourceIdentifier": "audit@patchstack.com", - "published": "2023-09-04T11:15:41.133", - "lastModified": "2023-09-06T22:32:35.350", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in hwk-fr WP 404 Auto Redirect to Similar Post plugin <= 1.0.3 versions." - }, - { - "lang": "es", - "value": "Vulnerabilidad de Coss-Site Scripting (XSS) autenticada (con permisos de admin o superiores) almacenada en el complemento hwk-fr WP 404 que redirecciona automáticamente a una publicación similar en versiones <= 1.0.3 ." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:R\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 4.8, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.7, - "impactScore": 2.7 - }, - { - "source": "audit@patchstack.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:R\/S:C\/C:L\/I:L\/A:L", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "LOW", - "baseScore": 5.9, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.7, - "impactScore": 3.7 - } - ] - }, - "weaknesses": [ - { - "source": "audit@patchstack.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-79" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:hwk:wp_404_auto_redirect_to_similar_post:*:*:*:*:*:wordpress:*:*", - "versionEndIncluding": "1.0.3", - "matchCriteriaId": "9E2B717C-A6D7-4363-9DCE-9797D0291C73" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/patchstack.com\/database\/vulnerability\/wp-404-auto-redirect-to-similar-post\/wordpress-wp-404-auto-redirect-to-similar-post-plugin-1-0-3-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-40208", - "sourceIdentifier": "audit@patchstack.com", - "published": "2023-09-04T11:15:41.227", - "lastModified": "2023-11-07T04:20:08.870", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Aleksandar Urošević Stock Ticker plugin <= 3.23.3 versions." - }, - { - "lang": "es", - "value": "Vulnerabilidad de Cross-Site Scripting (XSS) reflejado no autenticado en el plugin Stock Ticker de Aleksandar Uroševi? en versiones anteriores e incluyendo la 3.23.3." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 6.1, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 2.7 - }, - { - "source": "audit@patchstack.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:C\/C:L\/I:L\/A:L", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "LOW", - "baseScore": 7.1, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.8, - "impactScore": 3.7 - } - ] - }, - "weaknesses": [ - { - "source": "audit@patchstack.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-79" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:urosevic:stock_ticker:*:*:*:*:*:wordpress:*:*", - "versionEndExcluding": "3.23.4", - "matchCriteriaId": "43BE00CD-7981-4F29-9148-43F305E1AD46" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/patchstack.com\/database\/vulnerability\/stock-ticker\/wordpress-stock-ticker-plugin-3-23-3-unauth-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-4614", - "sourceIdentifier": "product.security@lge.com", - "published": "2023-09-04T11:15:41.560", - "lastModified": "2023-09-08T14:14:50.043", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG LED Assistant. Authentication is not required to exploit this vulnerability. The specific flaw exists within the \/api\/installation\/setThumbnailRc endpoint. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of the current user." - }, - { - "lang": "es", - "value": "Esta vulnerabilidad permite a atacantes remotos ejecutar código arbitrario en las instalaciones afectadas de LG LED Assistant. No se requiere autenticación para explotar esta vulnerabilidad. El fallo específico existe dentro del endpoint \/api\/installation\/setThumbnailRc. El problema se debe a la falta de validación adecuada de una ruta proporcionada por el usuario antes de utilizarla en operaciones de archivo. Un atacante puede aprovechar esta vulnerabilidad para ejecutar código en el contexto del usuario actual." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL" - }, - "exploitabilityScore": 3.9, - "impactScore": 5.9 - }, - { - "source": "product.security@lge.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL" - }, - "exploitabilityScore": 3.9, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-22" - } - ] - }, - { - "source": "product.security@lge.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-22" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:lg:lg_led_assistant:2.1.45:*:*:*:*:*:*:*", - "matchCriteriaId": "01BF17A2-A252-43A4-867B-64380FFC9A92" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/lgsecurity.lge.com\/bulletins\/idproducts#updateDetails", - "source": "product.security@lge.com", - "tags": [ - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/www.zerodayinitiative.com\/advisories\/ZDI-23-1222\/", - "source": "product.security@lge.com", - "tags": [ - "Third Party Advisory", - "VDB Entry" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-4615", - "sourceIdentifier": "product.security@lge.com", - "published": "2023-09-04T11:15:41.657", - "lastModified": "2023-09-08T14:14:45.633", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "This vulnerability allows remote attackers to disclose sensitive information on affected installations of LG LED Assistant. Authentication is not required to exploit this vulnerability. The specific flaw exists within the \/api\/download\/updateFile endpoint. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of the current user." - }, - { - "lang": "es", - "value": "Esta vulnerabilidad permite a atacantes remotos revelar información sensible en las instalaciones afectadas de LG LED Assistant. No se requiere autenticación para explotar esta vulnerabilidad. El fallo específico existe dentro del endpoint \"\/api\/download\/updateFile\". El problema se debe a la falta de validación adecuada de una ruta proporcionada por el usuario antes de utilizarla en operaciones de archivo. Un atacante puede aprovechar estas vulnerabilidad para revelar información en el contexto del usuario actual. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:N\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 7.5, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - }, - { - "source": "product.security@lge.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:N\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 7.5, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-22" - } - ] - }, - { - "source": "product.security@lge.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-22" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:lg:lg_led_assistant:2.1.45:*:*:*:*:*:*:*", - "matchCriteriaId": "01BF17A2-A252-43A4-867B-64380FFC9A92" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/lgsecurity.lge.com\/bulletins\/idproducts#updateDetails", - "source": "product.security@lge.com", - "tags": [ - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/www.zerodayinitiative.com\/advisories\/ZDI-23-1224\/", - "source": "product.security@lge.com", - "tags": [ - "Third Party Advisory", - "VDB Entry" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-4616", - "sourceIdentifier": "product.security@lge.com", - "published": "2023-09-04T11:15:41.747", - "lastModified": "2023-09-08T14:14:22.880", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "This vulnerability allows remote attackers to disclose sensitive information on affected installations of LG LED Assistant. Authentication is not required to exploit this vulnerability. The specific flaw exists within the \/api\/thumbnail endpoint. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of the current user." - }, - { - "lang": "es", - "value": "Esta vulnerabilidad permite a atacantes remotos revelar información sensible en las instalaciones afectadas de LG LED Assistant. No se requiere autenticación para explotar esta vulnerabilidad. El fallo específico existe dentro del endpoint \/api\/thumbnail. El problema se debe a la falta de validación adecuada de una ruta proporcionada por el usuario antes de utilizarla en operaciones de archivo.Un atacante puede aprovechar estas vulnerabilidad para revelar información en el contexto del usuario actual." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:N\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 7.5, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - }, - { - "source": "product.security@lge.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:N\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 7.5, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-22" - } - ] - }, - { - "source": "product.security@lge.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-22" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:lg:lg_led_assistant:2.1.45:*:*:*:*:*:*:*", - "matchCriteriaId": "01BF17A2-A252-43A4-867B-64380FFC9A92" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/lgsecurity.lge.com\/bulletins\/idproducts#updateDetails", - "source": "product.security@lge.com", - "tags": [ - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/www.zerodayinitiative.com\/advisories\/ZDI-23-1223\/", - "source": "product.security@lge.com", - "tags": [ - "Third Party Advisory", - "VDB Entry" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-2813", - "sourceIdentifier": "contact@wpscan.com", - "published": "2023-09-04T12:15:08.997", - "lastModified": "2023-11-07T04:13:22.220", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "All of the above Aapna WordPress theme through 1.3, Anand WordPress theme through 1.2, Anfaust WordPress theme through 1.1, Arendelle WordPress theme before 1.1.13, Atlast Business WordPress theme through 1.5.8.5, Bazaar Lite WordPress theme before 1.8.6, Brain Power WordPress theme through 1.2, BunnyPressLite WordPress theme before 2.1, Cafe Bistro WordPress theme before 1.1.4, College WordPress theme before 1.5.1, Connections Reloaded WordPress theme through 3.1, Counterpoint WordPress theme through 1.8.1, Digitally WordPress theme through 1.0.8, Directory WordPress theme before 3.0.2, Drop WordPress theme before 1.22, Everse WordPress theme before 1.2.4, Fashionable Store WordPress theme through 1.3.4, Fullbase WordPress theme before 1.2.1, Ilex WordPress theme before 1.4.2, Js O3 Lite WordPress theme through 1.5.8.2, Js Paper WordPress theme through 2.5.7, Kata WordPress theme before 1.2.9, Kata App WordPress theme through 1.0.5, Kata Business WordPress theme through 1.0.2, Looki Lite WordPress theme before 1.3.0, moseter WordPress theme through 1.3.1, Nokke WordPress theme before 1.2.4, Nothing Personal WordPress theme through 1.0.7, Offset Writing WordPress theme through 1.2, Opor Ayam WordPress theme through 18, Pinzolo WordPress theme before 1.2.10, Plato WordPress theme before 1.1.9, Polka Dots WordPress theme through 1.2, Purity Of Soul WordPress theme through 1.9, Restaurant PT WordPress theme before 1.1.3, Saul WordPress theme before 1.1.0, Sean Lite WordPress theme before 1.4.6, Tantyyellow WordPress theme through 1.0.0.5, TIJAJI WordPress theme through 1.43, Tiki Time WordPress theme through 1.3, Tuaug4 WordPress theme through 1.4, Tydskrif WordPress theme through 1.1.3, UltraLight WordPress theme through 1.2, Venice Lite WordPress theme before 1.5.5, Viala WordPress theme through 1.3.1, viburno WordPress theme before 1.3.2, Wedding Bride WordPress theme before 1.0.2, Wlow WordPress theme before 1.2.7 suffer from the same issue about the search box reflecting the results causing XSS which allows an unauthenticated attacker to exploit against users if they click a malicious link." - }, - { - "lang": "es", - "value": "Todo lo anterior: Tema de WordPress de Aapna hasta 1.3, Tema de WordPress de Anand hasta 1.2, Tema de WordPress de Anfaust hasta 1.1, Tema de WordPress de Arendelle antes de 1.1.13, Tema de WordPress de Atlast Business hasta 1.5.8.5, Tema de WordPress de Bazaar Lite antes de 1.8.6, Tema de WordPress de Brain Power hasta 1.2, tema de WordPress BunnyPressLite anterior a 2.1, tema de WordPress Cafe Bistro anterior a 1.1.4, tema de WordPress College anterior a 1.5.1, tema de WordPress Connections Reloaded hasta 3.1, tema de WordPress Counterpoint hasta 1.8.1, tema de WordPress digital hasta 1.0.8 , Tema Directory WordPress anterior a 3.0.2, Tema Drop WordPress anterior a 1.22, Tema Everse WordPress anterior a 1.2.4, Tema Fashionable Store WordPress hasta 1.3.4, Tema Fullbase WordPress anterior a 1.2.1, Tema Ilex WordPress anterior a 1.4.2, Tema Js O3 Lite WordPress hasta 1.5.8.2, tema Js Paper WordPress hasta 2.5.7, tema Kata WordPress anterior a 1.2.9, tema Kata App WordPress hasta 1.0.5, tema Kata Business WordPress hasta 1.0.2, tema Looki Lite WordPress anterior a 1.3. 0, tema de WordPress moseter hasta 1.3.1, tema de WordPress Nokke anterior a 1.2.4, tema de WordPress Nothing Personal hasta 1.0.7, tema de WordPress Offset Writing hasta 1.2, tema de WordPress Opor Ayam hasta 18, tema de WordPress Pinzolo anterior a 1.2.10, Plato Tema de WordPress anterior a 1.1.9, tema de WordPress Polka Dots hasta 1.2, tema de WordPress Purity Of Soul hasta 1.9, tema de WordPress Restaurant PT anterior a 1.1.3, tema de WordPress Saul anterior a 1.1.0, tema de WordPress Sean Lite anterior a 1.4.6, tema de WordPress TantyYellow tema hasta 1.0.0.5, tema TIJAJI WordPress hasta 1.43, tema Tiki Time WordPress hasta 1.3, tema Tuaug4 WordPress hasta 1.4, tema Tydskrif WordPress hasta 1.1.3, tema UltraLight WordPress hasta 1.2, tema Venice Lite WordPress antes 1.5.5, tema Viala de WordPress hasta 1.3.1, tema viburno de Wordpress anterior a 1.3.2, el tema de WordPress Wedding Bride anterior a 1.0.2, el tema de WordPress Wlow anterior a 1.2.7 sufren el mismo problema en el cuadro de búsqueda que refleja los resultados, lo que provoca XSS, lo que permite a un atacante no autenticado explotar contra los usuarios si hacen clic en un enlace malicioso." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 6.1, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 2.7 - } - ] - }, - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:ajaydsouza:connections_reloaded:*:*:*:*:*:wordpress:*:*", - "versionEndIncluding": "3.1", - "matchCriteriaId": "FC619990-8F11-4698-BCEF-3B8DD5C59329" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:archimidismertzanos:atlast_business:*:*:*:*:*:wordpress:*:*", - "versionEndIncluding": "1.5.8.5", - "matchCriteriaId": "DDEE57D1-B2F5-4BD2-9EF1-B8E4AB75073C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:archimidismertzanos:fashionable_store:*:*:*:*:*:wordpress:*:*", - "versionEndIncluding": "1.3.4", - "matchCriteriaId": "BBB68EBA-C10F-4AB8-971B-EA6176A71E1D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:archimidismertzanos:nothing_personal:*:*:*:*:*:wordpress:*:*", - "versionEndIncluding": "1.0.7", - "matchCriteriaId": "C0F40F7A-8CEF-4A84-93D4-F49D2114BE69" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:arthousewebdesign:brain_power:*:*:*:*:*:wordpress:*:*", - "versionEndIncluding": "1.2", - "matchCriteriaId": "4CCF6D05-1D7B-4047-8BBD-86BCCBF866F9" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:asmedia:moseter:*:*:*:*:*:wordpress:*:*", - "versionEndIncluding": "1.3.1", - "matchCriteriaId": "ECD82D25-6B02-49FD-835E-A1D4C445FF8C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:asmedia:tuaug4:*:*:*:*:*:wordpress:*:*", - "versionEndIncluding": "1.4", - "matchCriteriaId": "68145A42-BC69-40EA-8695-31C425D01FCA" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:ayecode:cafe_bistro:*:*:*:*:*:wordpress:*:*", - "versionEndExcluding": "1.1.4", - "matchCriteriaId": "EC1DF84C-3A23-4A8E-A54A-7BC185F53ADA" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:ayecode:college:*:*:*:*:*:wordpress:*:*", - "versionEndExcluding": "1.5.1", - "matchCriteriaId": "9CEA1A3F-6AFD-4194-9292-EA6C8456D765" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:ayecode:directory:*:*:*:*:*:wordpress:*:*", - "versionEndExcluding": "3.0.2", - "matchCriteriaId": "C395E13F-EEA7-4DC5-9230-B59402C84168" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:ayecode:plato:*:*:*:*:*:wordpress:*:*", - "versionEndExcluding": "1.1.9", - "matchCriteriaId": "45E8EAFF-63D6-4899-BFBF-09B620F217F0" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:ayecode:restaurant_pt:*:*:*:*:*:wordpress:*:*", - "versionEndExcluding": "1.1.3", - "matchCriteriaId": "8CE7D44C-0932-4CDD-BA72-49E234E0C426" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:ayecode:wedding_bride:*:*:*:*:*:wordpress:*:*", - "versionEndExcluding": "1.0.2", - "matchCriteriaId": "EE07BCB9-4215-4AE0-805D-FBD5DD285EBD" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:climaxthemes:kata:*:*:*:*:*:wordpress:*:*", - "versionEndExcluding": "1.2.9", - "matchCriteriaId": "DC35CC33-E529-4F62-95BE-998515CB6EB5" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:competethemes:drop:*:*:*:*:*:wordpress:*:*", - "versionEndExcluding": "1.22", - "matchCriteriaId": "218E633E-35E3-4A83-9FAA-75B63C94274F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:davidgarlitz:viala:*:*:*:*:*:wordpress:*:*", - "versionEndIncluding": "1.3.1", - "matchCriteriaId": "23BCA780-5DB4-4230-83AF-5406A6FF7462" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:deothemes:arendelle:*:*:*:*:*:wordpress:*:*", - "versionEndExcluding": "1.1.13", - "matchCriteriaId": "FE702DF3-7E40-46C8-810F-64B27D637D6F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:deothemes:everse:*:*:*:*:*:wordpress:*:*", - "versionEndExcluding": "1.2.4", - "matchCriteriaId": "CD63208F-9340-4BDE-B35F-D8DBD3741199" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:deothemes:nokke:*:*:*:*:*:wordpress:*:*", - "versionEndExcluding": "1.2.4", - "matchCriteriaId": "10724AAE-A344-4568-8144-30E459375D34" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:dotecsa:ilex:*:*:*:*:*:wordpress:*:*", - "versionEndExcluding": "1.4.2", - "matchCriteriaId": "F424B5F2-4F0F-44B4-90E6-7A1981E55BCA" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:dotecsa:viburno:*:*:*:*:*:wordpress:*:*", - "versionEndExcluding": "1.3.2", - "matchCriteriaId": "590A1188-B585-4B9C-AEC1-F5181DBCAC1C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:fredriksoerlie:ultralight:*:*:*:*:*:wordpress:*:*", - "versionEndIncluding": "1.2", - "matchCriteriaId": "6F5F6918-F402-4C23-B338-D40403822B57" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:fyrewurks:polka_dots:*:*:*:*:*:wordpress:*:*", - "versionEndIncluding": "1.2", - "matchCriteriaId": "CDBF89FE-41D5-40DF-81B4-074D43773C69" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:fyrewurks:tiki_time:*:*:*:*:*:wordpress:*:*", - "versionEndIncluding": "1.3", - "matchCriteriaId": "31D78289-FD0A-4A1F-A40D-4301035C7E53" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:henleythemes:counterpoint:*:*:*:*:*:wordpress:*:*", - "versionEndIncluding": "1.8.1", - "matchCriteriaId": "B323551D-143E-433F-BE74-085A8F51C701" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:iznyn:opor_ayam:*:*:*:*:*:wordpress:*:*", - "versionEndIncluding": "1.8", - "matchCriteriaId": "3598764E-DCDC-4573-B70F-8280361DB21C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:iznyn:purity_of_soul:*:*:*:*:*:wordpress:*:*", - "versionEndIncluding": "1.9", - "matchCriteriaId": "0474A022-A2EB-4AF0-963A-47E1FAA8A2B2" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:jinwen:js_o3_lite:*:*:*:*:*:wordpress:*:*", - "versionEndIncluding": "1.5.8.2", - "matchCriteriaId": "13ADCF9B-2041-4E16-8A62-DE398959E59C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:jinwen:js_paper:*:*:*:*:*:wordpress:*:*", - "versionEndIncluding": "2.5.7", - "matchCriteriaId": "F1455721-3008-44D4-80F1-DA943BF3BFE1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:marchettidesign:fullbase:*:*:*:*:*:wordpress:*:*", - "versionEndExcluding": "1.2.1", - "matchCriteriaId": "6CD196CC-3D41-4EC8-A237-54A7BD522099" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:marchettidesign:wlow:*:*:*:*:*:wordpress:*:*", - "versionEndExcluding": "1.2.7", - "matchCriteriaId": "377EAF0E-BA22-459F-89A6-D15D4090C804" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:omarfolgheraiter:digitally:*:*:*:*:*:wordpress:*:*", - "versionEndIncluding": "1.0.8", - "matchCriteriaId": "07ED0214-C2DD-40BC-86EE-AAD622D25C22" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:saumendra:aapna:*:*:*:*:*:wordpress:*:*", - "versionEndIncluding": "1.3", - "matchCriteriaId": "B082473E-6F4C-4448-8766-1FBE89E1D10E" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:saumendra:anand:*:*:*:*:*:wordpress:*:*", - "versionEndIncluding": "1.2", - "matchCriteriaId": "BEF23F81-03A8-4DCC-8F98-715234FDC43C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:ta2g:tantyyellow:*:*:*:*:*:wordpress:*:*", - "versionEndIncluding": "1.0.0.5", - "matchCriteriaId": "9CFDBE4A-3E8A-41FC-8BCF-6507A8508FE2" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:themeinprogress:bazaar_lite:*:*:*:*:*:wordpress:*:*", - "versionEndExcluding": "1.8.6", - "matchCriteriaId": "C2E7C397-B7C3-4493-8E87-1D8C7D14113E" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:themeinprogress:looki_lite:*:*:*:*:*:wordpress:*:*", - "versionEndExcluding": "1.3.0", - "matchCriteriaId": "2688B0AA-6821-4D75-9DF6-00EA981CE167" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:themeinprogress:saul:*:*:*:*:*:wordpress:*:*", - "versionEndExcluding": "1.1.0", - "matchCriteriaId": "EA8E3526-7407-4F58-890D-A9BFA4A5E6D7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:themeinprogress:saul_lite:*:*:*:*:*:wordpress:*:*", - "versionEndExcluding": "1.4.6", - "matchCriteriaId": "ABEA7EF0-8167-49C6-A525-4DF0A7B7333C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:themeinprogress:venice_lite:*:*:*:*:*:wordpress:*:*", - "versionEndIncluding": "1.5.5", - "matchCriteriaId": "AED2D2B5-DD92-499D-B2A5-5DC2CB36FF5B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:thewebhunter:anfaust:*:*:*:*:*:wordpress:*:*", - "versionEndIncluding": "1.1", - "matchCriteriaId": "4CD69ED8-2D09-4581-AEFF-A5D732925D0F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:thewebhunter:offset_writing:*:*:*:*:*:wordpress:*:*", - "versionEndIncluding": "1.2", - "matchCriteriaId": "1ECC9918-D427-474B-9203-E252DE124A5B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:thriveweb:pinzolo:*:*:*:*:*:wordpress:*:*", - "versionEndExcluding": "1.2.10", - "matchCriteriaId": "437914C2-EDB1-463D-8042-5F57C84E869B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:tijaji:tijaji:*:*:*:*:*:wordpress:*:*", - "versionEndIncluding": "1.43", - "matchCriteriaId": "E894F192-8011-4B01-983F-83AE1D0FF4E5" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:wpmole:tydskrif:*:*:*:*:*:wordpress:*:*", - "versionEndIncluding": "1.1.3", - "matchCriteriaId": "54533C40-8291-423B-9654-B8755DEB6848" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:yws:bunnypress_lite:*:*:*:*:*:wordpress:*:*", - "versionEndIncluding": "2.1", - "matchCriteriaId": "FA21C775-16E5-44C4-B54A-6EB21FD6149D" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/wpscan.com\/vulnerability\/f434afd3-7de4-4bf4-a9bb-9f9aeaae1dc5", - "source": "contact@wpscan.com", - "tags": [ - "Exploit", - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-30485", - "sourceIdentifier": "audit@patchstack.com", - "published": "2023-09-04T12:15:09.140", - "lastModified": "2023-09-06T22:32:53.097", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Solwin Infotech Responsive WordPress Slider – Avartan Slider Lite plugin <= 1.5.3 versions." - }, - { - "lang": "es", - "value": "Vulnerabilidad de Cross-Site Scripting (XSS) reflejado no autenticado en el plugin Solwin Infotech Responsive WordPress Slider – Avartan Slider Lite en versiones anteriores e incluyendo la 1.5.3. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 6.1, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 2.7 - }, - { - "source": "audit@patchstack.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:C\/C:L\/I:L\/A:L", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "LOW", - "baseScore": 7.1, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.8, - "impactScore": 3.7 - } - ] - }, - "weaknesses": [ - { - "source": "audit@patchstack.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-79" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:solwininfotech:avartan-slider-lite:*:*:*:*:*:wordpress:*:*", - "versionEndIncluding": "1.5.3", - "matchCriteriaId": "0FB3F383-EFC8-4314-8436-A0604BB2B4B1" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/patchstack.com\/database\/vulnerability\/avartan-slider-lite\/wordpress-avartan-slider-lite-plugin-1-5-3-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-32102", - "sourceIdentifier": "audit@patchstack.com", - "published": "2023-09-04T12:15:09.220", - "lastModified": "2023-09-06T22:33:02.990", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Pexle Chris Library Viewer plugin <= 2.0.6 versions." - }, - { - "lang": "es", - "value": "Vulnerabilidad de Coss-Site Scripting (XSS) autenticada (con permisos de colaboradores o superiores) almacenada en el complemento Pexle Chris Library Viewer en versiones <= 2.0.6." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:R\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 5.4, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.3, - "impactScore": 2.7 - }, - { - "source": "audit@patchstack.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:R\/S:C\/C:L\/I:L\/A:L", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "LOW", - "baseScore": 6.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.3, - "impactScore": 3.7 - } - ] - }, - "weaknesses": [ - { - "source": "audit@patchstack.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-79" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:pexlechris:library_viewer:*:*:*:*:*:wordpress:*:*", - "versionEndExcluding": "2.0.6.1", - "matchCriteriaId": "95AD58F4-1380-4B2D-89A0-FB648EF76491" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/patchstack.com\/database\/vulnerability\/library-viewer\/wordpress-library-viewer-plugin-2-0-6-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-32296", - "sourceIdentifier": "audit@patchstack.com", - "published": "2023-09-04T12:15:09.313", - "lastModified": "2023-09-06T22:33:10.717", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Kangu para WooCommerce plugin <= 2.2.9 versions." - }, - { - "lang": "es", - "value": "Vulnerabilidad de Cross-Site Scripting (XSS) reflejado no autenticado en el plugin Kangu para WooCommerce en versiones anteriores e incluyendo la 2.2.9. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 6.1, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 2.7 - }, - { - "source": "audit@patchstack.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:C\/C:L\/I:L\/A:L", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "LOW", - "baseScore": 7.1, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.8, - "impactScore": 3.7 - } - ] - }, - "weaknesses": [ - { - "source": "audit@patchstack.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-79" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:kangu:kangu:*:*:*:*:*:wordpress:*:*", - "versionEndIncluding": "2.2.9", - "matchCriteriaId": "21E9192F-5ABA-4185-96CD-602A576F9025" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/patchstack.com\/database\/vulnerability\/kangu\/wordpress-kangu-para-woocommerce-plugin-2-2-9-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-32578", - "sourceIdentifier": "audit@patchstack.com", - "published": "2023-09-04T12:15:09.400", - "lastModified": "2023-09-06T22:33:28.527", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Twinpictures Column-Matic plugin <= 1.3.3 versions." - }, - { - "lang": "es", - "value": "Vulnerabilidad de Coss-Site Scripting (XSS) autenticada (con permisos de colaboradores o superiores) almacenada en el complemento Twinpictures Column-Matic en versiones <= 1.3.3." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:R\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 5.4, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.3, - "impactScore": 2.7 - }, - { - "source": "audit@patchstack.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:R\/S:C\/C:L\/I:L\/A:L", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "LOW", - "baseScore": 6.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.3, - "impactScore": 3.7 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-79" - } - ] - }, - { - "source": "audit@patchstack.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-79" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:column-matic_project:column-matic:*:*:*:*:*:wordpress:*:*", - "versionEndIncluding": "1.3.3", - "matchCriteriaId": "D6A90874-16F6-44F4-8DED-8E2512431EED" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/patchstack.com\/database\/vulnerability\/column-matic\/wordpress-column-matic-plugin-1-3-3-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-3499", - "sourceIdentifier": "contact@wpscan.com", - "published": "2023-09-04T12:15:09.493", - "lastModified": "2023-11-07T04:18:50.963", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "The Photo Gallery, Images, Slider in Rbs Image Gallery WordPress plugin before 3.2.16 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)" - }, - { - "lang": "es", - "value": "El plugin The Photo Gallery, Images, Slider in Rbs Image Gallery para WordPress antes de la versión 3.2.16 no sanitiza ni escapa alguno de sus ajustes, lo que podría permitir a los usuarios de alto privilegio, tales como administradores, llevar a cabo ataques de Cross-Site Scripting (XSS) almacenado incluso cuando la capacidad \"unfiltered_html\" no está permitida (por ejemplo, en la configuración multisitio). " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:R\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 4.8, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.7, - "impactScore": 2.7 - } - ] - }, - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:robogallery:robo_gallery:*:*:*:*:*:wordpress:*:*", - "versionEndExcluding": "3.2.16", - "matchCriteriaId": "AEA1F3F1-BBD6-4525-8AD6-8E9E854307C4" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/wpscan.com\/vulnerability\/ea29413b-494e-410e-ae42-42f96284899c", - "source": "contact@wpscan.com", - "tags": [ - "Exploit", - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-3814", - "sourceIdentifier": "contact@wpscan.com", - "published": "2023-09-04T12:15:09.570", - "lastModified": "2023-11-07T04:19:44.357", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "The Advanced File Manager WordPress plugin before 5.1.1 does not adequately authorize its usage on multisite installations, allowing site admin users to list and read arbitrary files and folders on the server." - }, - { - "lang": "es", - "value": "El complemento de WordPress Advanced File Manager anterior a 5.1.1 no autoriza adecuadamente su uso en instalaciones multisitio, lo que permite a los usuarios administradores del sitio enumerar y leer archivos y carpetas arbitrarios en el servidor." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:N\/S:U\/C:H\/I:N\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 4.9, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.2, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-863" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:advancedfilemanager:advanced_file_manager:*:*:*:*:*:wordpress:*:*", - "versionEndExcluding": "5.1.1", - "matchCriteriaId": "783D21AA-E44F-42FA-9295-9AE04E578323" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/wpscan.com\/vulnerability\/ca954ec6-6ebd-4d72-a323-570474e2e339", - "source": "contact@wpscan.com", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-40196", - "sourceIdentifier": "audit@patchstack.com", - "published": "2023-09-04T12:15:09.647", - "lastModified": "2023-09-08T06:47:13.897", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in ImageRecycle ImageRecycle pdf & image compression plugin <= 3.1.11 versions." - }, - { - "lang": "es", - "value": "Vulnerabilidad de Cross-Site Scripting (XSS) reflejado no autenticado en el plugin ImageRecycle pdf & image compression en versiones anteriores e incluyendo la 3.1.11. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 6.1, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 2.7 - }, - { - "source": "audit@patchstack.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:C\/C:L\/I:L\/A:L", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "LOW", - "baseScore": 7.1, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.8, - "impactScore": 3.7 - } - ] - }, - "weaknesses": [ - { - "source": "audit@patchstack.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-79" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:imagerecycle:imagerecycle_pdf_\\&_image_compression:*:*:*:*:*:wordpress:*:*", - "versionEndExcluding": "3.1.12", - "matchCriteriaId": "F7D48EC5-C1E6-4658-B711-D6778276DCB3" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/patchstack.com\/database\/vulnerability\/imagerecycle-pdf-image-compression\/wordpress-imagerecycle-pdf-image-compression-plugin-3-1-11-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-40197", - "sourceIdentifier": "audit@patchstack.com", - "published": "2023-09-04T12:15:09.737", - "lastModified": "2023-09-08T06:47:28.880", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Devaldi Ltd flowpaper plugin <= 1.9.9 versions." - }, - { - "lang": "es", - "value": "Vulnerabilidad de Coss-Site Scripting (XSS) autenticada (con permisos de colaboradores o superiores) almacenada en el complemento Devaldi Ltd flowpaper en versiones <= 1.9.9 ." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:R\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 5.4, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.3, - "impactScore": 2.7 - }, - { - "source": "audit@patchstack.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:R\/S:C\/C:L\/I:L\/A:L", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "LOW", - "baseScore": 6.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.3, - "impactScore": 3.7 - } - ] - }, - "weaknesses": [ - { - "source": "audit@patchstack.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-79" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:flowpaper:flowpaper:*:*:*:*:*:wordpress:*:*", - "versionEndExcluding": "2.0.0", - "matchCriteriaId": "5D110F02-CF15-467A-A4AD-945F638DB68D" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/patchstack.com\/database\/vulnerability\/flowpaper-lite-pdf-flipbook\/wordpress-flowpaper-plugin-1-9-9-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-40205", - "sourceIdentifier": "audit@patchstack.com", - "published": "2023-09-04T12:15:09.823", - "lastModified": "2023-09-08T06:47:50.370", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Pixelgrade PixTypes plugin <= 1.4.15 versions." - }, - { - "lang": "es", - "value": "Vulnerabilidad de Cross-Site Scripting (XSS) Reflejado no autenticado en el plugin Pixelgrade PixTypes en versiones anteriores e incluyendo la 1.4.15." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 6.1, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 2.7 - }, - { - "source": "audit@patchstack.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:C\/C:L\/I:L\/A:L", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "LOW", - "baseScore": 7.1, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.8, - "impactScore": 3.7 - } - ] - }, - "weaknesses": [ - { - "source": "audit@patchstack.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-79" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:pixelgrade:pixtypes:*:*:*:*:*:wordpress:*:*", - "versionEndIncluding": "1.4.15", - "matchCriteriaId": "BE31ACBF-A272-40D5-968B-30DB6D75635B" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/patchstack.com\/database\/vulnerability\/pixtypes\/wordpress-pixtypes-plugin-1-4-15-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-40214", - "sourceIdentifier": "audit@patchstack.com", - "published": "2023-09-04T12:15:09.917", - "lastModified": "2023-09-08T06:48:16.773", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Vathemes Business Pro theme <= 1.10.4 versions." - }, - { - "lang": "es", - "value": "Vulnerabilidad de Cross-Site Scripting (XSS) Reflejada No Autenticada en el complemento Vathemes Business Pro theme versiones <= 1.10.4." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 6.1, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 2.7 - }, - { - "source": "audit@patchstack.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:C\/C:L\/I:L\/A:L", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "LOW", - "baseScore": 7.1, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.8, - "impactScore": 3.7 - } - ] - }, - "weaknesses": [ - { - "source": "audit@patchstack.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-79" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:bestdivichild:business_pro:*:*:*:*:*:wordpress:*:*", - "versionEndIncluding": "1.10.4", - "matchCriteriaId": "3209FABA-3358-4C69-BC48-81109031A7E3" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/patchstack.com\/database\/vulnerability\/business-pro\/wordpress-business-pro-theme-1-10-4-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-4019", - "sourceIdentifier": "contact@wpscan.com", - "published": "2023-09-04T12:15:10.037", - "lastModified": "2023-11-07T04:22:03.283", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "The Media from FTP WordPress plugin before 11.17 does not properly limit who can use the plugin, which may allow users with author+ privileges to move files around, like wp-config.php, which may lead to RCE in some cases." - }, - { - "lang": "es", - "value": "El complemento Media from FTP de WordPress anterior a la versión 11.17 no limita adecuadamente quién puede usar el complemento, lo que puede permitir a los usuarios con privilegios de autor+ mover archivos, como wp-config.php, lo que puede provocar RCE en algunos casos.\n" - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.8, - "impactScore": 5.9 - } - ] - }, - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:riverforest-wp:media_from_ftp:*:*:*:*:*:wordpress:*:*", - "versionEndExcluding": "11.17", - "matchCriteriaId": "411B5FD2-5034-4252-8D7D-20ACD763C53A" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/wpscan.com\/vulnerability\/0d323b07-c6e7-4aba-85bc-64659ad0c85d", - "source": "contact@wpscan.com", - "tags": [ - "Exploit", - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-4059", - "sourceIdentifier": "contact@wpscan.com", - "published": "2023-09-04T12:15:10.110", - "lastModified": "2023-11-07T04:22:04.680", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "The Profile Builder WordPress plugin before 3.9.8 lacks authorisation and CSRF in its page creation function which allows unauthenticated users to create the register, log-in and edit-profile pages from the plugin on the blog" - }, - { - "lang": "es", - "value": "El complemento Profile Builder de WordPress anterior a 3.9.8 carece de autorización y CSRF en su función de creación de páginas, lo que permite a usuarios no autenticados crear páginas de registro, inicio de sesión y edición de perfil desde el complemento en el blog." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:U\/C:N\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 4.3, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 1.4 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-352" - }, - { - "lang": "en", - "value": "CWE-862" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cozmoslabs:profile_builder:*:*:*:*:*:wordpress:*:*", - "versionEndExcluding": "3.9.8", - "matchCriteriaId": "C4A365CC-2DF7-4631-AE56-71BE078F9148" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/wpscan.com\/vulnerability\/fc719d12-2f58-4d1f-b696-0f937e706842", - "source": "contact@wpscan.com", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-4151", - "sourceIdentifier": "contact@wpscan.com", - "published": "2023-09-04T12:15:10.187", - "lastModified": "2023-11-07T04:22:11.493", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "The Store Locator WordPress plugin before 1.4.13 does not sanitise and escape an invalid nonce before outputting it back in an AJAX response, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin" - }, - { - "lang": "es", - "value": "El plugin Store Locator para WordPress anterior a la versión 1.4.13 no sanitiza ni escapa un nonce inválido antes de devolverlo en una respuesta AJAX, lo que da lugar a un Cross-Site Scripting (XSS) reflejado que podría utilizarse contra usuarios con privilegios elevados, como los administradores. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 6.1, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 2.7 - } - ] - }, - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:agilelogix:store_locator:*:*:*:*:*:wordpress:*:*", - "versionEndExcluding": "1.4.13", - "matchCriteriaId": "BBABF197-4EA1-48E2-9471-0AACB345391F" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/wpscan.com\/vulnerability\/c9d80aa4-a26d-4b3f-b7bf-9d2fb0560d7b", - "source": "contact@wpscan.com", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-4216", - "sourceIdentifier": "contact@wpscan.com", - "published": "2023-09-04T12:15:10.257", - "lastModified": "2023-11-07T04:22:20.767", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "The Orders Tracking for WooCommerce WordPress plugin before 1.2.6 doesn't validate the file_url parameter when importing a CSV file, allowing high privilege users with the manage_woocommerce capability to access any file on the web server via a Traversal attack. The content retrieved is however limited to the first line of the file." - }, - { - "lang": "es", - "value": "El plugin Orders Tracking for WooCommerce de WordPress versiones anteriores a 1.2.6 no valida el archivo_url parameter cuando se importa un archivo CSV, permitiendo a los usuarios de altos privilegios con la capacidad manage_woocommerce a acceder a cualquier archivo en el servidor web a través de un ataque transversal. in embargo, el contenido recuperado se limita a la primera línea del fichero." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:N\/S:U\/C:L\/I:N\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 2.7, - "baseSeverity": "LOW" - }, - "exploitabilityScore": 1.2, - "impactScore": 1.4 - } - ] - }, - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:villatheme:orders_tracking_for_woocommerce:*:*:*:*:*:wordpress:*:*", - "versionEndExcluding": "1.2.6", - "matchCriteriaId": "11C15F9C-1CB9-4A4C-AA26-62C47C1F352A" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/wpscan.com\/vulnerability\/8189afc4-17b3-4696-89e1-731011cb9e2b", - "source": "contact@wpscan.com", - "tags": [ - "Exploit", - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-4253", - "sourceIdentifier": "contact@wpscan.com", - "published": "2023-09-04T12:15:10.333", - "lastModified": "2023-11-07T04:22:22.487", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "The AI ChatBot WordPress plugin before 4.7.8 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)" - }, - { - "lang": "es", - "value": "El plugin AI ChatBot para WordPress anterior a la versión 4.7.8 no sanitiza ni escapa alguno de sus ajustes, lo que podría permitir a usuarios con privilegios elevados, como el administrador, realizar ataques de Cross-Site Scripting (XSS) almacenado incluso cuando la función \"unfiltered_html\" no está permitida (por ejemplo, en una configuración multisitio)." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:R\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 4.8, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.7, - "impactScore": 2.7 - } - ] - }, - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:quantumcloud:ai_chatbot:*:*:*:*:*:wordpress:*:*", - "versionEndExcluding": "4.7.8", - "matchCriteriaId": "3E7BCEE7-BF2A-42B9-88C7-A3D86854A1D0" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/wpscan.com\/vulnerability\/1cbbab9e-be3d-4081-bc0e-c52d500d9871", - "source": "contact@wpscan.com", - "tags": [ - "Exploit", - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-4254", - "sourceIdentifier": "contact@wpscan.com", - "published": "2023-09-04T12:15:10.403", - "lastModified": "2023-11-07T04:22:22.627", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "The AI ChatBot WordPress plugin before 4.7.8 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)" - }, - { - "lang": "es", - "value": "El complemento AI ChatBot WordPress anterior a 4.7.8 no sanea y escapa de algunas de sus configuraciones, o que podría permitir a usuarios con privilegios elevados, como administradores, realizar ataques de Cross-Site Scripting almacenados incluso cuando la capacidad unfiltered_html no está permitida (por ejemplo, en configuración multisitio)." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:R\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 4.8, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.7, - "impactScore": 2.7 - } - ] - }, - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:quantumcloud:ai_chatbot:*:*:*:*:*:wordpress:*:*", - "versionEndExcluding": "4.7.8", - "matchCriteriaId": "3E7BCEE7-BF2A-42B9-88C7-A3D86854A1D0" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/wpscan.com\/vulnerability\/0dfffe48-e60d-4bab-b194-8a63554246c3", - "source": "contact@wpscan.com", - "tags": [ - "Exploit", - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-4269", - "sourceIdentifier": "contact@wpscan.com", - "published": "2023-09-04T12:15:10.470", - "lastModified": "2023-11-07T04:22:22.850", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "The User Activity Log WordPress plugin before 1.6.6 lacks proper authorisation when exporting its activity logs, allowing any authenticated users, such as subscriber to perform such action and retrieve PII such as email addresses." - }, - { - "lang": "es", - "value": "El complemento de WordPress Registro de Actividad del Usuario anterior a 1.6.6 carece de la autorización adecuada al exportar sus registros de actividad, lo que permite a cualquier usuario autenticado, como un suscriptor, realizar dicha acción y recuperar PII, como direcciones de correo electrónico." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:L\/I:N\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 4.3, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 1.4 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-863" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:solwininfotech:user_activity_log:*:*:*:*:*:wordpress:*:*", - "versionEndExcluding": "1.6.6", - "matchCriteriaId": "29A3F2DC-6FFA-488B-8B66-F30684240C97" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/wpscan.com\/vulnerability\/db3e4336-117c-47f2-9b43-2ca115525297", - "source": "contact@wpscan.com", - "tags": [ - "Exploit", - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-4279", - "sourceIdentifier": "contact@wpscan.com", - "published": "2023-09-04T12:15:10.547", - "lastModified": "2023-11-07T04:22:24.490", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "This User Activity Log WordPress plugin before 1.6.7 retrieves client IP addresses from potentially untrusted headers, allowing an attacker to manipulate its value. This may be used to hide the source of malicious traffic." - }, - { - "lang": "es", - "value": "El plugin de WordPress User Activity Log anterior a la versión 1.6.7 recupera direcciones IP de clientes a partir de cabeceras potencialmente no fiables, lo que permite a un atacante manipular su valor. Esto puede utilizarse para ocultar el origen del tráfico malicioso. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:N\/I:H\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "HIGH", - "availabilityImpact": "NONE", - "baseScore": 7.5, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - } - ] - }, - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:solwininfotech:user_activity_log:*:*:*:*:*:wordpress:*:*", - "versionEndExcluding": "1.6.7", - "matchCriteriaId": "A9F30F19-B6B0-4238-BAB7-20086472AA82" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/wpscan.com\/vulnerability\/2bd2579e-b383-4d12-b207-6fc32cfb82bc", - "source": "contact@wpscan.com", - "tags": [ - "Exploit", - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-4284", - "sourceIdentifier": "contact@wpscan.com", - "published": "2023-09-04T12:15:10.627", - "lastModified": "2023-11-07T04:22:25.233", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "The Post Timeline WordPress plugin before 2.2.6 does not sanitise and escape an invalid nonce before outputting it back in an AJAX response, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin" - }, - { - "lang": "es", - "value": "El plugin de WordPress Post Timeline anterior a la versión 2.2.6 no sanea y escapa de un nonce inválido antes de devolverlo en una respuesta AJAX, lo que lleva a un Reflected Cross-Site Scripting que podría ser utilizado contra usuarios con privilegios elevados como el administrador." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 6.1, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 2.7 - } - ] - }, - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:agilelogix:post_timeline:*:*:*:*:*:wordpress:*:*", - "versionEndExcluding": "2.2.6", - "matchCriteriaId": "02928EDD-1486-4573-A885-E95FCFE201E4" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/wpscan.com\/vulnerability\/1c126869-0afa-456f-94cc-10334964e5f9", - "source": "contact@wpscan.com", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-4298", - "sourceIdentifier": "contact@wpscan.com", - "published": "2023-09-04T12:15:10.693", - "lastModified": "2023-11-07T04:22:26.147", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "The 123.chat WordPress plugin before 1.3.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)" - }, - { - "lang": "es", - "value": "El plugin 123.chat para WordPress anterior a la versión 1.3.1 no sanitiza ni escapa algunos de sus parámetros, lo que podría permitir a usuarios con privilegios elevados, como el administrador, realiza ataques Cross-Site Scripting (XSS) almacenado incluso cuando la función \"unfiltered_html\" no está permitida (por ejemplo, en una configuración multisitio)." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:R\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 4.8, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.7, - "impactScore": 2.7 - } - ] - }, - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:123.chat:123.chat:*:*:*:*:*:wordpress:*:*", - "versionEndExcluding": "1.3.1", - "matchCriteriaId": "FC593906-A926-4F05-B83A-CBBA5BFBCC39" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/wpscan.com\/vulnerability\/36285052-8464-4fd6-b4b1-c175e730edad", - "source": "contact@wpscan.com", - "tags": [ - "Exploit", - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-4587", - "sourceIdentifier": "cve-coordination@incibe.es", - "published": "2023-09-04T12:15:10.760", - "lastModified": "2024-06-04T19:17:54.610", - "vulnStatus": "Modified", - "cveTags": [ - { - "sourceIdentifier": "cve-coordination@incibe.es", - "tags": [ - "unsupported-when-assigned" - ] - } - ], - "descriptions": [ - { - "lang": "en", - "value": "An IDOR vulnerability has been found in ZKTeco ZEM800 product affecting version 6.60. This vulnerability allows a local attacker to obtain registered user backup files or device configuration files over a local network or through a VPN server." - }, - { - "lang": "es", - "value": "** NO COMPATIBLE CUANDO ESTÁ ASIGNADO ** ** una vulnerabilidad IDOR se ha encontrado en el producto ZKTeco ZEM800 que afecta a la versión 6.60.Esta vulnerabilidad permite a un atacante local obtener archivos de copia de seguridad de usuarios registrados o archivos de configuración de dispositivos a través de una red local o mediante un servidor VPN." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 5.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.8, - "impactScore": 3.6 - }, - { - "source": "cve-coordination@incibe.es", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:A\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:L", - "attackVector": "ADJACENT_NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "LOW", - "baseScore": 8.3, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.8, - "impactScore": 5.5 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-639" - } - ] - }, - { - "source": "cve-coordination@incibe.es", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-639" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:zkteco:zem800_firmware:6.60:*:*:*:*:*:*:*", - "matchCriteriaId": "A141C52A-A102-4637-825C-631603AFE047" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:zkteco:zem800:-:*:*:*:*:*:*:*", - "matchCriteriaId": "861E1B88-7815-4286-99DE-6AA4E2F27AAA" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.incibe.es\/en\/incibe-cert\/notices\/aviso\/insecure-direct-object-reference-zkteco-zem800", - "source": "cve-coordination@incibe.es", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-3221", - "sourceIdentifier": "cve-coordination@incibe.es", - "published": "2023-09-04T13:15:32.853", - "lastModified": "2023-09-08T14:12:14.190", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "User enumeration vulnerability in Password Recovery plugin 1.2 version for Roundcube, which could allow a remote attacker to create a test script against the password recovery function to enumerate all users in the database." - }, - { - "lang": "es", - "value": "Se ha descubierto una vulnerabilidad de enumeración de usuarios en el plugin Password Recovery versión 1.2 para Roundcube, que podría permitir a un atacante remoto crear un script de prueba contra la función de recuperación de contraseñas para enumerar todos los usuarios de la base de datos. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:L\/I:N\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 5.3, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 3.9, - "impactScore": 1.4 - }, - { - "source": "cve-coordination@incibe.es", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:L\/I:N\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 5.3, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 3.9, - "impactScore": 1.4 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-203" - } - ] - }, - { - "source": "cve-coordination@incibe.es", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-204" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:password_recovery_project:password_recovery:1.2:*:*:*:*:roundcube:*:*", - "matchCriteriaId": "5AC9878D-1A6B-46C0-843F-69EF179F85D6" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.incibe.es\/en\/incibe-cert\/notices\/aviso\/multiple-vulnerabilities-roundcube-password-recovery-plugin", - "source": "cve-coordination@incibe.es", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-3222", - "sourceIdentifier": "cve-coordination@incibe.es", - "published": "2023-09-04T13:15:33.987", - "lastModified": "2023-09-08T14:07:29.030", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Vulnerability in the password recovery mechanism of Password Recovery plugin for Roundcube, in its 1.2 version, which could allow a remote attacker to change an existing user´s password by adding a 6-digit numeric token. An attacker could create an automatic script to test all possible values because the platform has no limit on the number of requests." - }, - { - "lang": "es", - "value": "Se ha descubierto una vulnerabilidad en el mecanismo de recuperación de contraseñas del plugin Password Recovery para Roundcube, en su versión 1.2, que podría permitir a un atacante remoto cambiar la contraseña de un usuario existente añadiendo un token numérico de 6 dígitos. Un atacante podría crear un script automático para probar todos los valores posibles, ya que la plataforma no tiene límite en el número de peticiones. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:N\/I:H\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "HIGH", - "availabilityImpact": "NONE", - "baseScore": 7.5, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - }, - { - "source": "cve-coordination@incibe.es", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:N\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 7.5, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-640" - } - ] - }, - { - "source": "cve-coordination@incibe.es", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-640" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:password_recovery_project:password_recovery:1.2:*:*:*:*:roundcube:*:*", - "matchCriteriaId": "5AC9878D-1A6B-46C0-843F-69EF179F85D6" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.incibe.es\/en\/incibe-cert\/notices\/aviso\/multiple-vulnerabilities-roundcube-password-recovery-plugin", - "source": "cve-coordination@incibe.es", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-4733", - "sourceIdentifier": "security@huntr.dev", - "published": "2023-09-04T14:15:07.563", - "lastModified": "2024-02-01T17:56:32.277", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Use After Free in GitHub repository vim\/vim prior to 9.0.1840." - }, - { - "lang": "es", - "value": "Use After Free en el repositorio de GitHub vim\/vim anterior a 9.0.1840." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - } - ], - "cvssMetricV30": [ - { - "source": "security@huntr.dev", - "type": "Secondary", - "cvssData": { - "version": "3.0", - "vectorString": "CVSS:3.0\/AV:L\/AC:L\/PR:L\/UI:R\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.3, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.3, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "security@huntr.dev", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-416" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:vim:vim:*:*:*:*:*:*:*:*", - "versionEndExcluding": "9.0.1840", - "matchCriteriaId": "3665420B-1EB9-4491-903B-1822D5FD0E8A" - } - ] - } - ] - }, - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", - "matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*", - "matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*", - "matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646" - } - ] - } - ] - }, - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", - "versionEndExcluding": "14.1", - "matchCriteriaId": "2BB2BFC1-74A1-4178-8488-69EC5A60B34F" - } - ] - } - ] - } - ], - "references": [ - { - "url": "http:\/\/seclists.org\/fulldisclosure\/2023\/Oct\/24", - "source": "security@huntr.dev", - "tags": [ - "Mailing List", - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/github.com\/vim\/vim\/commit\/e1dc9a627536304bc4f738c21e909ad9fcf3974c", - "source": "security@huntr.dev", - "tags": [ - "Patch" - ] - }, - { - "url": "https:\/\/huntr.dev\/bounties\/1ce1fd8c-050a-4373-8004-b35b61590217", - "source": "security@huntr.dev", - "tags": [ - "Exploit", - "Patch", - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/I56ITJAFMFAQ2G3BMGTCGM3GS62V2DTR\/", - "source": "security@huntr.dev", - "tags": [ - "Mailing List" - ] - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/ITRVK4FB74RZDIGTZJXOZMUW6X6F4TNF\/", - "source": "security@huntr.dev", - "tags": [ - "Mailing List" - ] - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/PFE3LDFRZ7EGWA5AU7YHYL62ELBOFZWQ\/", - "source": "security@huntr.dev", - "tags": [ - "Mailing List" - ] - }, - { - "url": "https:\/\/support.apple.com\/kb\/HT213984", - "source": "security@huntr.dev", - "tags": [ - "Release Notes", - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-4750", - "sourceIdentifier": "security@huntr.dev", - "published": "2023-09-04T14:15:08.263", - "lastModified": "2024-02-01T18:01:58.257", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Use After Free in GitHub repository vim\/vim prior to 9.0.1857." - }, - { - "lang": "es", - "value": "Use After Free en el repositorio de GitHub vim\/vim anterior a 9.0.1857." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - } - ], - "cvssMetricV30": [ - { - "source": "security@huntr.dev", - "type": "Secondary", - "cvssData": { - "version": "3.0", - "vectorString": "CVSS:3.0\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "security@huntr.dev", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-416" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:vim:vim:*:*:*:*:*:*:*:*", - "versionEndExcluding": "9.0.1857", - "matchCriteriaId": "ED821385-90E6-453E-8835-0084B386F287" - } - ] - } - ] - }, - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", - "matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*", - "matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*", - "matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646" - } - ] - } - ] - }, - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", - "versionEndExcluding": "14.1", - "matchCriteriaId": "2BB2BFC1-74A1-4178-8488-69EC5A60B34F" - } - ] - } - ] - } - ], - "references": [ - { - "url": "http:\/\/seclists.org\/fulldisclosure\/2023\/Oct\/24", - "source": "security@huntr.dev", - "tags": [ - "Mailing List", - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/github.com\/vim\/vim\/commit\/fc68299d436cf87453e432daa77b6d545df4d7ed", - "source": "security@huntr.dev", - "tags": [ - "Patch" - ] - }, - { - "url": "https:\/\/huntr.dev\/bounties\/1ab3ebdf-fe7d-4436-b483-9a586e03b0ea", - "source": "security@huntr.dev", - "tags": [ - "Exploit", - "Patch", - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/I56ITJAFMFAQ2G3BMGTCGM3GS62V2DTR\/", - "source": "security@huntr.dev", - "tags": [ - "Mailing List" - ] - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/ITRVK4FB74RZDIGTZJXOZMUW6X6F4TNF\/", - "source": "security@huntr.dev", - "tags": [ - "Mailing List" - ] - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/PFE3LDFRZ7EGWA5AU7YHYL62ELBOFZWQ\/", - "source": "security@huntr.dev", - "tags": [ - "Mailing List" - ] - }, - { - "url": "https:\/\/support.apple.com\/kb\/HT213984", - "source": "security@huntr.dev", - "tags": [ - "Release Notes", - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-4752", - "sourceIdentifier": "security@huntr.dev", - "published": "2023-09-04T14:15:08.450", - "lastModified": "2024-02-01T17:59:00.997", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Use After Free in GitHub repository vim\/vim prior to 9.0.1858." - }, - { - "lang": "es", - "value": "Use After Free en el repositorio de GitHub vim\/vim anterior a 9.0.1858." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - } - ], - "cvssMetricV30": [ - { - "source": "security@huntr.dev", - "type": "Secondary", - "cvssData": { - "version": "3.0", - "vectorString": "CVSS:3.0\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "security@huntr.dev", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-416" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:vim:vim:*:*:*:*:*:*:*:*", - "versionEndExcluding": "9.0.1858", - "matchCriteriaId": "A246BFA3-E48C-41A4-8E2A-EA83DE37B499" - } - ] - } - ] - }, - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", - "matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*", - "matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*", - "matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646" - } - ] - } - ] - }, - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", - "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73" - } - ] - } - ] - }, - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", - "versionEndExcluding": "14.1", - "matchCriteriaId": "2BB2BFC1-74A1-4178-8488-69EC5A60B34F" - } - ] - } - ] - } - ], - "references": [ - { - "url": "http:\/\/seclists.org\/fulldisclosure\/2023\/Oct\/24", - "source": "security@huntr.dev", - "tags": [ - "Mailing List", - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/github.com\/vim\/vim\/commit\/ee9166eb3b41846661a39b662dc7ebe8b5e15139", - "source": "security@huntr.dev", - "tags": [ - "Patch" - ] - }, - { - "url": "https:\/\/huntr.dev\/bounties\/85f62dd7-ed84-4fa2-b265-8a369a318757", - "source": "security@huntr.dev", - "tags": [ - "Exploit", - "Issue Tracking", - "Patch", - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/lists.debian.org\/debian-lts-announce\/2023\/09\/msg00035.html", - "source": "security@huntr.dev", - "tags": [ - "Mailing List", - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/I56ITJAFMFAQ2G3BMGTCGM3GS62V2DTR\/", - "source": "security@huntr.dev", - "tags": [ - "Mailing List" - ] - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/ITRVK4FB74RZDIGTZJXOZMUW6X6F4TNF\/", - "source": "security@huntr.dev", - "tags": [ - "Mailing List" - ] - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/PFE3LDFRZ7EGWA5AU7YHYL62ELBOFZWQ\/", - "source": "security@huntr.dev", - "tags": [ - "Mailing List" - ] - }, - { - "url": "https:\/\/support.apple.com\/kb\/HT213984", - "source": "security@huntr.dev", - "tags": [ - "Release Notes", - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-4755", - "sourceIdentifier": "security@huntr.dev", - "published": "2023-09-04T14:15:08.593", - "lastModified": "2023-09-06T20:43:56.003", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Use After Free in GitHub repository gpac\/gpac prior to 2.3-DEV." - }, - { - "lang": "es", - "value": "Use After Free en el repositorio de GitHub gpac\/gpac anterior a la versión 2.3-DEV. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:N\/I:N\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "availabilityImpact": "HIGH", - "baseScore": 5.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.8, - "impactScore": 3.6 - } - ], - "cvssMetricV30": [ - { - "source": "security@huntr.dev", - "type": "Secondary", - "cvssData": { - "version": "3.0", - "vectorString": "CVSS:3.0\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:L\/I:L\/A:L", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "LOW", - "baseScore": 5.3, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.8, - "impactScore": 3.4 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-416" - } - ] - }, - { - "source": "security@huntr.dev", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-416" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:gpac:gpac:*:*:*:*:*:*:*:*", - "versionEndExcluding": "2.3", - "matchCriteriaId": "422EDAFD-56FE-49AE-ADCF-7D33CFA0C56B" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/github.com\/gpac\/gpac\/commit\/895ac12da168435eb8db3f96978ffa4c69d66c3a", - "source": "security@huntr.dev", - "tags": [ - "Patch" - ] - }, - { - "url": "https:\/\/huntr.dev\/bounties\/463474b7-a4e8-42b6-8b30-e648a77ee6b3", - "source": "security@huntr.dev", - "tags": [ - "Exploit", - "Issue Tracking", - "Patch", - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-28072", - "sourceIdentifier": "security_alert@emc.com", - "published": "2023-09-04T16:15:07.767", - "lastModified": "2023-09-08T13:58:40.990", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "\nDell Alienware Command Center, versions prior to 5.5.51.0, contain a deserialization of untrusted data vulnerability. A local malicious user could potentially send specially crafted requests to the .NET Remoting server to run arbitrary code on the system.\n\n" - }, - { - "lang": "es", - "value": "El centro de comandos Dell Alienware, versiones anteriores a 5.5.51.0,contienen una vulnerabilidad de Deserialización de Datos no Confiables. Un usuario local malintencionado podría enviar solicitudes especialmente diseñadas al servidor remoto .NET para ejecutar código arbitrario en el sistema." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - }, - { - "source": "security_alert@emc.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "security_alert@emc.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-502" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:dell:alienware_command_center:*:*:*:*:*:*:*:*", - "versionEndExcluding": "5.5.51.0", - "matchCriteriaId": "3199E72C-25B2-4AE1-895F-8A1AE003197D" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.dell.com\/support\/kbdoc\/en-in\/000212982\/dsa-2023-158", - "source": "security_alert@emc.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-4758", - "sourceIdentifier": "security@huntr.dev", - "published": "2023-09-04T16:15:08.143", - "lastModified": "2023-09-06T20:43:43.440", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Buffer Over-read in GitHub repository gpac\/gpac prior to 2.3-DEV." - }, - { - "lang": "es", - "value": "Se ha encontrado una lectura excesiva del búfer en el repositorio de GitHub gpac\/gpac anterior a la versión 2.3-DEV. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:N\/I:N\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "availabilityImpact": "HIGH", - "baseScore": 5.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.8, - "impactScore": 3.6 - } - ], - "cvssMetricV30": [ - { - "source": "security@huntr.dev", - "type": "Secondary", - "cvssData": { - "version": "3.0", - "vectorString": "CVSS:3.0\/AV:L\/AC:L\/PR:N\/UI:N\/S:U\/C:L\/I:L\/A:L", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "LOW", - "baseScore": 5.9, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.5, - "impactScore": 3.4 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-125" - } - ] - }, - { - "source": "security@huntr.dev", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-126" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:gpac:gpac:*:*:*:*:*:*:*:*", - "versionEndExcluding": "2.3", - "matchCriteriaId": "422EDAFD-56FE-49AE-ADCF-7D33CFA0C56B" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/github.com\/gpac\/gpac\/commit\/193633b1648582444fc99776cd741d7ba0125e86", - "source": "security@huntr.dev", - "tags": [ - "Patch" - ] - }, - { - "url": "https:\/\/huntr.dev\/bounties\/2f496261-1090-45ac-bc89-cc93c82090d6", - "source": "security@huntr.dev", - "tags": [ - "Exploit", - "Issue Tracking", - "Patch", - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-40015", - "sourceIdentifier": "security-advisories@github.com", - "published": "2023-09-04T18:15:07.880", - "lastModified": "2023-09-08T13:58:23.860", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Vyper is a Pythonic Smart Contract Language. For the following (probably non-exhaustive) list of expressions, the compiler evaluates the arguments from right to left instead of left to right. `unsafe_add, unsafe_sub, unsafe_mul, unsafe_div, pow_mod256, |, &, ^ (bitwise operators), bitwise_or (deprecated), bitwise_and (deprecated), bitwise_xor (deprecated), raw_call, <, >, <=, >=, ==, !=, in, not in (when lhs and rhs are enums)`. This behaviour becomes a problem when the evaluation of one of the arguments produces side effects that other arguments depend on. The following expressions can produce side-effect: state modifying external call , state modifying internal call, `raw_call`, `pop()` when used on a Dynamic Array stored in the storage, `create_minimal_proxy_to`, `create_copy_of`, `create_from_blueprint`. This issue has not yet been patched. Users are advised to make sure that the arguments of the expression do not produce side effects or, if one does, that no other argument is dependent on those side effects." - }, - { - "lang": "es", - "value": "Vyper es un Lenguaje de Contratos Inteligentes de Python. Para la siguiente lista de expresiones (probablemente no exhaustiva), el compilador evalúa los argumentos de derecha a izquierda en lugar de izquierda a derecha. \"unsafe_add, unsafe_sub, unsafe_mul, unsafe_div, pow_mod256, |, &, ^ (bitwise operators), bitwise_or (deprecated), bitwise_and (deprecated), bitwise_xor (deprecated), raw_call, <, >, <=, >=, ==, !=, in, not in (cuando lhs y rhs son enums)\". Este comportamiento se convierte en un problema cuando la evaluación de uno de los argumentos produce efectos secundarios de los que dependen otros argumentos. Las siguientes expresiones pueden producir efectos secundarios: llamada externa que modifica el estado, llamada interna que modifica el estado, \"raw_call\", \"pop()\" cuando se utiliza un array dinámico almacenado en el almacenamiento, \"create_minimal_proxy_to\", \"create_copy_of\" y \"create_from_blueprint\". Este problema aún no se ha solucionado. Se aconseja a los usuarios que se aseguren de que los argumentos de la expresión no producen efectos secundarios o, si alguno los produce, de que ningún otro argumento depende de esos efectos secundarios. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:N\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 5.3, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 3.9, - "impactScore": 1.4 - }, - { - "source": "security-advisories@github.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:H\/PR:N\/UI:N\/S:U\/C:N\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "HIGH", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 3.7, - "baseSeverity": "LOW" - }, - "exploitabilityScore": 2.2, - "impactScore": 1.4 - } - ] - }, - "weaknesses": [ - { - "source": "security-advisories@github.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-670" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:vyperlang:vyper:*:*:*:*:*:python:*:*", - "versionEndIncluding": "0.3.9", - "matchCriteriaId": "56FB25B4-6446-4B4B-87AA-D4368B4B8685" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/github.com\/vyperlang\/vyper\/security\/advisories\/GHSA-g2xh-c426-v8mf", - "source": "security-advisories@github.com", - "tags": [ - "Exploit", - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-41052", - "sourceIdentifier": "security-advisories@github.com", - "published": "2023-09-04T18:15:08.657", - "lastModified": "2023-09-08T14:08:27.387", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Vyper is a Pythonic Smart Contract Language. In affected versions the order of evaluation of the arguments of the builtin functions `uint256_addmod`, `uint256_mulmod`, `ecadd` and `ecmul` does not follow source order. This behaviour is problematic when the evaluation of one of the arguments produces side effects that other arguments depend on. A patch is currently being developed on pull request #3583. When using builtins from the list above, users should make sure that the arguments of the expression do not produce side effects or, if one does, that no other argument is dependent on those side effects." - }, - { - "lang": "es", - "value": "Vyper es un Lenguaje de Contrato Inteligente de Python. En las versiones afectadas, el orden de evaluación de los argumentos de las funciones integradas `uint256_addmod`, `uint256_mulmod`, `ecadd` and `ecmul` no sigue el orden de origen. Este comportamiento es problemático cuando la evaluación de uno de los argumentos produce efectos secundarios de los que dependen otros argumentos. Actualmente se está desarrollando un parche mediante la solicitud de extracción #3583. Al utilizar elementos integrados de la lista anterior, los usuarios deben asegurarse de que los argumentos de la expresión no produzcan efectos secundarios o, si los produce, que ningún otro argumento dependa de esos efectos secundarios." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:N\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 5.3, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 3.9, - "impactScore": 1.4 - }, - { - "source": "security-advisories@github.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:H\/PR:N\/UI:N\/S:U\/C:N\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "HIGH", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 3.7, - "baseSeverity": "LOW" - }, - "exploitabilityScore": 2.2, - "impactScore": 1.4 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-670" - } - ] - }, - { - "source": "security-advisories@github.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-670" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:vyperlang:vyper:*:*:*:*:*:python:*:*", - "versionEndIncluding": "0.3.9", - "matchCriteriaId": "56FB25B4-6446-4B4B-87AA-D4368B4B8685" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/github.com\/vyperlang\/vyper\/pull\/3583", - "source": "security-advisories@github.com", - "tags": [ - "Patch" - ] - }, - { - "url": "https:\/\/github.com\/vyperlang\/vyper\/security\/advisories\/GHSA-4hg4-9mf5-wxxq", - "source": "security-advisories@github.com", - "tags": [ - "Exploit", - "Patch", - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-41054", - "sourceIdentifier": "security-advisories@github.com", - "published": "2023-09-04T18:15:08.977", - "lastModified": "2023-09-08T13:39:44.417", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "LibreY is a fork of LibreX, a framework-less and javascript-free privacy respecting meta search engine. LibreY is subject to a Server-Side Request Forgery (SSRF) vulnerability in the `image_proxy.php` file of LibreY before commit 8f9b9803f231e2954e5b49987a532d28fe50a627. This vulnerability allows remote attackers to use the server as a proxy to send HTTP GET requests to arbitrary targets and retrieve information in the internal network or conduct Denial-of-Service (DoS) attacks via the `url` parameter. Remote attackers can use the server as a proxy to send HTTP GET requests and retrieve information in the internal network. Remote attackers can also request the server to download large files or chain requests among multiple instances to reduce the performance of the server or even deny access from legitimate users. This issue has been addressed in https:\/\/github.com\/Ahwxorg\/LibreY\/pull\/31. LibreY hosters are advised to use the latest commit. There are no known workarounds for this vulnerability." - }, - { - "lang": "es", - "value": "LibreY es un fork de LibreX, un metabuscador sin framework y sin javascript que respeta la privacidad. LibreY está sujeto a una vulnerabilidad de Server-Side Request Forgery (SSRF) en el archivo \"image_proxy.php\" de LibreY antes del commit 8f9b9803f231e2954e5b49987a532d28fe50a627. Esta vulnerabilidad permite a atacantes remotos utilizar el servidor como proxy para enviar peticiones HTTP GET a objetivos arbitrarios y recuperar información en la red interna o realizar ataques de denegación de servicio (Dos) a través del parámetro \"url\". Los atacantes remotos pueden utilizar el servidor como proxy para enviar peticiones HTTP GET y recuperar información en la red interna. Los atacantes remotos también pueden solicitar al servidor que descargue archivos de gran tamaño o encadenar peticiones entre varias instancias para reducir el rendimiento del servidor o incluso denegar el acceso a usuarios legítimos. Este problema se ha solucionado en https:\/\/github.com\/Ahwxorg\/LibreY\/pull\/31. Se recomienda a los hosters de LibreY que utilicen el último commit. No se conocen soluciones para esta vulnerabilidad. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:N\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "HIGH", - "baseScore": 9.1, - "baseSeverity": "CRITICAL" - }, - "exploitabilityScore": 3.9, - "impactScore": 5.2 - }, - { - "source": "security-advisories@github.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:L\/I:N\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "availabilityImpact": "HIGH", - "baseScore": 8.2, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 3.9, - "impactScore": 4.2 - } - ] - }, - "weaknesses": [ - { - "source": "security-advisories@github.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-918" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:ahwx:librey:*:*:*:*:*:*:*:*", - "versionEndExcluding": "2023-08-29", - "matchCriteriaId": "C2034F07-7024-4598-9E24-06506A1223D3" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/github.com\/Ahwxorg\/LibreY\/pull\/31", - "source": "security-advisories@github.com", - "tags": [ - "Patch" - ] - }, - { - "url": "https:\/\/github.com\/Ahwxorg\/LibreY\/security\/advisories\/GHSA-p4f9-h8x8-mpwf", - "source": "security-advisories@github.com", - "tags": [ - "Exploit", - "Patch", - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-41055", - "sourceIdentifier": "security-advisories@github.com", - "published": "2023-09-04T18:15:09.203", - "lastModified": "2023-09-08T14:09:38.550", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "LibreY is a fork of LibreX, a framework-less and javascript-free privacy respecting meta search engine. LibreY is subject to a Server-Side Request Forgery (SSRF) vulnerability in the `engines\/google\/text.php` and `engines\/duckduckgo\/text.php` files in versions before commit be59098abd119cda70b15bf3faac596dfd39a744. This vulnerability allows remote attackers to request the server to send HTTP GET requests to arbitrary targets and conduct Denial-of-Service (DoS) attacks via the `wikipedia_language` cookie. Remote attackers can request the server to download large files to reduce the performance of the server or even deny access from legitimate users. This issue has been patched in https:\/\/github.com\/Ahwxorg\/LibreY\/pull\/9. LibreY hosters are advised to use the latest commit. There are no known workarounds for this vulnerability." - }, - { - "lang": "es", - "value": "LibreY es un fork de LibreX, un metabuscador sin framework y sin javascript que respeta la privacidad. LibreY está sujeto a una vulnerabilidad de Server-Side Request Forgery (SSRF) en los archivos `engines\/google\/text.php` y `engines\/duckduckgo\/text.php` en versiones anteriores a be59098abd119cda70b15bf3faac596dfd39a744.Esta vulnerabilidad permite a atacantes remotos solicitar al servidor que envíe solicitudes HTTP GET a objetivos arbitrarios y realizar ataques de denegación de servicio (DoS) a través de la cookie `wikipedia_language.Los atacantes remotos pueden solicitar al servidor que descargue archivos grandes para reducir el rendimiento del servidor o incluso negar el acceso a usuarios legítimos. Este problema se solucionó en https:\/\/github.com\/Ahwxorg\/LibreY\/pull\/9. Se recomienda a los hosters de LibreY que utilicen el último commit. No se conocen soluciones para esta vulnerabilidad." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:N\/I:N\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "availabilityImpact": "HIGH", - "baseScore": 7.5, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - }, - { - "source": "security-advisories@github.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:N\/I:N\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "availabilityImpact": "HIGH", - "baseScore": 7.5, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "security-advisories@github.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-918" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:ahwx:librey:*:*:*:*:*:*:*:*", - "versionEndExcluding": "2023-08-17", - "matchCriteriaId": "C84208E2-25ED-4435-A72C-95619190D677" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/github.com\/Ahwxorg\/LibreY\/pull\/9", - "source": "security-advisories@github.com", - "tags": [ - "Patch" - ] - }, - { - "url": "https:\/\/github.com\/Ahwxorg\/LibreY\/security\/advisories\/GHSA-xfj6-4vp9-8rgc", - "source": "security-advisories@github.com", - "tags": [ - "Exploit", - "Patch", - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-41057", - "sourceIdentifier": "security-advisories@github.com", - "published": "2023-09-04T18:15:09.397", - "lastModified": "2023-09-08T17:22:48.903", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "hyper-bump-it is a command line tool for updating the version in project files.`hyper-bump-it` reads a file glob pattern from the configuration file. That is combined with the project root directory to construct a full glob pattern that is used to find files that should be edited. These matched files should be contained within the project root directory, but that is not checked. This could result in changes being written to files outside of the project. The default behaviour of `hyper-bump-it` is to display the planned changes and prompt the user for confirmation before editing any files. However, the configuration file provides a field that can be used cause files to be edited without displaying the prompt. This issue has been fixed in release version 0.5.1. Users are advised to upgrade. Users that are unable to update from vulnerable versions, executing `hyper-bump-it` with the `--interactive` command line argument will ensure that all planned changes are displayed and prompt the user for confirmation before editing any files, even if the configuration file contains `show_confirm_prompt=true`.\n" - }, - { - "lang": "es", - "value": "hyper-bump-it es una herramienta de línea de comandos para actualizar la versión de los archivos del proyecto. Hyper-bump-it lee un patrón glob del archivo de configuración. Esto se combina con el directorio raíz del proyecto para construir un patrón glob completo que se utiliza para encontrar los archivos que deben ser editados. Estos archivos deben estar dentro del directorio raíz del proyecto, pero esto no se comprueba. Esto podría provocar que los cambios se escribieran en ficheros fuera del proyecto. El comportamiento por defecto de hyper-bump-it es mostrar los cambios planeados y pedir confirmación al usuario antes de editar cualquier fichero. Sin embargo, el fichero de configuración proporciona un campo que puede utilizarse para editar ficheros sin que aparezca la pregunta. Este problema se ha solucionado en la versión 0.5.1. Se recomienda a los usuarios que actualicen. Los usuarios que no puedan actualizar desde versiones vulnerables, ejecutando hyper-bump-it con el argumento de línea de comandos \"--interactive\" se asegurarán de que se muestren todos los cambios planificados y pedirán confirmación al usuario antes de editar cualquier archivo, incluso si el archivo de configuración contiene \"show_confirm_prompt=true\". " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:N\/I:H\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "HIGH", - "availabilityImpact": "NONE", - "baseScore": 5.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.8, - "impactScore": 3.6 - }, - { - "source": "security-advisories@github.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:N\/I:H\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "HIGH", - "availabilityImpact": "NONE", - "baseScore": 5.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.8, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "security-advisories@github.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-22" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:plannigan:hyper_bump_it:*:*:*:*:*:python:*:*", - "versionEndExcluding": "0.5.1", - "matchCriteriaId": "69EA70AA-6E78-4DAD-9706-0DB5159CFA90" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/github.com\/plannigan\/hyper-bump-it\/pull\/307", - "source": "security-advisories@github.com", - "tags": [ - "Patch" - ] - }, - { - "url": "https:\/\/github.com\/plannigan\/hyper-bump-it\/security\/advisories\/GHSA-xc27-f9q3-4448", - "source": "security-advisories@github.com", - "tags": [ - "Exploit", - "Patch", - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-3995", - "sourceIdentifier": "cve-coordination@google.com", - "published": "2023-09-04T20:15:07.387", - "lastModified": "2023-11-07T04:20:05.900", - "vulnStatus": "Rejected", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is a duplicate of CVE-2023-4147." - } - ], - "metrics": {}, - "references": [] - } - }, - { - "cve": { - "id": "CVE-2023-41058", - "sourceIdentifier": "security-advisories@github.com", - "published": "2023-09-04T23:15:47.513", - "lastModified": "2023-09-08T17:17:55.097", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Parse Server is an open source backend server. In affected versions the Parse Cloud trigger `beforeFind` is not invoked in certain conditions of `Parse.Query`. This can pose a vulnerability for deployments where the `beforeFind` trigger is used as a security layer to modify the incoming query. The vulnerability has been fixed by refactoring the internal query pipeline for a more concise code structure and implementing a patch to ensure the `beforeFind` trigger is invoked. This fix was introduced in commit `be4c7e23c6` and has been included in releases 6.2.2 and 5.5.5. Users are advised to upgrade. Users unable to upgrade should make use of parse server's security layers to manage access levels with Class-Level Permissions and Object-Level Access Control that should be used instead of custom security layers in Cloud Code triggers." - }, - { - "lang": "es", - "value": "Parse Server es un servidor backend de código abierto. En las versiones afectadas, el disparador \"beforeFind\" de Parse Cloud no se invoca en determinadas condiciones de \"Parse.Query\". Esto puede suponer una vulnerabilidad para los despliegues en los que el disparador \"beforeFind\" se utiliza como capa de seguridad para modificar la consulta entrante. La vulnerabilidad se ha corregido mediante la refactorización de la canalización interna de consultas para conseguir una estructura de código más concisa y la aplicación de un parche para garantizar que se invoque el disparador \"beforeFind\". Esta corrección se introdujo en el commit \"be4c7e23c6\" y se ha incluido en las versiones 6.2.2 y 5.5.5. Se recomienda a los usuarios que actualicen. Los usuarios que no puedan actualizarse deberían utilizar las capas de seguridad del servidor de análisis sintáctico para gestionar los niveles de acceso con permisos de clase y control de acceso a nivel de objeto, que deberían utilizarse en lugar de las capas de seguridad personalizadas en los disparadores de Cloud Code. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:N\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 7.5, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - }, - { - "source": "security-advisories@github.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:N\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 7.5, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "security-advisories@github.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-670" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:parseplatform:parse-server:*:*:*:*:*:node.js:*:*", - "versionEndExcluding": "5.5.5", - "matchCriteriaId": "B217E81D-A0EE-4E93-819E-277EF6C68C6D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:parseplatform:parse-server:*:*:*:*:*:node.js:*:*", - "versionStartIncluding": "6.0.0", - "versionEndExcluding": "6.2.2", - "matchCriteriaId": "7A41F53D-867D-4CC6-88F8-BED9FDD84524" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/docs.parseplatform.org\/parse-server\/guide\/#security", - "source": "security-advisories@github.com", - "tags": [ - "Product" - ] - }, - { - "url": "https:\/\/github.com\/parse-community\/parse-server\/commit\/be4c7e23c63a2fb690685665cebed0de26be05c5", - "source": "security-advisories@github.com", - "tags": [ - "Patch" - ] - }, - { - "url": "https:\/\/github.com\/parse-community\/parse-server\/releases\/tag\/5.5.5", - "source": "security-advisories@github.com", - "tags": [ - "Release Notes" - ] - }, - { - "url": "https:\/\/github.com\/parse-community\/parse-server\/releases\/tag\/6.2.2", - "source": "security-advisories@github.com", - "tags": [ - "Release Notes" - ] - }, - { - "url": "https:\/\/github.com\/parse-community\/parse-server\/security\/advisories\/GHSA-fcv6-fg5r-jm9q", - "source": "security-advisories@github.com", - "tags": [ - "Mitigation", - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2022-43903", - "sourceIdentifier": "psirt@us.ibm.com", - "published": "2023-09-05T00:15:07.347", - "lastModified": "2023-09-08T16:47:45.677", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "IBM Security Guardium 10.6, 11.3, and 11.4 could allow an authenticated user to cause a denial of service due to due to improper input validation. IBM X-Force ID: 240894." - }, - { - "lang": "es", - "value": "IBM Security Guardium v10.6, v11.3 y v11.4 podría permitir a un usuario autenticado provocar una denegación de servicio debido a una validación de entrada incorrecta. IBM X-Force ID: 240894." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:N\/I:N\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "availabilityImpact": "HIGH", - "baseScore": 6.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 3.6 - }, - { - "source": "psirt@us.ibm.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:N\/I:N\/A:L", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "availabilityImpact": "LOW", - "baseScore": 4.3, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 1.4 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "NVD-CWE-noinfo" - } - ] - }, - { - "source": "psirt@us.ibm.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-20" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", - "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:ibm:security_guardium:10.6:*:*:*:*:*:*:*", - "matchCriteriaId": "B188D81F-4E29-46D9-8D41-9B02B9DB2E56" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:ibm:security_guardium:11.3:*:*:*:*:*:*:*", - "matchCriteriaId": "FBEB866D-1959-41C9-858F-24C05D20E332" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:ibm:security_guardium:11.4:*:*:*:*:*:*:*", - "matchCriteriaId": "B9329F08-2AA4-4126-9A7F-1EEBB25A6C1C" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/exchange.xforce.ibmcloud.com\/vulnerabilities\/240894", - "source": "psirt@us.ibm.com", - "tags": [ - "VDB Entry", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/www.ibm.com\/support\/pages\/node\/7030110", - "source": "psirt@us.ibm.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-32338", - "sourceIdentifier": "psirt@us.ibm.com", - "published": "2023-09-05T00:15:07.750", - "lastModified": "2023-09-08T16:53:07.857", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "IBM Sterling Secure Proxy and IBM Sterling External Authentication Server 6.0.3 and 6.1.0 stores user credentials in plain clear text which can be read by a local user with container access. IBM X-Force ID: 255585." - }, - { - "lang": "es", - "value": "IBM Sterling Secure Proxy e IBM Sterling External Authentication Server v6.0.3 y v6.1.0 almacenan credenciales de usuario en texto claro que puede leer un usuario local con acceso al contenedor. IBM X-Force ID: 255585. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 5.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.8, - "impactScore": 3.6 - }, - { - "source": "psirt@us.ibm.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:H\/PR:N\/UI:N\/S:U\/C:H\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "HIGH", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 5.1, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.4, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-522" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:ibm:sterling_external_authentication_server:6.0.3.0:*:*:*:*:*:*:*", - "matchCriteriaId": "E139149B-2712-46EB-91A3-F06175FA83AD" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:ibm:sterling_external_authentication_server:6.1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "BE773BCF-7BDB-4801-9672-E31374473ECE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:ibm:sterling_secure_proxy:6.0.3:*:*:*:*:*:*:*", - "matchCriteriaId": "8179D781-F2AC-4D9E-BF20-0B082C3B6C4F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:ibm:sterling_secure_proxy:6.1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "E0B0F6B8-AA14-4594-87C5-168550B633F2" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/exchange.xforce.ibmcloud.com\/vulnerabilities\/255585", - "source": "psirt@us.ibm.com", - "tags": [ - "VDB Entry", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/https:\/\/www.ibm.com\/support\/pages\/node\/7029765", - "source": "psirt@us.ibm.com", - "tags": [ - "Broken Link" - ] - }, - { - "url": "https:\/\/www.ibm.com\/support\/pages\/node\/7029765", - "source": "nvd@nist.gov", - "tags": [ - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/www.ibm.com\/support\/pages\/node\/7029766", - "source": "psirt@us.ibm.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-35892", - "sourceIdentifier": "psirt@us.ibm.com", - "published": "2023-09-05T00:15:07.833", - "lastModified": "2023-09-08T16:58:43.020", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "IBM Financial Transaction Manager for SWIFT Services 3.2.4 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 258786." - }, - { - "lang": "es", - "value": "IBM Financial Transaction Manager for SWIFT Services v3.2.4 es vulnerable a un ataque de Inyección de Entidad Externa XML (XXE) al procesar datos XML. Un atacante remoto podría explotar esta vulnerabilidad para exponer información sensible o consumir recursos de memoria. ID de IBM X-Force: 258786." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:N\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "HIGH", - "baseScore": 9.1, - "baseSeverity": "CRITICAL" - }, - "exploitabilityScore": 3.9, - "impactScore": 5.2 - }, - { - "source": "psirt@us.ibm.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:N\/A:L", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "LOW", - "baseScore": 7.1, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.8, - "impactScore": 4.2 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-611" - } - ] - }, - { - "source": "psirt@us.ibm.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-611" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:ibm:financial_transaction_manager:3.2.4:*:*:*:*:swift_services:*:*", - "matchCriteriaId": "DD9A7D3A-B68C-49A6-AEB6-5509ED41E63E" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/exchange.xforce.ibmcloud.com\/vulnerabilities\/258786", - "source": "psirt@us.ibm.com", - "tags": [ - "VDB Entry", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/www.ibm.com\/support\/pages\/node\/7030359", - "source": "psirt@us.ibm.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-22870", - "sourceIdentifier": "psirt@us.ibm.com", - "published": "2023-09-05T01:15:07.360", - "lastModified": "2023-09-08T17:03:25.623", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "IBM Aspera Faspex 5.0.5 transmits sensitive information in cleartext which could be obtained by an attacker using man in the middle techniques. IBM X-Force ID: 244121." - }, - { - "lang": "es", - "value": "IBM Aspera Faspex v5.0.5 transmite información sensible en texto claro que podría ser obtenida por un atacante utilizando técnicas de \"man in the middle\". IBM X-Force ID: 244121." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:H\/PR:N\/UI:N\/S:U\/C:H\/I:N\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "HIGH", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 5.9, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.2, - "impactScore": 3.6 - }, - { - "source": "psirt@us.ibm.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:H\/PR:N\/UI:N\/S:U\/C:H\/I:N\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "HIGH", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 5.9, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.2, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-319" - } - ] - }, - { - "source": "psirt@us.ibm.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-319" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:ibm:aspera_faspex:*:*:*:*:*:*:*:*", - "versionEndIncluding": "5.0.5", - "matchCriteriaId": "E98E1987-F57F-48E0-B65E-3EA019915989" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", - "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/exchange.xforce.ibmcloud.com\/vulnerabilities\/244121", - "source": "psirt@us.ibm.com", - "tags": [ - "VDB Entry", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/www.ibm.com\/support\/pages\/node\/7029681", - "source": "psirt@us.ibm.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-29261", - "sourceIdentifier": "psirt@us.ibm.com", - "published": "2023-09-05T01:15:07.783", - "lastModified": "2023-09-08T17:10:21.577", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "IBM Sterling Secure Proxy 6.0.3 and 6.1.0 could allow a local user with specific information about the system to obtain privileged information due to inadequate memory clearing during operations. IBM X-Force ID: 252139." - }, - { - "lang": "es", - "value": "IBM Sterling Secure Proxy v6.0.3 y v6.1.0 podrían permitir a un usuario local con información específica sobre el sistema obtener información privilegiada debido a una limpieza inadecuada de la memoria durante las operaciones. ID de IBM X-Force: 252139. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 5.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.8, - "impactScore": 3.6 - }, - { - "source": "psirt@us.ibm.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:H\/PR:N\/UI:N\/S:U\/C:H\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "HIGH", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 5.1, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.4, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-922" - } - ] - }, - { - "source": "psirt@us.ibm.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-922" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:ibm:sterling_external_authentication_server:6.0.3.0:*:*:*:*:*:*:*", - "matchCriteriaId": "E139149B-2712-46EB-91A3-F06175FA83AD" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:ibm:sterling_external_authentication_server:6.1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "BE773BCF-7BDB-4801-9672-E31374473ECE" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/exchange.xforce.ibmcloud.com\/vulnerabilities\/252139", - "source": "psirt@us.ibm.com", - "tags": [ - "VDB Entry", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/https:\/\/www.ibm.com\/support\/pages\/node\/7029765", - "source": "psirt@us.ibm.com", - "tags": [ - "Broken Link" - ] - }, - { - "url": "https:\/\/www.ibm.com\/support\/pages\/node\/7029765", - "source": "nvd@nist.gov", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-35906", - "sourceIdentifier": "psirt@us.ibm.com", - "published": "2023-09-05T01:15:07.920", - "lastModified": "2023-09-08T17:50:02.527", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "IBM Aspera Faspex 5.0.5 could allow a remote attacked to bypass IP restrictions due to improper access controls. IBM X-Force ID: 259649." - }, - { - "lang": "es", - "value": "IBM Aspera Faspex v5.0.5 podría permitir a un atacante remoto saltarse las restricciones de IP debido a controles de acceso inadecuados. ID de IBM X-Force: 259649. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:N\/I:H\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "HIGH", - "availabilityImpact": "NONE", - "baseScore": 7.5, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - }, - { - "source": "psirt@us.ibm.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:N\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 5.3, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 3.9, - "impactScore": 1.4 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-345" - } - ] - }, - { - "source": "psirt@us.ibm.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-348" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", - "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:ibm:aspera_faspex:*:*:*:*:*:*:*:*", - "versionEndIncluding": "5.0.5", - "matchCriteriaId": "E98E1987-F57F-48E0-B65E-3EA019915989" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/exchange.xforce.ibmcloud.com\/vulnerabilities\/259649", - "source": "psirt@us.ibm.com", - "tags": [ - "VDB Entry", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/www.ibm.com\/support\/pages\/node\/7029681", - "source": "psirt@us.ibm.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-4636", - "sourceIdentifier": "security@wordfence.com", - "published": "2023-09-05T03:15:12.293", - "lastModified": "2023-11-07T04:22:48.493", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "The WordPress File Sharing Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in versions up to, and including, 2.0.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled." - }, - { - "lang": "es", - "value": "El plugin WordPress File Sharing para WordPress es vulnerable a Cross-Site Scripting (XSS) almacenado a través de la configuración de administración en versiones hasta, e incluyendo, la 2.0.3 debido a la insuficiente sanitización de entrada y escape de salida. Esto hace posible que atacantes autenticados, con permisos de nivel de administrador y superiores, inyecten scripts web arbitrarios en páginas que se ejecutarán cada vez que un usuario acceda a una página inyectada. Esto solo afecta a las instalaciones multisitio y las instalaciones en las que se ha deshabilitado \"unfiltered_html\"." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:R\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 4.8, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.7, - "impactScore": 2.7 - }, - { - "source": "security@wordfence.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:H\/PR:H\/UI:N\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "HIGH", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 4.4, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.3, - "impactScore": 2.7 - } - ] - }, - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:userprivatefiles:wordpress_file_sharing_plugin:*:*:*:*:*:wordpress:*:*", - "versionEndIncluding": "2.0.3", - "matchCriteriaId": "CE9D43F7-D5C4-43CF-A2A9-36848384B70D" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/github.com\/xsn1210\/vul2\/blob\/main\/xss%5BWordPressFile%5D%20.md", - "source": "security@wordfence.com", - "tags": [ - "Exploit", - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/plugins.trac.wordpress.org\/changeset\/2961909\/user-private-files", - "source": "security@wordfence.com", - "tags": [ - "Patch" - ] - }, - { - "url": "https:\/\/www.wordfence.com\/threat-intel\/vulnerabilities\/id\/1df04293-87e9-4ab4-975d-54d36a993ab0?source=cve", - "source": "security@wordfence.com", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-36308", - "sourceIdentifier": "cve@mitre.org", - "published": "2023-09-05T04:15:08.703", - "lastModified": "2024-06-10T17:16:12.520", - "vulnStatus": "Modified", - "cveTags": [ - { - "sourceIdentifier": "cve@mitre.org", - "tags": [ - "disputed" - ] - } - ], - "descriptions": [ - { - "lang": "en", - "value": "disintegration Imaging 1.6.2 allows attackers to cause a panic (because of an integer index out of range during a Grayscale call) via a crafted TIFF file to the scan function of scanner.go. NOTE: it is unclear whether there are common use cases in which this panic could have any security consequence" - }, - { - "lang": "es", - "value": "disintegration Imaging 1.6.2 permite a los atacantes causar un modo pánico (debido a un índice entero fuera de rango durante una llamada Grayscale) a través del archivo TIFF a la función de escaneo de scanner.go. NOTA: no está claro si existen casos de uso comunes en los que este modo pánico podría tener alguna consecuencia de seguridad." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:N\/I:N\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "availabilityImpact": "HIGH", - "baseScore": 5.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.8, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-129" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:disintegration:imaging:1.6.2:*:*:*:*:go:*:*", - "matchCriteriaId": "585534FE-4333-40AD-BA0E-17DCFEDD1AD0" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/github.com\/disintegration\/imaging\/issues\/165", - "source": "cve@mitre.org", - "tags": [ - "Exploit", - "Issue Tracking", - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/github.com\/disintegration\/imaging\/releases\/tag\/v1.6.2", - "source": "cve@mitre.org", - "tags": [ - "Release Notes" - ] - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce%40lists.fedoraproject.org\/message\/3GX2SYGRCNFUAGELLDOBIERCSCYSGKFY\/", - "source": "cve@mitre.org" - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-40936", - "sourceIdentifier": "cve@mitre.org", - "published": "2023-09-05T04:15:09.200", - "lastModified": "2023-11-07T04:20:48.537", - "vulnStatus": "Rejected", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none." - } - ], - "metrics": {}, - "references": [] - } - }, - { - "cve": { - "id": "CVE-2023-40937", - "sourceIdentifier": "cve@mitre.org", - "published": "2023-09-05T04:15:09.260", - "lastModified": "2023-11-07T04:20:48.577", - "vulnStatus": "Rejected", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none." - } - ], - "metrics": {}, - "references": [] - } - }, - { - "cve": { - "id": "CVE-2023-36307", - "sourceIdentifier": "cve@mitre.org", - "published": "2023-09-05T05:15:07.983", - "lastModified": "2024-05-17T02:25:40.370", - "vulnStatus": "Modified", - "cveTags": [ - { - "sourceIdentifier": "cve@mitre.org", - "tags": [ - "disputed" - ] - } - ], - "descriptions": [ - { - "lang": "en", - "value": "ZPLGFA 1.1.1 allows attackers to cause a panic (because of an integer index out of range during a ConvertToGraphicField call) via an image of zero width. NOTE: it is unclear whether there are common use cases in which this panic could have any security consequence" - }, - { - "lang": "es", - "value": "** EN DISPUTA ** ZPLGFA v1.1.1 permite a los atacantes causar un modo pánico (debido a un índice entero fuera de rango durante una llamada \"ConvertToGraphicField\") a través de una imagen de anchura cero. NOTA: no está claro si existen casos de uso comunes en los que este modo pánico podría tener alguna consecuencia de seguridad. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:N\/I:N\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "availabilityImpact": "HIGH", - "baseScore": 5.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.8, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-129" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:simonwaldherr:zplgfa:1.1.1:*:*:*:*:go:*:*", - "matchCriteriaId": "C2766A90-9125-429D-942C-C6A1F1D6BB7E" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/github.com\/SimonWaldherr\/zplgfa\/pull\/6", - "source": "cve@mitre.org", - "tags": [ - "Exploit", - "Patch", - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-4748", - "sourceIdentifier": "cna@vuldb.com", - "published": "2023-09-05T06:15:07.760", - "lastModified": "2024-05-17T02:31:46.407", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "A vulnerability, which was classified as critical, has been found in Yongyou UFIDA-NC up to 20230807. This issue affects some unknown processing of the file PrintTemplateFileServlet.java. The manipulation of the argument filePath leads to path traversal. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-238637 was assigned to this vulnerability." - }, - { - "lang": "es", - "value": "Una vulnerabilidad fue encontrada en Yongyou UFIDA-NC hasta 20230807. Este problema afecta un procesamiento desconocido del archivo PrintTemplateFileServlet.java. La manipulación del argumento filePath conduce a un path traversal. El ataque puede iniciarse de forma remota. El exploit ha sido divulgado al público y puede utilizarse. A esta vulnerabilidad se le asignó el identificador VDB-238637" - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:N\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 7.5, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - }, - { - "source": "cna@vuldb.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:L\/I:L\/A:L", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "LOW", - "baseScore": 6.3, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 3.4 - } - ], - "cvssMetricV2": [ - { - "source": "cna@vuldb.com", - "type": "Secondary", - "cvssData": { - "version": "2.0", - "vectorString": "AV:N\/AC:L\/Au:S\/C:P\/I:P\/A:P", - "accessVector": "NETWORK", - "accessComplexity": "LOW", - "authentication": "SINGLE", - "confidentialityImpact": "PARTIAL", - "integrityImpact": "PARTIAL", - "availabilityImpact": "PARTIAL", - "baseScore": 6.5 - }, - "baseSeverity": "MEDIUM", - "exploitabilityScore": 8.0, - "impactScore": 6.4, - "acInsufInfo": false, - "obtainAllPrivilege": false, - "obtainUserPrivilege": false, - "obtainOtherPrivilege": false, - "userInteractionRequired": false - } - ] - }, - "weaknesses": [ - { - "source": "cna@vuldb.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-22" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:yonyou:ufida-nc:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2C3F6A2D-7994-4A30-9FB4-F02E0FC469CF" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/github.com\/houseoforange\/mybugs\/blob\/main\/Yongyou-UFIDA-NC-Arbitrary-File-Read.pdf", - "source": "cna@vuldb.com", - "tags": [ - "Exploit", - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/vuldb.com\/?ctiid.238637", - "source": "cna@vuldb.com", - "tags": [ - "Permissions Required", - "Third Party Advisory", - "VDB Entry" - ] - }, - { - "url": "https:\/\/vuldb.com\/?id.238637", - "source": "cna@vuldb.com", - "tags": [ - "Third Party Advisory", - "VDB Entry" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2022-33220", - "sourceIdentifier": "product-security@qualcomm.com", - "published": "2023-09-05T07:15:11.847", - "lastModified": "2024-04-12T17:16:00.713", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Information disclosure in Automotive multimedia due to buffer over-read." - }, - { - "lang": "es", - "value": "Divulgación de información en Automotive multimedia debido a sobrelectura del búfer." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 5.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.8, - "impactScore": 3.6 - }, - { - "source": "product-security@qualcomm.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:H\/UI:N\/S:U\/C:H\/I:N\/A:L", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "LOW", - "baseScore": 5.1, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 0.8, - "impactScore": 4.2 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-125" - } - ] - }, - { - "source": "product-security@qualcomm.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-126" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:aqt1000:-:*:*:*:*:*:*:*", - "matchCriteriaId": "715A9F94-5F9E-45E5-B07B-699410C01478" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:aqt1000_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EC6FCE91-BF38-49ED-8FFB-429BAFEE7832" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qam8295p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "44EBEBD5-98C3-493B-A108-FD4DE6FFBE97" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qam8295p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C2D9E281-B382-41AC-84CB-5B1063E5AC51" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6390:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A3BF86E1-3FAC-4A42-8C01-5944C6C30AE5" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6390_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "96FBD6DF-F174-4690-AA3D-1E8974E3627F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6391:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6FEBC0C5-CAA1-475C-96C2-B8D24B2E4536" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6391_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "83B53119-1B2F-4978-B7F5-33B84BE73B68" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6420:-:*:*:*:*:*:*:*", - "matchCriteriaId": "47E674DE-55AB-44E5-8E00-C804FC9D4DC0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6420_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7E16994A-6DBA-426C-ADD2-B1E8B49FEDBF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6426:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8FF5EC23-4884-4C2B-8E77-50B1E8E28A3D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6426_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A344E78F-D15A-460E-8EF8-7C6FC39F2D5E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6430:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0A963FDF-6FF4-4F48-834E-2A14D241716D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6430_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "95AFC483-1468-43FC-96FA-A56165C290E0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6436:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A34D021D-C043-4EFD-9AB3-B2174528CBA3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6436_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "04F574BC-9AB2-4B83-A466-556ECEBBD3DF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6574au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D527E2B1-2A46-4FBA-9F7A-F5543677C8FB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6574au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8374DDB3-D484-4141-AE0C-42333D2721F6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6595au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "288F637F-22F8-47CF-B67F-C798A730A1BD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6595au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D0996EA3-1C92-4933-BE34-9CF625E59FE7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6696_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0AE207DB-9770-40ED-961D-FDA75965826F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6696:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0E23922D-C37F-476F-A623-4C1458A9156F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcc5100_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "58C4A954-9822-4B21-9221-C21031AD4180" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcc5100:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0B1614E0-A51C-47DA-BBE1-89BF538D396E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6145p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C66671C1-AE1A-44BE-9DB2-0B09FF4417DB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6145p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "74AA3929-3F80-4D54-B13A-9B070D5C03BB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6150p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "054F77D6-FC66-4151-9005-DC7ECDB5C722" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6150p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8ED3F589-16D9-46A7-A539-C9862473EE0D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6155p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8DC40C14-3B2D-4E00-9E0F-86E6BDBF2D81" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6155p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0514D433-162C-4680-8912-721D19BE6201" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8145p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A71D74B0-0963-49FD-8E97-148C8993B263" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8145p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "910CBFA4-50F7-4C7A-B9B9-B88C8A919827" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8150p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "69C1B02F-8D2D-42E7-B70D-41F4D9844FD1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8150p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3FEACAA9-C061-4713-9A54-37D8BFC0B00B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8155p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C8648B38-2597-401A-8F53-D582FA911569" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8155p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A01CD59B-8F21-4CD6-8A1A-7B37547A8715" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8195p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "51BC0A66-493B-43BE-B51F-640BDF2FF32E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8195p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D8DA4D12-7ABF-4A04-B44E-E1D68C8E58AB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8295p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2A19659B-A0C3-44B7-8D54-BA21729873A4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8295p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F978041A-CE28-4BDF-A7DB-F0360F1A5F14" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd_8_gen1_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "76910884-45D9-4EA2-BA30-44A8C7CC1339" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd_8_gen1_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "33D393A6-4586-4416-86EB-F9D86DC3DED8" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd855_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "42B30014-95AB-4F24-A7A5-60A907502609" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd855:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F562ED3D-CBE3-4DCC-BFBB-DE0AD2425A9C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd865_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "72433485-B229-46A6-BCA4-394AA4EEA683" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd865_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "04D40EC4-BF31-4BFD-8D0A-8193F541AF02" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd870_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "577B18AC-9892-4373-AC0F-9FD477D64388" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd870:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EAF0EC2E-185F-40D4-AAE7-5F7ED76EC26F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd888_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B991D515-9072-488F-B338-D7776C70FB62" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd888_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3F65BF0A-CC8F-4A4B-9FD4-7FC7066424F6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sdx55m_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B726BE34-E18B-4A88-B8E6-778215FD419E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sdx55m:-:*:*:*:*:*:*:*", - "matchCriteriaId": "585B794A-0674-418B-B45B-42EA97C40B9F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sdxr2_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A27D26F2-3D91-40DE-8ABA-8CB03F02D0A2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sdxr2_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "41EE5CAD-014A-4623-A177-154A8D93E01F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sw5100_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA1BF9BB-AF11-46A7-A71C-F7D289E76E3F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sw5100:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7B8455D6-287D-4934-8E4D-F4127A9C0449" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sw5100p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DB599A9F-0305-4FE4-8623-0F86630FEDCB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sw5100p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EEB883BF-68B2-4C25-84DC-5DA953BFAA2F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9341_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CE852339-1CAE-4983-9757-8F00EDEF1141" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9341:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4D9E96B3-F1BB-46F8-B715-7DF90180F1E1" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "70292B01-617F-44AD-AF77-1AFC1450523D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FA94C6D6-85DB-4031-AAF4-C399019AE16D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "92B17201-8185-47F1-9720-5AB4ECD11B22" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E1FA2EB9-416F-4D69-8786-386CC73978AE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9C6E9038-9B18-4958-BE1E-215901C9B4B2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3980:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B36D3274-F8D0-49C5-A6D5-95F5DC6D1950" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3988_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E4BFB25F-013B-48E3-99FF-3E8687F94423" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3988:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BF676C5B-838B-446C-A689-6A25AB8A87E2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3998_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "34AB9074-97A3-43F0-B829-CDB4E3066AC4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3998:-:*:*:*:*:*:*:*", - "matchCriteriaId": "362252ED-1DB3-4CF6-86DD-14919826D75E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn6850_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3293739B-53D5-48C1-BC3A-FAA74D6C7954" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn6850:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E650C510-037F-47DB-A486-EBF871C73278" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn6851_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DD031A8D-A48A-4363-8C00-C1FF5458D0FB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn6851:-:*:*:*:*:*:*:*", - "matchCriteriaId": "64F5D7CA-6F31-4842-AC66-EB975C19C83D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn6855_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "180EB150-C114-429D-941F-9B99CDA4F810" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn6855:-:*:*:*:*:*:*:*", - "matchCriteriaId": "93BA62AF-3555-463A-8B51-76F07BF0B87E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn6856_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "54C616C5-6480-4FE0-9A1C-08026CCB08D8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn6856:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7D8E02BA-3A7E-4B13-A8D7-20FD0FAE3187" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn7850_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "16EB11D8-27A3-4D04-B863-7FD4549D0BCD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn7850:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CF9B5B84-3C57-4D3D-AFF0-958A19DE09E8" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn7851_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2FFC44DC-DA90-45F5-ACC1-5262D3E3A796" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn7851:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EE9D9A56-2157-43F0-BB18-2B7249D7E021" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "15307882-7039-43E9-9BA3-035045988B99" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA85B322-E593-4499-829A-CC6D70BAE884" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E839A0B9-64C3-4C7A-82B7-D2AAF65928F8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7E870D82-DE3B-4199-A730-C8FB545BAA98" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "11B69595-E488-4590-A150-CE5BE08B5E13" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BF680174-5FA6-47D9-8EAB-CC2A37A7BD42" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F80BC68E-7476-4A40-9F48-53722FE9A5BF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6B36F4B2-BAA3-45AD-9967-0EB482C99708" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.qualcomm.com\/company\/product-security\/bulletins\/september-2023-bulletin", - "source": "product-security@qualcomm.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2022-33275", - "sourceIdentifier": "product-security@qualcomm.com", - "published": "2023-09-05T07:15:11.983", - "lastModified": "2024-04-12T17:16:19.573", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Memory corruption due to improper validation of array index in WLAN HAL when received lm_itemNum is out of range." - }, - { - "lang": "es", - "value": "Corrupción de memoria debido a la validación incorrecta del índice de matriz en WLAN HAL cuando se recibe \"lm_itemNum\" estando fuera de rango." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - }, - { - "source": "product-security@qualcomm.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.4, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.5, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-129" - } - ] - }, - { - "source": "product-security@qualcomm.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-129" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:315_5g_iot_modem:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3AC9E0F8-6E27-4F6B-A667-786272632A24" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:315_5g_iot_modem_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A85141A5-667F-41BB-B84D-908E73A86759" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:aqt1000:-:*:*:*:*:*:*:*", - "matchCriteriaId": "715A9F94-5F9E-45E5-B07B-699410C01478" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:aqt1000_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EC6FCE91-BF38-49ED-8FFB-429BAFEE7832" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ar8035:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EE473A5A-5CFC-4F08-A173-30717F8BD0D7" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ar8035_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C88B9C86-2E8E-4DCE-A30C-02977CC00F00" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ar9380:-:*:*:*:*:*:*:*", - "matchCriteriaId": "73286FFB-C267-46B7-8FEF-C96534656AF9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ar9380_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B032F871-3EC2-427D-A06F-681A58075925" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:csr8811:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1AA32CC0-DE30-4B15-8EC6-1FAF14C5C4E2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:csr8811_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D4CAA848-413D-4C63-823B-BFCE95C7740C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:csra6620:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BFCF207D-B8C8-4860-89C7-673C821F0237" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:csra6620_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FA42F2EA-5D00-42B8-B020-C27675B72915" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:csra6640:-:*:*:*:*:*:*:*", - "matchCriteriaId": "65B283D6-B2D2-49B6-98A8-08EDB54C1F15" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:csra6640_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A8A35ECF-B12E-42DE-A74B-2C3BE03639A4" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:csrb31024:-:*:*:*:*:*:*:*", - "matchCriteriaId": "770F3924-BE27-4BDE-B922-680B3C9753EB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:csrb31024_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1EBF42F8-50BA-4172-A3A0-7FD1BA4B3ED3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3991:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9523ACC9-9D2F-4A40-9CEF-9A9676176867" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3991_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "19013619-9B73-4A4F-B5B2-2A7D9A41D81E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3998_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "34AB9074-97A3-43F0-B829-CDB4E3066AC4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3998:-:*:*:*:*:*:*:*", - "matchCriteriaId": "362252ED-1DB3-4CF6-86DD-14919826D75E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn6750_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F8EE21BA-7178-4D69-852D-2322844FC6B9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn6750:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E9BACB28-F6EA-445A-B74F-0C3881FE59CB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6390_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "96FBD6DF-F174-4690-AA3D-1E8974E3627F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6390:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A3BF86E1-3FAC-4A42-8C01-5944C6C30AE5" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn685x-5_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2A3CF46D-E1CB-447E-8371-15C3F49B1AA9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn685x-5:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B74FDAF1-82D0-4136-BF97-25C56FCEE77C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn685x-1_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A07C2049-B227-4849-85D0-B53D690C7697" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn685x-1:-:*:*:*:*:*:*:*", - "matchCriteriaId": "88D2DB07-B72B-4D44-A373-0C7EAB35F388" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn785x-1_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C41266FF-5555-4522-AD55-6A7CF8BA33D5" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn785x-1:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9E9C428C-7470-4178-9029-3234086D93F1" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn785x-5_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "04EA12D4-24E2-4FE9-8CD6-06A8E36DEB2F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn785x-5:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2AED978B-0330-4B9B-B662-AA8E9E621996" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:flight_rb5_5g_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AD36089F-92DF-49EC-9C6F-4300E4903CB2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:flight_rb5_5g_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D19A754C-6900-4436-916D-F5361E0BC324" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:immersive_home_214_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4C241123-63B1-4CA2-A3CB-BADA86EAAA2E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:immersive_home_214_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "66E4B95D-966A-4940-A403-9E8241F121C2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:immersive_home_216_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "68309F58-91D9-407E-9578-17EAF6836E07" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:immersive_home_216_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A0D491A9-6A1F-4B62-9A30-5A9F592BD5B5" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:immersive_home_316_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA6CA3E5-7A0F-4705-985E-0C25DE609494" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:immersive_home_316_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8DC770BF-4B23-4F43-A0B9-E5FE41536F5E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:immersive_home_318_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "84B4531C-9D90-4A9B-8724-1428372319C8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:immersive_home_318_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "497EC79B-0879-4FA2-A5B7-63EA54FC20A5" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq4018_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1D65E62B-95CA-4229-A61B-F4FB70466B6E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq4018:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1339CEEF-34C9-426E-864B-6C7B68E72CAA" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq4028_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3525CD2A-CE43-4B42-B8C2-9B19B2551214" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq4028:-:*:*:*:*:*:*:*", - "matchCriteriaId": "010DBDB1-F1A3-4805-BDD2-84CBFA0A0BE1" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq4029_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3D21F293-B9C7-46CB-8D83-BEE27E899BC3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq4029:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C4BA4D00-D7B2-4152-BD82-E6F572655AF3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq5010_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8543C671-054B-489F-ACFE-B7D7BEC1DEE6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq5010:-:*:*:*:*:*:*:*", - "matchCriteriaId": "15C5F8CB-3291-4E13-94F0-680FC85A9669" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq5028_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5AE3085F-59BE-46A0-9A96-65CFAB7DFEAE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq5028:-:*:*:*:*:*:*:*", - "matchCriteriaId": "825524E0-BB01-4CAD-9F65-95E096467D28" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq6000_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA7A5C46-48BF-42A9-A477-A660C6D7B437" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq6000:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EDB79382-19D6-4A67-9013-7099A9C58829" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq6010_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A5CF970F-17AE-4C59-89A5-5B41A41E1DE0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq6010:-:*:*:*:*:*:*:*", - "matchCriteriaId": "71C54A70-AAA8-4B5E-AC1B-471A5C7E79B0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq6018_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B04589FF-F299-4EF6-A57B-1AD145372DBB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq6018:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FDC1ADAD-DA77-47EF-8DB9-C36961C560C2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq6028_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "06126F30-D081-4A11-92FB-4074A451FAF9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq6028:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E2550040-CCC7-4B52-8D3E-7948B3E3C62B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8064_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7A1CC1C1-F2CA-4C43-B9E9-1288C3496C7B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8064:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AC82552A-9E7C-4A13-B7A5-43CEA218675C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8065_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9F37542D-35FD-4B15-8882-DD7543FF4E3D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8065:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1A7A9919-4B34-4960-ADC7-04A176579B80" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8068_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A3CB8796-7976-4077-BFF3-04DAEF5C8DDF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8068:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E848E5C5-F6C6-4FA1-93A6-C7737D69BB15" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8069_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C818E621-4286-485B-96E3-AB485F16BD8D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8069:-:*:*:*:*:*:*:*", - "matchCriteriaId": "87CFC07B-1F10-4AC8-85D8-5BE76FE35FB3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8070_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C670A4C5-1F17-4F1E-91DC-A33A9BA8878A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8070:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ACC9F136-90A7-486F-AF2A-EC60125E5AF8" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8070a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "711FC14F-4DED-4F90-9BA5-0036537E6DCF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8070a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "302F06C0-4835-4CD6-B745-BF7B704C3C86" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8071_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA6FF982-7B4C-40F8-8A79-49CD234930DF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8071:-:*:*:*:*:*:*:*", - "matchCriteriaId": "77052755-6A86-4ED7-B45C-32F884D27C64" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8071a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "623ED6A2-EE37-458E-BEFA-8BAD08256AE8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8071a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "53449B68-4C58-4AEB-82B7-72726ADE0E2C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8072_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "83357A1C-633B-4814-ABB5-A8AC2AC12990" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8072:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8C4A7555-7224-403A-9B7D-23D1622623B7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8072a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "93E5DB9B-F388-49F3-ABD5-CE773FC4B045" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8072a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0137E60A-1869-479C-9B4B-378E5FCCBA1D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8074_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2914BF98-E69C-4C8D-8B10-759642ADD7B4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8074:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2118C404-402F-463C-8160-3CC3B703DF30" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8074a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5C7691C2-C4F8-4F23-9B5F-5E8FE0E2293E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8074a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "02BF2E50-E2A4-44FF-9748-ED96C0C1AB5F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8076_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "966392A8-DD8E-4AA1-B407-5BF2D937139E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8076:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A211C022-8EDF-4B76-89D6-599812900446" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8076a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EF245F8E-C056-4BEF-982E-9616F8C65CD6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8076a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CE302EF9-165F-47F9-B0D6-BE1E3D8C6C65" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8078_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A24951FD-C4AB-4988-A1DD-019412430AC6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8078:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EFEC5D65-C1E3-40ED-9FE3-8DF888CA2654" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8078a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DF609C6C-CD50-423A-A75E-83C730296089" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8078a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B8B35C18-9A01-41E1-8CE9-D8FA7E4A25ED" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8173_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8890C528-C2A3-4148-A397-85B63FB920C4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8173:-:*:*:*:*:*:*:*", - "matchCriteriaId": "81494D75-1D4D-4DC5-AF67-F83FD562DBB9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8174_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6BB84228-3083-4048-8E83-E1F30B537223" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8174:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EB58F259-62BA-40B9-BD71-960F25D20BED" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq9008_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "78A6F4F3-0CE3-4A02-B615-63E76C93ADC4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq9008:-:*:*:*:*:*:*:*", - "matchCriteriaId": "31D07608-80F7-44AA-BE91-1F97FC1CE313" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq9574_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0327D8C9-DD6B-4831-BBD4-2EE57A351493" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq9574:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0C866E83-23ED-495C-AA5A-0B01973674BF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:pmp8074_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F9B58B4E-86B7-4EB2-B78A-5E35FBA4A4FF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:pmp8074:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0EF03806-39CD-4B54-BA5C-D1C808E46621" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qam8295p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C2D9E281-B382-41AC-84CB-5B1063E5AC51" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qam8295p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "44EBEBD5-98C3-493B-A108-FD4DE6FFBE97" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca1062_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7B3F80BD-90EA-4207-BCB2-5E5CE80B599A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca1062:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AEB9196D-4EE0-4978-8A80-C21B5DC0CF21" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca1064_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CBC2C38C-5D5F-49CB-8DF5-35974D13B40B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca1064:-:*:*:*:*:*:*:*", - "matchCriteriaId": "365FE873-2311-44B8-B699-4B2F3459B0B2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca2062_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "54C350AB-526B-4681-9C37-DD508EFFB143" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca2062:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1ACBDBFC-796A-428E-9570-77E488FA1CB3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca2064_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E73670B4-1055-4C65-AD34-EB978ABB19A6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca2064:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C774D66F-60C9-46B8-BE1D-B8D61EE5E844" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca2065_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8C68AE99-4C8C-43AE-94AA-82632FD2BBE4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca2065:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E255A21F-EC50-436F-81D9-8B2AC56D9BCE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca2066_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6366F2ED-C6B7-4579-B304-C5B6DF951EB4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca2066:-:*:*:*:*:*:*:*", - "matchCriteriaId": "09B688AF-E1A4-496C-924C-D6B725CBBE26" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca4024_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C359D1E7-6E0A-41B5-ABE5-B55598960700" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca4024:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B4DC3CE7-0C4A-458B-A42E-8F80C062DD5F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6310_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "62DC4FBB-D9CB-43EB-829E-0A892306D0E2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6310:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5B0F8ED6-EAE7-44EA-A8C6-F5AD408261F0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6335_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "966CDA56-809F-4FF4-909D-0DD92F44CF67" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6335:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C90747B4-2CC0-4816-A994-58E00F5ADA05" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6391_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "83B53119-1B2F-4978-B7F5-33B84BE73B68" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6391:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6FEBC0C5-CAA1-475C-96C2-B8D24B2E4536" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6420_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7E16994A-6DBA-426C-ADD2-B1E8B49FEDBF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6420:-:*:*:*:*:*:*:*", - "matchCriteriaId": "47E674DE-55AB-44E5-8E00-C804FC9D4DC0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6421_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "503CEDEF-99D0-4432-88A0-295340743606" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6421:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CE9115A0-0D87-49BE-9A9B-091DBF8D9E6E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6426_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A344E78F-D15A-460E-8EF8-7C6FC39F2D5E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6426:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8FF5EC23-4884-4C2B-8E77-50B1E8E28A3D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6428_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8B9382B5-AEB1-41E6-9F25-B0EDC95363C9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6428:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BDFC0DFF-F13A-4804-890C-99AFA0C56D62" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6430_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "95AFC483-1468-43FC-96FA-A56165C290E0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6430:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0A963FDF-6FF4-4F48-834E-2A14D241716D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6431_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "76FD6A24-B6F4-4C65-968F-AFF90A1A60B8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6431:-:*:*:*:*:*:*:*", - "matchCriteriaId": "34661A30-92C3-4F0D-ABD1-8DA8E928DFF9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6436_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "04F574BC-9AB2-4B83-A466-556ECEBBD3DF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6436:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A34D021D-C043-4EFD-9AB3-B2174528CBA3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6438_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F8D7658D-692D-4873-8D41-7682E9ECAEB3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6438:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DB8993C2-1E06-4ACF-B1E8-A62D89EBF4A0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6554a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0B1397F3-8CCF-4BBA-9F0F-A12E4F045754" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6554a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F5888224-567D-4C84-BE6D-17B636BF506C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6564au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B59672A0-2FA6-46CC-B75A-C599B842AFB9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6564au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3847F4A5-90A5-4C84-B43F-0DDD81BD79CE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6574_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9B828AC8-4A01-4537-B2BD-8180C99F5C32" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6574:-:*:*:*:*:*:*:*", - "matchCriteriaId": "66C16E1E-9D4A-4F20-B697-833FDCCA86FB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6574a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "828CFB37-76A6-4927-9D00-AF9A1C432DD6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6574a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "11405993-5903-4716-B452-370281034B42" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6574au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D527E2B1-2A46-4FBA-9F7A-F5543677C8FB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6574au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8374DDB3-D484-4141-AE0C-42333D2721F6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6584au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C3DDA896-576C-44B8-85B6-F71F473F776B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6584au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "51A87BDA-5B24-4212-BAB3-D2BBB2F4162E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6595_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "643EC76D-2836-48E6-81DA-78C4883C33CA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6595:-:*:*:*:*:*:*:*", - "matchCriteriaId": "477F6529-4CE1-44FC-B6EE-D24D44C71AE7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6595au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "288F637F-22F8-47CF-B67F-C798A730A1BD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6595au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D0996EA3-1C92-4933-BE34-9CF625E59FE7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6678aq_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D001127D-8160-42F0-B8B9-2FAA2976B530" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6678aq:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C9EB615F-FD4C-450B-AB25-E936FD9816C4" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6696_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0AE207DB-9770-40ED-961D-FDA75965826F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6696:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0E23922D-C37F-476F-A623-4C1458A9156F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6698aq_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5FA1F8F4-EAF2-4704-A8A6-19AD3CA1B577" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6698aq:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B3F7853D-09EE-476F-B48D-BB30AEB4A67D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8072_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1F4012FC-F0D9-41DE-BC2A-FBDD1B212540" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8072:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B16C4C53-F8BA-48D2-A7EE-90A06499722D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8075_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CC8A5A87-7D62-4EB7-962A-0F160DE3E889" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8075:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7B68D126-7F49-4FFA-8AF8-78120973D78E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8081_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1D1C53DC-D2F3-4C92-9725-9A85340AF026" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8081:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ED0585FF-E390-46E8-8701-70964A4057BB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8082_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EB1F2E8B-1ED2-473D-AFD8-F2590F6BD414" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8082:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FBDA9657-7D30-41FD-8112-F53E6C69D53A" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8084_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1B9045A8-BA53-43C4-B24D-5EF320DE7A4A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8084:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3D6E8939-AFA3-41AC-B811-BCC282A43106" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8085_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B87335A8-DC52-478E-B19F-0C4CC63132EA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8085:-:*:*:*:*:*:*:*", - "matchCriteriaId": "99C34523-FE2A-4DDC-9A8A-D9072F3D0FD3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8337_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2FA8F9DA-1386-4961-B9B2-484E4347852A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8337:-:*:*:*:*:*:*:*", - "matchCriteriaId": "117289C8-7484-4EAE-8F35-A25768F00EED" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8386_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "08E9E6CB-2216-4AF2-81C2-D482598298BE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8386:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4774FAA6-6141-4B08-819C-58D4D9A2B69F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9886_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "311229F9-4A32-462D-AE8D-E5E2B2C416CE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9886:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5A523C3F-FB62-4728-8173-4C117C28AC5A" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9888_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EF227702-EEFC-43CC-AC80-81EA6E4927E0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9888:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AE5DFEA5-EA29-40B6-83DB-883B276E8245" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9889_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "728CCD27-ED06-49FD-AECD-9B0856813EDF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9889:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1D181868-AE93-4116-B45F-81D94F537227" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9898_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "49882EDE-598D-40B2-8A65-D258241E669F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9898:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F1572D87-4EC2-4B95-826A-B03FDD4985AE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9980_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DCBC53AC-E040-40E0-B09B-4117E641C9D4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9980:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7AE49086-E95B-4852-8A09-16A83DD63EC9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9984_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "93BA2DC9-5B4F-4F8F-8B3D-8DA01043B9BD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9984:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8FA8880F-E513-4390-B839-C5D86E7A89EB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9985_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ED6C33CE-635A-415F-9F4E-70E2D86A06D3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9985:-:*:*:*:*:*:*:*", - "matchCriteriaId": "124FF4F3-0490-4CB8-8689-5F0FA6D9230F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9986_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "70DBC461-DFD7-419E-8241-B55913315D45" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9986:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4E9EC919-0F83-49F3-807B-CD4B27AAE741" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9990_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "991D9592-D61E-4777-8B59-EB004F09998E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9990:-:*:*:*:*:*:*:*", - "matchCriteriaId": "37A829C8-5BA3-4B13-9033-30FCD5B78B70" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9992_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5D8FB66C-5616-4C3A-9CAE-7610519ACA1A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9992:-:*:*:*:*:*:*:*", - "matchCriteriaId": "408C8494-E7D8-4F99-9B04-7E84A31C799B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9994_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BD5B18AA-0699-4F21-9D3E-C45B071B4903" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9994:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DDC4C800-C9E3-4DB0-AE99-3F75D3660DEC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcm2290_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5AB1F0FA-25F3-4304-A3BC-5264E55CC092" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcm2290:-:*:*:*:*:*:*:*", - "matchCriteriaId": "214A053F-D80C-4AD9-B4F1-83384095A3F3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcm4290_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3C7FFB96-53E7-41A2-BC99-7ACD853214A8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcm4290:-:*:*:*:*:*:*:*", - "matchCriteriaId": "74EBA77E-69A5-4145-9BEC-CD39BA132309" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcm4325_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F2D8044B-D4E5-4174-A0FB-478F8434EE8F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcm4325:-:*:*:*:*:*:*:*", - "matchCriteriaId": "163FE96E-DF5B-4B67-8EDE-44A5B9A8492D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcm4490_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DA506489-4338-44DF-8F92-12E60AF0048C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcm4490:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A8718C37-A82A-4A08-A887-3F22B37601A9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcm6490_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ADD6D51E-5787-42A6-8A02-4EBBAFFF9C94" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcm6490:-:*:*:*:*:*:*:*", - "matchCriteriaId": "99AA0291-B822-4CAD-BA17-81B632FC3FEF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5021_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B0F7D48A-7D06-46C5-A093-FAA12666A666" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5021:-:*:*:*:*:*:*:*", - "matchCriteriaId": "58DF7FA9-72B4-454D-AED7-ED9531B118BC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5022_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "478B79F0-D257-41B2-965B-3E251A584D45" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5022:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8B6D2C9D-1BF9-4D78-90FB-B7633DD87E67" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5024_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "63965F19-033E-4755-B9CA-EF409EC339A3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5024:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CCA0E68F-6D5F-4C20-AABC-26CA6867D3D6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5052_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "85740DB4-3B08-48A4-ACAF-7BBB2612009A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5052:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8A0BD404-5EBA-4988-91B6-ECE8FCF4F041" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5054_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2D6190FE-17A6-48CE-AA34-5DCF01362E9F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5054:-:*:*:*:*:*:*:*", - "matchCriteriaId": "09AB1C26-7ED2-431E-8EA4-8ACB16857A01" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5122_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "290BFC8A-0D76-4BCD-B059-2DAFD368A10C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5122:-:*:*:*:*:*:*:*", - "matchCriteriaId": "936A308A-92B9-468C-9BC6-8FD71C7C2315" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5124_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2A9F76FF-96D3-4BCE-918D-B3B0ADA3E8E0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5124:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2908A543-EFE4-477D-9CF3-76534B2E6CF6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5152_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0EAE1EBF-AD14-4C07-99B5-2547A5196B20" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5152:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D4829FF9-C0BA-4E40-A01A-3EF179462029" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5154_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0ED3ED74-C2D0-4A84-A2F8-392818E5CD20" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5154:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4F1CA219-959D-481A-8622-69F1825832FB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5164_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5F6EAD64-D133-42C4-92ED-90C49938C0F1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5164:-:*:*:*:*:*:*:*", - "matchCriteriaId": "93E7ED58-C5A7-4F78-8233-750780CCAB16" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6023_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "63FF89C5-3BBF-4A13-8A3B-F490C2FA1A95" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6023:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6784EC5F-2C26-49C5-9A03-6FD2056C04EF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6024_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A49DBE04-E2EA-4DA1-B774-A878A71524AC" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6024:-:*:*:*:*:*:*:*", - "matchCriteriaId": "69E98386-3BB2-4E8C-AD00-E05123608439" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6100_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4730B8E7-C884-4AFA-ACB5-D0F39A993D18" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6100:-:*:*:*:*:*:*:*", - "matchCriteriaId": "98CB565F-FE4A-4B52-96CB-AA769E985230" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6102_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C37D96A3-0466-4FC4-9E56-35B55C3FA970" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6102:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9D55BAB4-2AC5-419C-B405-C1AA022DAA24" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6112_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6300827E-F6F0-490B-8043-38DD415E3161" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6112:-:*:*:*:*:*:*:*", - "matchCriteriaId": "58F6B4C5-2C26-4A13-BA10-5B70805AD8B6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6122_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1A988BD3-71D8-4F2B-9EC2-8E385B114114" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6122:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1E7049A3-9F35-465F-9B2E-96788E54EC63" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6132_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A59FBBDC-0495-422C-B25A-FFDF94D33C34" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6132:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F6E55C06-45EE-4144-8CBC-4D41DDE4D899" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9000_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5BCCFF8B-4857-439D-BD4A-EB35672F474B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9000:-:*:*:*:*:*:*:*", - "matchCriteriaId": "86896D55-89F5-440B-9082-916E486B65D9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9001_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E02C2FD8-3434-4407-99E3-EE1779C18117" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9001:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AC3468C1-CF50-4ED2-BD91-D1D140653CFC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9002_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6694BAC2-6E3B-4589-8BEA-6B5219267D19" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9002:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EF54E749-D512-45DE-841D-6199623C7099" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9003_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6128C715-8085-47A8-9EE3-F8C67FC1236B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9003:-:*:*:*:*:*:*:*", - "matchCriteriaId": "73B9F6F0-2F3A-4A4E-91A1-39EE598E22A5" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9011_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9306C34D-47E4-40CF-89F4-BA5263655D13" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9011:-:*:*:*:*:*:*:*", - "matchCriteriaId": "02BA009F-24E1-4953-BA95-2A5BC1CDBDBB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9012_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "61F34DD2-9DC0-49E5-BC85-1543EA199477" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9012:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1A06879F-6FE9-448A-8186-8347D76F872B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9022_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "36A10EB2-E7A2-461F-836E-FC38B9428C98" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9022:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A457C1D6-A026-4B5F-9CB1-FA795785A515" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9024_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A64CDA49-19BF-413F-A0E0-2B9729E45E25" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9024:-:*:*:*:*:*:*:*", - "matchCriteriaId": "345CCD64-C09E-407D-AAA2-311C4CCFE24F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9070_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2C10CAAC-FD93-4116-9F0C-E983B3693FAF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9070:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9FEC2402-BA39-49BB-A34C-FF32ED44A158" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9072_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "809FD84D-11C5-4EE3-B830-62CF5F6CB1BC" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9072:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DFD77A52-D53C-424F-9E17-160B710469C3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9074_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "65303C2D-C6BF-47CB-8146-E240CB8BBE42" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9074:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A6B03022-497A-4F42-BB4D-5624EA7DF1B9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9100_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B31EEE9E-CDEC-4E88-B950-3413205E483E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9100:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3E1E341A-7DDD-47E5-BB5F-0666482B41C0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9274_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9129A244-AB8C-4AA4-BFBB-37F84D66BD3E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9274:-:*:*:*:*:*:*:*", - "matchCriteriaId": "41F243A1-3C0B-4780-95BF-69A4E1A91F18" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs2290_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "93CDB7BC-89F2-4482-B8E3-9DDBD918C851" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs2290:-:*:*:*:*:*:*:*", - "matchCriteriaId": "76E03AE9-2485-449B-BCFD-3E452BB01FC6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs4290_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "06789CB9-E6FA-400D-90B6-C2DB6C8EF153" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs4290:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FFCB9F22-57F2-4327-95B9-B2342A02E45E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs4490_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3336CDD7-9E7B-4FFB-A5CE-594B19B63A6C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs4490:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1197E229-1E27-4CA3-A386-B77FAE5DFE1A" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs6490_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "403AE561-6C9E-49F3-A5D6-C48DDD51D663" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs6490:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6FAC140F-FC5E-4C88-B777-7F5EBF49A695" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs8250_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1CDDD37F-4C3A-4955-9AFB-7774021A0198" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs8250:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2D13E375-0562-4263-8452-53E117F14E83" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qrb5165m_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D9CC1C8B-F642-4068-B9E3-ECE027486E45" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qrb5165m:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A60F8378-B827-4557-B891-A8A02F8F2A25" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qrb5165n_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "97BB1EB7-D194-4FE2-B4F6-A7A52F344DDE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qrb5165n:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA2C90E7-0F3A-43BB-ABF7-63CEA7A85ADA" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qsm8250_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8C194363-7FDE-43C9-B6FE-2BD6B474816F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qsm8250:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B8CC9433-6B33-4B9C-8EC3-BBBB43897E5C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qsm8350_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1894F6B9-31DA-44E8-AA28-064F73EBEE8D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qsm8350:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8AA23845-D9F5-4035-8A93-F475D865586F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qrb5165_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "89A1AAD0-9336-4657-8E1E-74E8F490C06E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qrb5165:-:*:*:*:*:*:*:*", - "matchCriteriaId": "386F2F37-974B-40F2-9B23-ABD49C60E32D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa4150p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0DC99C0C-8AE3-4918-B91D-2C26990FE931" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa4150p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A558A868-1B67-48D2-8A94-FDEA7126FAE7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6145p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C66671C1-AE1A-44BE-9DB2-0B09FF4417DB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6145p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "74AA3929-3F80-4D54-B13A-9B070D5C03BB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6150p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "054F77D6-FC66-4151-9005-DC7ECDB5C722" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6150p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8ED3F589-16D9-46A7-A539-C9862473EE0D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6155_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4C40544E-B040-491C-8DF3-50225E70B50C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6155:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A2DAC85C-CDC9-4784-A69A-147A2CE8A8B2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6155p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8DC40C14-3B2D-4E00-9E0F-86E6BDBF2D81" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6155p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0514D433-162C-4680-8912-721D19BE6201" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8145p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A71D74B0-0963-49FD-8E97-148C8993B263" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8145p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "910CBFA4-50F7-4C7A-B9B9-B88C8A919827" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8150p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "69C1B02F-8D2D-42E7-B70D-41F4D9844FD1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8150p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3FEACAA9-C061-4713-9A54-37D8BFC0B00B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8155_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F33EB594-B0D3-42F2-B1CA-B0E6C9D82C6B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8155:-:*:*:*:*:*:*:*", - "matchCriteriaId": "50EF47E5-2875-412F-815D-44804BB3A739" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8155p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C8648B38-2597-401A-8F53-D582FA911569" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8155p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A01CD59B-8F21-4CD6-8A1A-7B37547A8715" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8195p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "51BC0A66-493B-43BE-B51F-640BDF2FF32E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8195p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D8DA4D12-7ABF-4A04-B44E-E1D68C8E58AB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8295p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2A19659B-A0C3-44B7-8D54-BA21729873A4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8295p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F978041A-CE28-4BDF-A7DB-F0360F1A5F14" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180x\\+sdx55_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C751ABFE-3B9B-472B-A10C-277270790D95" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180x\\+sdx55:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C819454D-D413-478A-B78D-CFF6994803A1" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm8450_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A38C0AFD-D666-423C-8903-BB026965D97C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm8450:-:*:*:*:*:*:*:*", - "matchCriteriaId": "59DBE92C-D428-4952-B94F-B46B3A627DFD" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd_8cx_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A71D1A7C-537F-458B-BA56-A11F95E36EA9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd_8cx:-:*:*:*:*:*:*:*", - "matchCriteriaId": "716DEC4D-D854-44CD-8A14-AA5AFD96809E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd460_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "52036768-810C-40C2-9213-8397A4073703" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd460:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BE8AB22C-54EA-4D61-B6F9-7BC45820D29E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd660_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3991C516-4FBE-43D8-835F-413FE45BF73E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd660:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D9CF5EBB-B25A-4A76-B522-951F108263CC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd662_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C7BE7001-5539-4C5E-A064-6E62023803AE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd662:-:*:*:*:*:*:*:*", - "matchCriteriaId": "06661DAC-5D22-433E-B5EC-486931E265B4" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd730_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EC4DA7EA-DB81-4C71-A875-2612D8D7D726" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd730:-:*:*:*:*:*:*:*", - "matchCriteriaId": "48F26F64-98D4-420A-8918-E5E56ABA1D47" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd855_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "42B30014-95AB-4F24-A7A5-60A907502609" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd855:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F562ED3D-CBE3-4DCC-BFBB-DE0AD2425A9C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd865_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "72433485-B229-46A6-BCA4-394AA4EEA683" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd865_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "04D40EC4-BF31-4BFD-8D0A-8193F541AF02" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd888_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "79219DA5-0D09-4CEF-AEFD-917F269AE7DF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd888:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4D30BACF-71C1-4A6D-8811-9AD708A98307" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sdx55_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E93FB34B-3674-404D-9687-E092E9A246AB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sdx55:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F3FF5A9A-A34A-499C-B6E0-D67B496C5454" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sg4150p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9279F02F-6C30-4891-8941-97003DE9C8C7" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sg4150p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FFA7BB42-305C-451F-92D8-0718DF68A012" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm4125_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E2B93301-AFE8-409B-A8C8-6754BE5A0C14" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm4125:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B185412C-177F-48E2-87F9-1269E0FB8E31" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm4450_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8F57DB5E-863C-4CA1-B7C0-DD8FCA50F835" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm4450:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6E3F3930-3C47-4A0D-ADC2-2641AE1CC02C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm6250_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FACA2BF1-85D3-447F-A08D-B90330A22550" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm6250:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C2ABA18D-82C1-4366-B1D7-DED42DD3D5C5" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm6250p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E3FB2972-94B6-4716-BA96-4B452BA3990F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm6250p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "57F4F872-094E-4E27-BB89-D8251FAFB713" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm7250p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "76DB5472-DF51-4144-8A69-9B231CF782DA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm7250p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1D395018-251C-45AA-9EE8-A638CAB0B508" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm7315_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A4508742-7D97-43D8-B8F5-041F4C588723" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm7315:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CF8C63E8-169F-4164-BD49-348ED894813F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm7325p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4BEC725F-19B1-4078-B13D-CE624BE23344" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm7325p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4EA43E38-A12D-49C3-B05C-A2AF07ED2710" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:apq5053-aa_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "35953900-1F81-49B4-B2F4-A0FEEF0E4F08" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:apq5053-aa:-:*:*:*:*:*:*:*", - "matchCriteriaId": "21E3FCA2-6CD3-4C63-9EFB-783FEF08D170" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm4375_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "117FAAF8-4E79-4BA8-BF6B-4572C114890F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm4375:-:*:*:*:*:*:*:*", - "matchCriteriaId": "233283A4-193F-430A-8019-EE1B83668E36" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm4250-aa_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8615FCF8-2AEB-4820-A0F8-DFCE50DFB465" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm4250-aa:-:*:*:*:*:*:*:*", - "matchCriteriaId": "977DF595-DA7A-48E0-BD7D-2CD89F63D037" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm4350_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0D4BDA33-248D-4040-B07D-2A9D80C64709" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm4350:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E0DB9382-CF2F-4690-ABCA-145CDA12F4AC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm4350-ac_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "86F03E3C-CDEE-46AF-9CD6-4C58BAA4514E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm4350-ac:-:*:*:*:*:*:*:*", - "matchCriteriaId": "887B369C-4398-4D8F-A95A-B9A8E9B1C1B3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sdm660_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "24D7B67C-6FEC-48F8-9D46-778E4528BC20" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sdm660:-:*:*:*:*:*:*:*", - "matchCriteriaId": "05006807-D961-446C-B8DC-C87507F1316E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_662_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "37DF4D73-3ACC-41B3-8CA4-20DAECE6BFB7" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_662_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FE08D23A-2D0D-4472-8847-27B955F55165" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_675_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ABF96A66-FECF-4D2F-94C5-7BFC746789E5" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_675_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "28638583-F98D-4B88-AF50-A10642D6A105" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm6150-ac_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "559BBC7F-CF94-4524-AF8A-172013131EED" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm6150-ac:-:*:*:*:*:*:*:*", - "matchCriteriaId": "21BE75B1-0CB5-44DD-920E-B09B1A122C78" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm6225_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EC2668D5-623D-4E13-AF37-6F7040A14007" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm6225:-:*:*:*:*:*:*:*", - "matchCriteriaId": "72B0F4C7-CA0F-4B9C-A6AA-60934B2AB2C2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm6225-ad_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E089DC83-3849-4671-95B9-E4C958EC79FB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm6225-ad:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E38F8F04-F841-492B-A555-96DBD7461380" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm6350_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "80E5A7CE-9356-4E00-8458-52C60CB34753" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm6350:-:*:*:*:*:*:*:*", - "matchCriteriaId": "571CC514-7B65-4769-9921-149ABFF2FE74" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm6375_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "737807F6-F62C-4EC5-903A-0BA996834164" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm6375:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5B79990C-AAD2-4A91-A806-E449838054BA" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm7125_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "055E464C-C63A-455E-97B0-0D8A266A428F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm7125:-:*:*:*:*:*:*:*", - "matchCriteriaId": "527A0A00-0C6C-4937-87A3-00668CF7BACB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm7150-aa_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E66B0335-F592-4670-8E7D-7952396B88CA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm7150-aa:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3FA9B931-E55A-4717-A700-C3717B681824" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm7150-ab_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6DB73734-92EE-4123-8D02-C7D0CE3029C1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm7150-ab:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F4D107A6-3120-4B08-B34C-A8C180474DDB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm7150-ac_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8BA93759-49DD-4E86-93C7-AACC9F9E9346" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm7150-ac:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D072F051-A8C8-488A-971A-6A5A705837BB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_750g_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A96C773B-B228-4A39-8CAE-AEA0EE6E5699" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_750g_5g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "898FE463-291B-4C89-BEC5-8B99EA18CF23" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm7250-aa_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6809F530-FA3C-455E-AF16-41F57AC3F5D4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm7250-aa:-:*:*:*:*:*:*:*", - "matchCriteriaId": "464E833D-9FCA-4407-88A2-EDE7D4FAEA28" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm7250-ab_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "437D618B-FE47-4DF6-9174-B1335501862D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm7250-ab:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4616FA92-3DB7-4ABC-A804-92B9FC7D57AD" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm7250-ac_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A51EAC73-7C74-4ABC-A964-8FE2CCB1C930" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm7250-ac:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0DF142AB-6BB0-43BE-B2F1-679A4BD123D5" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm7225_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "34E2940C-5D85-4D05-A1B1-41E20DF01626" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm7225:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CAD2B248-B205-4D7A-B03B-9AC3CEFF8760" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm7325-ae_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "973C7278-EA56-425A-933E-30906763A978" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm7325-ae:-:*:*:*:*:*:*:*", - "matchCriteriaId": "02698564-E791-4057-A4CB-E22075B76E1F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm7350-ab_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "14FD6D80-8DC4-4E6D-A492-537413DA1D56" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm7350-ab:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AFADAF33-D40E-4686-A028-84ADCE43DC57" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm7325-af_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D4C78936-5B8A-440F-A083-01AB6089209F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm7325-af:-:*:*:*:*:*:*:*", - "matchCriteriaId": "367B4E71-1390-4C89-9495-A30138B36667" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc7180-ac_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2C4AF477-933A-4BD5-9713-349DF5721D56" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc7180-ac:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B6D5D11A-DEFD-44A9-AA13-6D048D95825D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc7180-ad_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "145000B1-5D57-4654-BEC5-0F1B6369AE0D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc7180-ad:-:*:*:*:*:*:*:*", - "matchCriteriaId": "50BCE5F1-EA5C-47FD-BF43-FF85D33EA847" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_7c\\+_gen_3_compute_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C4A050CA-8514-400A-A6B3-F513CC93CA14" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_7c\\+_gen_3_compute:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BD850305-1E76-4952-A3FB-F6229CBF7FE9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm8475_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "73CB0B0B-8448-4961-85A3-BC32A8567A21" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm8475:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E626A19A-DBE3-4DE9-90DA-FA3F883FF3CF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm8150_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9286B1E8-E39F-4DAA-8969-311CA2A0A8AA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm8150:-:*:*:*:*:*:*:*", - "matchCriteriaId": "19B9AE36-87A9-4EE7-87C8-CCA2DCF51039" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm8150-ac_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DC335397-8340-4DD4-B8D1-9AB6E9911F85" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm8150-ac:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CB6CF9F9-8EEE-49AD-B17D-60470F2F9D57" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm8250_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DDC730C6-FB32-4566-AAE2-B2B261BA9411" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm8250:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5A432773-467F-492C-AA3A-ADF08A21FB3F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm8250-ab_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2723E7F4-1381-4542-83BA-E65728F6CA5B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm8250-ab:-:*:*:*:*:*:*:*", - "matchCriteriaId": "918F0BEB-A38E-4801-ADE2-280D26F9A87C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm8250-ac_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "056F1BD3-A44D-4876-86DA-1B864C60DAE7" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm8250-ac:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9F2C602C-8D7C-4B3D-BC49-B5C36DFA8B63" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm8350_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4B0798E6-68B1-4C0E-BF5B-5BC8033351A5" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm8350:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7E70D909-40D1-4B66-AEA3-034F2C53FB0F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm8350-ac_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D77AA64D-A9B5-473F-98FC-E5859142881D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm8350-ac:-:*:*:*:*:*:*:*", - "matchCriteriaId": "066C3D8A-DC4C-415C-AFC1-0400325B0B10" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180x-ad_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2802A422-CCEA-4634-B164-09AC35C00C2F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180x-ad:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8AB65F7E-6921-44AA-8B2C-C4814BD51A7F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180xp-ad_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E7EB4CA4-CEAF-4D8C-AE28-5373CC5E46D7" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180xp-ad:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9B12A03C-20D1-452A-99E6-BA94C02BA982" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180x-aa_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "89811F0E-0226-4657-B0E0-5C03FAAEE0AF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180x-aa:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FD6A5576-6766-4E65-A8C1-7215DC0EC128" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180x-ab_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "797F1912-4F43-4CA6-83DA-620C4623CB94" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180x-ab:-:*:*:*:*:*:*:*", - "matchCriteriaId": "419CEB14-21A1-4B9B-A2E7-C5F76FED07D8" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180xp-ac_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "61C77656-153F-4DA8-9C7C-BCAAFD25E0A7" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180xp-ac:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0DFDC9D5-81AB-4B4E-AB78-691B8A389C86" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180xp-af_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3B7DFFD6-92C7-4042-BD8F-D3E6FDB7958C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180xp-af:-:*:*:*:*:*:*:*", - "matchCriteriaId": "007B494C-4AAD-4E74-BD16-C62A643BC241" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180x-ac_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EEC4BF9B-2B98-44FF-9B81-25C10AB71E24" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180x-ac:-:*:*:*:*:*:*:*", - "matchCriteriaId": "02C5409B-4D98-4F3D-9902-41A5394342C9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180x-af_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1B66319C-184B-4417-85D6-4F8AB51B578E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180x-af:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F7C8DA78-9E96-4140-961F-B2BD80ACCE54" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180xp-aa_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "53AE3110-9F78-45E8-BAD9-2C63ACD7489B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180xp-aa:-:*:*:*:*:*:*:*", - "matchCriteriaId": "819D5879-EE22-4E6B-B401-D02F7FC68679" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180xp-ab_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6EBD06A6-7156-4363-AECB-6CA872008B54" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180xp-ab:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FFEBF216-405D-462B-9345-3146315F6744" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8280xp-ab_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CD602832-D779-4A1E-9CE6-5E720FB1C509" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8280xp-ab:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6E162204-0481-4508-96A0-BCD8D9954E46" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8280xp-bb_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "30FD02EE-E958-4189-AF2C-1691DABA7810" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8280xp-bb:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6C28135D-DA47-4815-9240-EEEE4D42A101" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_ar2_gen_1_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5C1AB7D4-FB11-4020-A4A0-8F40D98C07F1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_ar2_gen_1_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FB6053F0-5E34-458A-B084-078E4D4F4021" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_auto_5g_modem-rf_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "88AF39A5-F44E-4B14-AA6E-4F80D9EEB017" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_auto_5g_modem-rf:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2A25FE8F-555A-4D85-8A94-A808B62EAE86" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_w5\\+_gen_1_wearable_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0C455E7D-D256-4240-BE72-2A93273D685A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_w5\\+_gen_1_wearable_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "423E21A1-8F52-46DA-9AC2-77159FEB6001" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_x50_5g_modem-rf_system_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "69D1567F-D669-4415-9A08-110221EFA6BA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_x50_5g_modem-rf_system:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EF808C56-AD46-4351-9A46-6A2B6AAAB5BB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_x55_5g_modem-rf_system_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AAFF2095-4257-40C9-8C48-B38C143159ED" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_x55_5g_modem-rf_system:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7FEA2F1D-7D07-4684-BDC1-24224A53A8BC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_x65_5g_modem-rf_system_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F74BF53E-DFA1-4750-A638-FE7572B79D16" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_x65_5g_modem-rf_system:-:*:*:*:*:*:*:*", - "matchCriteriaId": "226D1ABD-E4AD-487E-88EB-4C66D51DB33D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_xr2_5g_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1A129620-8241-4A47-AAC8-CC7E10A09C9C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_xr2_5g_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4CEDD78E-124C-4216-9B57-3B7B53463659" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_xr2\\+_gen_1_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BF9740EB-F82E-42EA-993E-A393B05CC6BB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_xr2\\+_gen_1_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "022A5532-03F7-4FB8-BA0D-4221178C9486" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_auto_4g_modem_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3C8F12FE-0057-4A13-9A7F-D12C114ECEF9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_auto_4g_modem:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1271B0C7-2D91-4129-9B58-E6689DD68C39" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ssg2115p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A146E52D-4AFC-47B4-920F-DAC76077DF25" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ssg2115p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2BA4BA00-C8D1-4DAC-8030-CB5EEC7D4591" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ssg2125p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EA41907C-1CDE-42F3-B21D-5D53B2F06AF7" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ssg2125p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EDC270A7-205C-41EB-A2E5-2A381A16BFBB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sw5100_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA1BF9BB-AF11-46A7-A71C-F7D289E76E3F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sw5100:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7B8455D6-287D-4934-8E4D-F4127A9C0449" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sw5100p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DB599A9F-0305-4FE4-8623-0F86630FEDCB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sw5100p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EEB883BF-68B2-4C25-84DC-5DA953BFAA2F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sxr1230p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BE3236D6-0D01-4D05-B580-8888B99BAA5D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sxr1230p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7E1753FC-F3CD-4B50-886D-8E16D9301A84" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sxr2130_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9F9FA3B1-E4E4-4D9B-A99C-7BF958D4B993" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sxr2130:-:*:*:*:*:*:*:*", - "matchCriteriaId": "95762B01-2762-45BD-8388-5DB77EA6139C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sxr2230p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CD6444F6-A477-4B4C-8A09-C22C47CCE45B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sxr2230p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F3E20681-4FC4-46E2-AF77-BCF03BC8E77E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9326_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3A2FAD34-B7C5-400A-8575-A12CDE65ACBE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9326:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5A39A2E5-6D8D-4F6E-98CB-96DB1975A4BC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9335_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "28717583-463A-468A-8073-ECF0F90585F6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9335:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4D1A7188-7D5D-4D46-AEAB-08BA84FFF539" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9340_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8BA28CC6-C8BB-4F50-BFE3-A59F664A4F54" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9340:-:*:*:*:*:*:*:*", - "matchCriteriaId": "94D2BDF1-764C-48BA-8944-3275E8768078" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9341_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CE852339-1CAE-4983-9757-8F00EDEF1141" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9341:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4D9E96B3-F1BB-46F8-B715-7DF90180F1E1" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9360_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C4D6C6B2-36DC-4D0D-AFF8-2108A090A78D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9360:-:*:*:*:*:*:*:*", - "matchCriteriaId": "28FEB3B1-F641-436D-AC4F-3304C37167C4" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1295D869-F4DD-4766-B4AA-3513752F43B4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9370:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B98784DC-3143-4D38-AD28-DBBDCCAB4272" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9375_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "34143ABA-7D09-429F-A65C-3A33438BF62C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9375:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9D56DFE3-5EF1-4B23-BBD5-0203FBF9CCEC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "70292B01-617F-44AD-AF77-1AFC1450523D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FA94C6D6-85DB-4031-AAF4-C399019AE16D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "92B17201-8185-47F1-9720-5AB4ECD11B22" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E1FA2EB9-416F-4D69-8786-386CC73978AE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3910_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9F0D7B24-D567-479A-B4F1-595FAA053418" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3910:-:*:*:*:*:*:*:*", - "matchCriteriaId": "33A8FAA1-F824-4561-9CCC-7F0DF12F740F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3950_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3FEF2DB6-00F5-4B07-953B-EF58B31267F1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3950:-:*:*:*:*:*:*:*", - "matchCriteriaId": "120E8F0F-EBEB-4565-9927-2D473F783EF7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9C6E9038-9B18-4958-BE1E-215901C9B4B2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3980:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B36D3274-F8D0-49C5-A6D5-95F5DC6D1950" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3988_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E4BFB25F-013B-48E3-99FF-3E8687F94423" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3988:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BF676C5B-838B-446C-A689-6A25AB8A87E2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3990_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2744A053-5BD9-45A9-A2FC-791BCA0CCD4C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3990:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D5F28E29-520F-469E-B048-62DE2EF07ADD" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn6740_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FB5DB2B8-25E1-4C0F-8AFB-7627FF9A04E1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn6740:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9BB21B3F-6D07-4B45-8A71-DC5490176296" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "15307882-7039-43E9-9BA3-035045988B99" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA85B322-E593-4499-829A-CC6D70BAE884" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E839A0B9-64C3-4C7A-82B7-D2AAF65928F8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7E870D82-DE3B-4199-A730-C8FB545BAA98" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "11B69595-E488-4590-A150-CE5BE08B5E13" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BF680174-5FA6-47D9-8EAB-CC2A37A7BD42" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7ACAD26E-B79E-4659-91A5-D301281F7D36" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8832:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F0E46DA6-9494-4D92-A4AE-A272AF6ACCCC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F80BC68E-7476-4A40-9F48-53722FE9A5BF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6B36F4B2-BAA3-45AD-9967-0EB482C99708" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.qualcomm.com\/company\/product-security\/bulletins\/september-2023-bulletin", - "source": "product-security@qualcomm.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2022-40524", - "sourceIdentifier": "product-security@qualcomm.com", - "published": "2023-09-05T07:15:12.073", - "lastModified": "2024-04-12T17:16:35.367", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Memory corruption due to buffer over-read in Modem while processing SetNativeHandle RTP service." - }, - { - "lang": "es", - "value": "Corrupción de la memoria debido a una lectura excesiva del búfer en Modem mientras se procesa el servicio RTP SetNativeHandle." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - }, - { - "source": "product-security@qualcomm.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:H\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 6.7, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 0.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-125" - } - ] - }, - { - "source": "product-security@qualcomm.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-126" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:aqt1000_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EC6FCE91-BF38-49ED-8FFB-429BAFEE7832" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:aqt1000:-:*:*:*:*:*:*:*", - "matchCriteriaId": "715A9F94-5F9E-45E5-B07B-699410C01478" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6390_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "96FBD6DF-F174-4690-AA3D-1E8974E3627F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6390:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A3BF86E1-3FAC-4A42-8C01-5944C6C30AE5" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6391_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "83B53119-1B2F-4978-B7F5-33B84BE73B68" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6391:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6FEBC0C5-CAA1-475C-96C2-B8D24B2E4536" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6420_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7E16994A-6DBA-426C-ADD2-B1E8B49FEDBF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6420:-:*:*:*:*:*:*:*", - "matchCriteriaId": "47E674DE-55AB-44E5-8E00-C804FC9D4DC0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6426_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A344E78F-D15A-460E-8EF8-7C6FC39F2D5E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6426:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8FF5EC23-4884-4C2B-8E77-50B1E8E28A3D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6430_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "95AFC483-1468-43FC-96FA-A56165C290E0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6430:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0A963FDF-6FF4-4F48-834E-2A14D241716D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6436_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "04F574BC-9AB2-4B83-A466-556ECEBBD3DF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6436:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A34D021D-C043-4EFD-9AB3-B2174528CBA3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6574au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D527E2B1-2A46-4FBA-9F7A-F5543677C8FB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6574au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8374DDB3-D484-4141-AE0C-42333D2721F6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6595au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "288F637F-22F8-47CF-B67F-C798A730A1BD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6595au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D0996EA3-1C92-4933-BE34-9CF625E59FE7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6696_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0AE207DB-9770-40ED-961D-FDA75965826F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6696:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0E23922D-C37F-476F-A623-4C1458A9156F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcc5100_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "58C4A954-9822-4B21-9221-C21031AD4180" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcc5100:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0B1614E0-A51C-47DA-BBE1-89BF538D396E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6145p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C66671C1-AE1A-44BE-9DB2-0B09FF4417DB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6145p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "74AA3929-3F80-4D54-B13A-9B070D5C03BB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6150p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "054F77D6-FC66-4151-9005-DC7ECDB5C722" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6150p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8ED3F589-16D9-46A7-A539-C9862473EE0D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6155p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8DC40C14-3B2D-4E00-9E0F-86E6BDBF2D81" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6155p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0514D433-162C-4680-8912-721D19BE6201" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8145p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A71D74B0-0963-49FD-8E97-148C8993B263" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8145p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "910CBFA4-50F7-4C7A-B9B9-B88C8A919827" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8150p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "69C1B02F-8D2D-42E7-B70D-41F4D9844FD1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8150p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3FEACAA9-C061-4713-9A54-37D8BFC0B00B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8155p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C8648B38-2597-401A-8F53-D582FA911569" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8155p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A01CD59B-8F21-4CD6-8A1A-7B37547A8715" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8195p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "51BC0A66-493B-43BE-B51F-640BDF2FF32E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8195p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D8DA4D12-7ABF-4A04-B44E-E1D68C8E58AB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd855_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "42B30014-95AB-4F24-A7A5-60A907502609" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd855:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F562ED3D-CBE3-4DCC-BFBB-DE0AD2425A9C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd865_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "72433485-B229-46A6-BCA4-394AA4EEA683" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd865_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "04D40EC4-BF31-4BFD-8D0A-8193F541AF02" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd870_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "577B18AC-9892-4373-AC0F-9FD477D64388" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd870:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EAF0EC2E-185F-40D4-AAE7-5F7ED76EC26F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sdx55m_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B726BE34-E18B-4A88-B8E6-778215FD419E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sdx55m:-:*:*:*:*:*:*:*", - "matchCriteriaId": "585B794A-0674-418B-B45B-42EA97C40B9F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sdxr2_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A27D26F2-3D91-40DE-8ABA-8CB03F02D0A2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sdxr2_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "41EE5CAD-014A-4623-A177-154A8D93E01F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sw5100_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA1BF9BB-AF11-46A7-A71C-F7D289E76E3F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sw5100:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7B8455D6-287D-4934-8E4D-F4127A9C0449" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sw5100p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DB599A9F-0305-4FE4-8623-0F86630FEDCB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sw5100p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EEB883BF-68B2-4C25-84DC-5DA953BFAA2F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9341_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CE852339-1CAE-4983-9757-8F00EDEF1141" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9341:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4D9E96B3-F1BB-46F8-B715-7DF90180F1E1" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "70292B01-617F-44AD-AF77-1AFC1450523D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FA94C6D6-85DB-4031-AAF4-C399019AE16D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3660b_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FB37B5DB-2493-4082-B2BF-60385B7E027C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3660b:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6BCD2FE2-11F2-4B2A-9BD7-EB26718139DA" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3680b_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0755F669-6D7E-454A-95DA-D60FA0696FD9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3680b:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BE861CE7-B530-4698-A9BC-43A159647BF2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9C6E9038-9B18-4958-BE1E-215901C9B4B2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3980:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B36D3274-F8D0-49C5-A6D5-95F5DC6D1950" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3988_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E4BFB25F-013B-48E3-99FF-3E8687F94423" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3988:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BF676C5B-838B-446C-A689-6A25AB8A87E2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3998_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "34AB9074-97A3-43F0-B829-CDB4E3066AC4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3998:-:*:*:*:*:*:*:*", - "matchCriteriaId": "362252ED-1DB3-4CF6-86DD-14919826D75E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn6850_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3293739B-53D5-48C1-BC3A-FAA74D6C7954" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn6850:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E650C510-037F-47DB-A486-EBF871C73278" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn6851_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DD031A8D-A48A-4363-8C00-C1FF5458D0FB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn6851:-:*:*:*:*:*:*:*", - "matchCriteriaId": "64F5D7CA-6F31-4842-AC66-EB975C19C83D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "15307882-7039-43E9-9BA3-035045988B99" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA85B322-E593-4499-829A-CC6D70BAE884" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E839A0B9-64C3-4C7A-82B7-D2AAF65928F8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7E870D82-DE3B-4199-A730-C8FB545BAA98" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "11B69595-E488-4590-A150-CE5BE08B5E13" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BF680174-5FA6-47D9-8EAB-CC2A37A7BD42" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F80BC68E-7476-4A40-9F48-53722FE9A5BF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6B36F4B2-BAA3-45AD-9967-0EB482C99708" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.qualcomm.com\/company\/product-security\/bulletins\/september-2023-bulletin", - "source": "product-security@qualcomm.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2022-40534", - "sourceIdentifier": "product-security@qualcomm.com", - "published": "2023-09-05T07:15:12.157", - "lastModified": "2024-04-12T17:16:38.813", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Memory corruption due to improper validation of array index in Audio." - }, - { - "lang": "es", - "value": "Corrupción de memoria debida a una validación incorrecta del índice de matriz en Audio. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - }, - { - "source": "product-security@qualcomm.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.4, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.5, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-129" - } - ] - }, - { - "source": "product-security@qualcomm.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-129" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn685x-5_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2A3CF46D-E1CB-447E-8371-15C3F49B1AA9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn685x-5:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B74FDAF1-82D0-4136-BF97-25C56FCEE77C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn685x-1_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A07C2049-B227-4849-85D0-B53D690C7697" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn685x-1:-:*:*:*:*:*:*:*", - "matchCriteriaId": "88D2DB07-B72B-4D44-A373-0C7EAB35F388" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn785x-1_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C41266FF-5555-4522-AD55-6A7CF8BA33D5" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn785x-1:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9E9C428C-7470-4178-9029-3234086D93F1" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn785x-5_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "04EA12D4-24E2-4FE9-8CD6-06A8E36DEB2F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn785x-5:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2AED978B-0330-4B9B-B662-AA8E9E621996" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_w5\\+_gen_1_wearable_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0C455E7D-D256-4240-BE72-2A93273D685A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_w5\\+_gen_1_wearable_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "423E21A1-8F52-46DA-9AC2-77159FEB6001" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sw5100_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA1BF9BB-AF11-46A7-A71C-F7D289E76E3F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sw5100:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7B8455D6-287D-4934-8E4D-F4127A9C0449" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sw5100p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DB599A9F-0305-4FE4-8623-0F86630FEDCB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sw5100p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EEB883BF-68B2-4C25-84DC-5DA953BFAA2F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sxr2230p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CD6444F6-A477-4B4C-8A09-C22C47CCE45B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sxr2230p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F3E20681-4FC4-46E2-AF77-BCF03BC8E77E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "70292B01-617F-44AD-AF77-1AFC1450523D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FA94C6D6-85DB-4031-AAF4-C399019AE16D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "92B17201-8185-47F1-9720-5AB4ECD11B22" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E1FA2EB9-416F-4D69-8786-386CC73978AE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "11B69595-E488-4590-A150-CE5BE08B5E13" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BF680174-5FA6-47D9-8EAB-CC2A37A7BD42" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7ACAD26E-B79E-4659-91A5-D301281F7D36" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8832:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F0E46DA6-9494-4D92-A4AE-A272AF6ACCCC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F80BC68E-7476-4A40-9F48-53722FE9A5BF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6B36F4B2-BAA3-45AD-9967-0EB482C99708" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.qualcomm.com\/company\/product-security\/bulletins\/september-2023-bulletin", - "source": "product-security@qualcomm.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-21636", - "sourceIdentifier": "product-security@qualcomm.com", - "published": "2023-09-05T07:15:12.247", - "lastModified": "2024-04-12T17:16:44.023", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Memory Corruption due to improper validation of array index in Linux while updating adn record." - }, - { - "lang": "es", - "value": "orrupción de memoria debida a una validación incorrecta del índice de matriz en Linux mientras actualiza el registro adn." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - }, - { - "source": "product-security@qualcomm.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:H\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 6.7, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 0.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-129" - } - ] - }, - { - "source": "product-security@qualcomm.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-129" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:aqt1000_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EC6FCE91-BF38-49ED-8FFB-429BAFEE7832" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:aqt1000:-:*:*:*:*:*:*:*", - "matchCriteriaId": "715A9F94-5F9E-45E5-B07B-699410C01478" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6390_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "96FBD6DF-F174-4690-AA3D-1E8974E3627F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6390:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A3BF86E1-3FAC-4A42-8C01-5944C6C30AE5" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6391_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "83B53119-1B2F-4978-B7F5-33B84BE73B68" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6391:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6FEBC0C5-CAA1-475C-96C2-B8D24B2E4536" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6420_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7E16994A-6DBA-426C-ADD2-B1E8B49FEDBF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6420:-:*:*:*:*:*:*:*", - "matchCriteriaId": "47E674DE-55AB-44E5-8E00-C804FC9D4DC0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6426_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A344E78F-D15A-460E-8EF8-7C6FC39F2D5E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6426:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8FF5EC23-4884-4C2B-8E77-50B1E8E28A3D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6430_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "95AFC483-1468-43FC-96FA-A56165C290E0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6430:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0A963FDF-6FF4-4F48-834E-2A14D241716D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6436_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "04F574BC-9AB2-4B83-A466-556ECEBBD3DF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6436:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A34D021D-C043-4EFD-9AB3-B2174528CBA3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6574a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "828CFB37-76A6-4927-9D00-AF9A1C432DD6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6574a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "11405993-5903-4716-B452-370281034B42" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6574au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D527E2B1-2A46-4FBA-9F7A-F5543677C8FB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6574au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8374DDB3-D484-4141-AE0C-42333D2721F6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6595au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "288F637F-22F8-47CF-B67F-C798A730A1BD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6595au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D0996EA3-1C92-4933-BE34-9CF625E59FE7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6696_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0AE207DB-9770-40ED-961D-FDA75965826F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6696:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0E23922D-C37F-476F-A623-4C1458A9156F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcc5100_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "58C4A954-9822-4B21-9221-C21031AD4180" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcc5100:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0B1614E0-A51C-47DA-BBE1-89BF538D396E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa515m_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "02A2DB6A-7137-4D3D-9D6E-B9B0D0376758" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa515m:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5BE4F498-4C58-4DCC-B7D8-1B461177D083" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6145p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C66671C1-AE1A-44BE-9DB2-0B09FF4417DB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6145p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "74AA3929-3F80-4D54-B13A-9B070D5C03BB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6150p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "054F77D6-FC66-4151-9005-DC7ECDB5C722" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6150p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8ED3F589-16D9-46A7-A539-C9862473EE0D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6155p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8DC40C14-3B2D-4E00-9E0F-86E6BDBF2D81" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6155p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0514D433-162C-4680-8912-721D19BE6201" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8145p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A71D74B0-0963-49FD-8E97-148C8993B263" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8145p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "910CBFA4-50F7-4C7A-B9B9-B88C8A919827" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8150p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "69C1B02F-8D2D-42E7-B70D-41F4D9844FD1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8150p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3FEACAA9-C061-4713-9A54-37D8BFC0B00B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8155p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C8648B38-2597-401A-8F53-D582FA911569" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8155p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A01CD59B-8F21-4CD6-8A1A-7B37547A8715" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8195p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "51BC0A66-493B-43BE-B51F-640BDF2FF32E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8195p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D8DA4D12-7ABF-4A04-B44E-E1D68C8E58AB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd480_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "770F9905-E0A9-43BD-819F-DCF577D02C4F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd480:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FFA522F2-6A5D-4B8D-8CA3-3394AEDC2E3A" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd695_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "342B019D-CBE6-49C7-84F1-6E83C63F1891" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd695:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E1536231-1573-4385-9659-318C1B797E5B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd855_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "42B30014-95AB-4F24-A7A5-60A907502609" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd855:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F562ED3D-CBE3-4DCC-BFBB-DE0AD2425A9C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd865_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "72433485-B229-46A6-BCA4-394AA4EEA683" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd865_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "04D40EC4-BF31-4BFD-8D0A-8193F541AF02" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd870_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "577B18AC-9892-4373-AC0F-9FD477D64388" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd870:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EAF0EC2E-185F-40D4-AAE7-5F7ED76EC26F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sda429w_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "913796B0-E3FB-4654-89A8-ED72D45A8D4E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sda429w:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6616E0B9-B10F-483C-9B28-0A0557DC3372" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sdx55_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E93FB34B-3674-404D-9687-E092E9A246AB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sdx55:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F3FF5A9A-A34A-499C-B6E0-D67B496C5454" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sdx55m_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B726BE34-E18B-4A88-B8E6-778215FD419E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sdx55m:-:*:*:*:*:*:*:*", - "matchCriteriaId": "585B794A-0674-418B-B45B-42EA97C40B9F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sdxr2_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A27D26F2-3D91-40DE-8ABA-8CB03F02D0A2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sdxr2_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "41EE5CAD-014A-4623-A177-154A8D93E01F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm4375_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "117FAAF8-4E79-4BA8-BF6B-4572C114890F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm4375:-:*:*:*:*:*:*:*", - "matchCriteriaId": "233283A4-193F-430A-8019-EE1B83668E36" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sw5100_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA1BF9BB-AF11-46A7-A71C-F7D289E76E3F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sw5100:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7B8455D6-287D-4934-8E4D-F4127A9C0449" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sw5100p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DB599A9F-0305-4FE4-8623-0F86630FEDCB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sw5100p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EEB883BF-68B2-4C25-84DC-5DA953BFAA2F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9341_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CE852339-1CAE-4983-9757-8F00EDEF1141" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9341:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4D9E96B3-F1BB-46F8-B715-7DF90180F1E1" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9360_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C4D6C6B2-36DC-4D0D-AFF8-2108A090A78D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9360:-:*:*:*:*:*:*:*", - "matchCriteriaId": "28FEB3B1-F641-436D-AC4F-3304C37167C4" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1295D869-F4DD-4766-B4AA-3513752F43B4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9370:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B98784DC-3143-4D38-AD28-DBBDCCAB4272" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9375_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "34143ABA-7D09-429F-A65C-3A33438BF62C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9375:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9D56DFE3-5EF1-4B23-BBD5-0203FBF9CCEC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "70292B01-617F-44AD-AF77-1AFC1450523D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FA94C6D6-85DB-4031-AAF4-C399019AE16D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "92B17201-8185-47F1-9720-5AB4ECD11B22" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E1FA2EB9-416F-4D69-8786-386CC73978AE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3610_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DAFD64E7-3F13-4DCA-8C46-6E8FE0C6F798" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3610:-:*:*:*:*:*:*:*", - "matchCriteriaId": "044A14FB-64F6-4200-AC85-8DC91C31BD16" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3660b_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FB37B5DB-2493-4082-B2BF-60385B7E027C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3660b:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6BCD2FE2-11F2-4B2A-9BD7-EB26718139DA" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3680b_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0755F669-6D7E-454A-95DA-D60FA0696FD9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3680b:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BE861CE7-B530-4698-A9BC-43A159647BF2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9C6E9038-9B18-4958-BE1E-215901C9B4B2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3980:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B36D3274-F8D0-49C5-A6D5-95F5DC6D1950" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3988_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E4BFB25F-013B-48E3-99FF-3E8687F94423" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3988:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BF676C5B-838B-446C-A689-6A25AB8A87E2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3991_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "19013619-9B73-4A4F-B5B2-2A7D9A41D81E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3991:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9523ACC9-9D2F-4A40-9CEF-9A9676176867" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3998_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "34AB9074-97A3-43F0-B829-CDB4E3066AC4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3998:-:*:*:*:*:*:*:*", - "matchCriteriaId": "362252ED-1DB3-4CF6-86DD-14919826D75E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn6850_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3293739B-53D5-48C1-BC3A-FAA74D6C7954" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn6850:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E650C510-037F-47DB-A486-EBF871C73278" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn6851_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DD031A8D-A48A-4363-8C00-C1FF5458D0FB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn6851:-:*:*:*:*:*:*:*", - "matchCriteriaId": "64F5D7CA-6F31-4842-AC66-EB975C19C83D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "15307882-7039-43E9-9BA3-035045988B99" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA85B322-E593-4499-829A-CC6D70BAE884" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E839A0B9-64C3-4C7A-82B7-D2AAF65928F8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7E870D82-DE3B-4199-A730-C8FB545BAA98" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "11B69595-E488-4590-A150-CE5BE08B5E13" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BF680174-5FA6-47D9-8EAB-CC2A37A7BD42" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F80BC68E-7476-4A40-9F48-53722FE9A5BF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6B36F4B2-BAA3-45AD-9967-0EB482C99708" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.qualcomm.com\/company\/product-security\/bulletins\/september-2023-bulletin", - "source": "product-security@qualcomm.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-21644", - "sourceIdentifier": "product-security@qualcomm.com", - "published": "2023-09-05T07:15:12.327", - "lastModified": "2024-04-12T17:16:45.833", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Memory corruption in RIL due to Integer Overflow while triggering qcril_uim_request_apdu request." - }, - { - "lang": "es", - "value": "Corrupción de memoria en RIL debido a un desbordamiento de enteros al lanzar la petición \"qcril_uim_request_apdu request\"." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - }, - { - "source": "product-security@qualcomm.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:H\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 6.7, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 0.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-190" - } - ] - }, - { - "source": "product-security@qualcomm.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-680" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:aqt1000_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EC6FCE91-BF38-49ED-8FFB-429BAFEE7832" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:aqt1000:-:*:*:*:*:*:*:*", - "matchCriteriaId": "715A9F94-5F9E-45E5-B07B-699410C01478" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6390_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "96FBD6DF-F174-4690-AA3D-1E8974E3627F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6390:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A3BF86E1-3FAC-4A42-8C01-5944C6C30AE5" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6391_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "83B53119-1B2F-4978-B7F5-33B84BE73B68" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6391:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6FEBC0C5-CAA1-475C-96C2-B8D24B2E4536" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6420_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7E16994A-6DBA-426C-ADD2-B1E8B49FEDBF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6420:-:*:*:*:*:*:*:*", - "matchCriteriaId": "47E674DE-55AB-44E5-8E00-C804FC9D4DC0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6426_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A344E78F-D15A-460E-8EF8-7C6FC39F2D5E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6426:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8FF5EC23-4884-4C2B-8E77-50B1E8E28A3D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6430_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "95AFC483-1468-43FC-96FA-A56165C290E0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6430:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0A963FDF-6FF4-4F48-834E-2A14D241716D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6436:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A34D021D-C043-4EFD-9AB3-B2174528CBA3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6436_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "04F574BC-9AB2-4B83-A466-556ECEBBD3DF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6574a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "11405993-5903-4716-B452-370281034B42" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6574a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "828CFB37-76A6-4927-9D00-AF9A1C432DD6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6574au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8374DDB3-D484-4141-AE0C-42333D2721F6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6574au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D527E2B1-2A46-4FBA-9F7A-F5543677C8FB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6595au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D0996EA3-1C92-4933-BE34-9CF625E59FE7" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6595au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "288F637F-22F8-47CF-B67F-C798A730A1BD" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6696:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0E23922D-C37F-476F-A623-4C1458A9156F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6696_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0AE207DB-9770-40ED-961D-FDA75965826F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcc5100:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0B1614E0-A51C-47DA-BBE1-89BF538D396E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcc5100_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "58C4A954-9822-4B21-9221-C21031AD4180" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa515m:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5BE4F498-4C58-4DCC-B7D8-1B461177D083" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa515m_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "02A2DB6A-7137-4D3D-9D6E-B9B0D0376758" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6145p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "74AA3929-3F80-4D54-B13A-9B070D5C03BB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6145p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C66671C1-AE1A-44BE-9DB2-0B09FF4417DB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6150p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8ED3F589-16D9-46A7-A539-C9862473EE0D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6150p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "054F77D6-FC66-4151-9005-DC7ECDB5C722" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6155p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0514D433-162C-4680-8912-721D19BE6201" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6155p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8DC40C14-3B2D-4E00-9E0F-86E6BDBF2D81" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8145p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "910CBFA4-50F7-4C7A-B9B9-B88C8A919827" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8145p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A71D74B0-0963-49FD-8E97-148C8993B263" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8150p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3FEACAA9-C061-4713-9A54-37D8BFC0B00B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8150p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "69C1B02F-8D2D-42E7-B70D-41F4D9844FD1" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8155p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C8648B38-2597-401A-8F53-D582FA911569" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8155p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A01CD59B-8F21-4CD6-8A1A-7B37547A8715" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8195p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "51BC0A66-493B-43BE-B51F-640BDF2FF32E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8195p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D8DA4D12-7ABF-4A04-B44E-E1D68C8E58AB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd480_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "770F9905-E0A9-43BD-819F-DCF577D02C4F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd480:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FFA522F2-6A5D-4B8D-8CA3-3394AEDC2E3A" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd695_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "342B019D-CBE6-49C7-84F1-6E83C63F1891" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd695:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E1536231-1573-4385-9659-318C1B797E5B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd855_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "42B30014-95AB-4F24-A7A5-60A907502609" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd855:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F562ED3D-CBE3-4DCC-BFBB-DE0AD2425A9C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd865_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "72433485-B229-46A6-BCA4-394AA4EEA683" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd865_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "04D40EC4-BF31-4BFD-8D0A-8193F541AF02" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd870_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "577B18AC-9892-4373-AC0F-9FD477D64388" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd870:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EAF0EC2E-185F-40D4-AAE7-5F7ED76EC26F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sda429w_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "913796B0-E3FB-4654-89A8-ED72D45A8D4E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sda429w:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6616E0B9-B10F-483C-9B28-0A0557DC3372" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sdx55_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E93FB34B-3674-404D-9687-E092E9A246AB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sdx55:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F3FF5A9A-A34A-499C-B6E0-D67B496C5454" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sdx55m_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B726BE34-E18B-4A88-B8E6-778215FD419E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sdx55m:-:*:*:*:*:*:*:*", - "matchCriteriaId": "585B794A-0674-418B-B45B-42EA97C40B9F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sdxr2_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A27D26F2-3D91-40DE-8ABA-8CB03F02D0A2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sdxr2_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "41EE5CAD-014A-4623-A177-154A8D93E01F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm4375_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "117FAAF8-4E79-4BA8-BF6B-4572C114890F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm4375:-:*:*:*:*:*:*:*", - "matchCriteriaId": "233283A4-193F-430A-8019-EE1B83668E36" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sw5100_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA1BF9BB-AF11-46A7-A71C-F7D289E76E3F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sw5100:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7B8455D6-287D-4934-8E4D-F4127A9C0449" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sw5100p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DB599A9F-0305-4FE4-8623-0F86630FEDCB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sw5100p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EEB883BF-68B2-4C25-84DC-5DA953BFAA2F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9341_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CE852339-1CAE-4983-9757-8F00EDEF1141" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9341:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4D9E96B3-F1BB-46F8-B715-7DF90180F1E1" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9360_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C4D6C6B2-36DC-4D0D-AFF8-2108A090A78D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9360:-:*:*:*:*:*:*:*", - "matchCriteriaId": "28FEB3B1-F641-436D-AC4F-3304C37167C4" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1295D869-F4DD-4766-B4AA-3513752F43B4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9370:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B98784DC-3143-4D38-AD28-DBBDCCAB4272" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9375_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "34143ABA-7D09-429F-A65C-3A33438BF62C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9375:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9D56DFE3-5EF1-4B23-BBD5-0203FBF9CCEC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "70292B01-617F-44AD-AF77-1AFC1450523D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FA94C6D6-85DB-4031-AAF4-C399019AE16D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "92B17201-8185-47F1-9720-5AB4ECD11B22" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E1FA2EB9-416F-4D69-8786-386CC73978AE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3610_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DAFD64E7-3F13-4DCA-8C46-6E8FE0C6F798" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3610:-:*:*:*:*:*:*:*", - "matchCriteriaId": "044A14FB-64F6-4200-AC85-8DC91C31BD16" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3660b_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FB37B5DB-2493-4082-B2BF-60385B7E027C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3660b:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6BCD2FE2-11F2-4B2A-9BD7-EB26718139DA" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3680b_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0755F669-6D7E-454A-95DA-D60FA0696FD9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3680b:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BE861CE7-B530-4698-A9BC-43A159647BF2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9C6E9038-9B18-4958-BE1E-215901C9B4B2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3980:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B36D3274-F8D0-49C5-A6D5-95F5DC6D1950" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3988_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E4BFB25F-013B-48E3-99FF-3E8687F94423" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3988:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BF676C5B-838B-446C-A689-6A25AB8A87E2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3991_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "19013619-9B73-4A4F-B5B2-2A7D9A41D81E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3991:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9523ACC9-9D2F-4A40-9CEF-9A9676176867" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3998_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "34AB9074-97A3-43F0-B829-CDB4E3066AC4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3998:-:*:*:*:*:*:*:*", - "matchCriteriaId": "362252ED-1DB3-4CF6-86DD-14919826D75E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn6850_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3293739B-53D5-48C1-BC3A-FAA74D6C7954" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn6850:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E650C510-037F-47DB-A486-EBF871C73278" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn6851_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DD031A8D-A48A-4363-8C00-C1FF5458D0FB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn6851:-:*:*:*:*:*:*:*", - "matchCriteriaId": "64F5D7CA-6F31-4842-AC66-EB975C19C83D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "15307882-7039-43E9-9BA3-035045988B99" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA85B322-E593-4499-829A-CC6D70BAE884" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E839A0B9-64C3-4C7A-82B7-D2AAF65928F8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7E870D82-DE3B-4199-A730-C8FB545BAA98" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "11B69595-E488-4590-A150-CE5BE08B5E13" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BF680174-5FA6-47D9-8EAB-CC2A37A7BD42" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F80BC68E-7476-4A40-9F48-53722FE9A5BF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6B36F4B2-BAA3-45AD-9967-0EB482C99708" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.qualcomm.com\/company\/product-security\/bulletins\/september-2023-bulletin", - "source": "product-security@qualcomm.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-21646", - "sourceIdentifier": "product-security@qualcomm.com", - "published": "2023-09-05T07:15:12.410", - "lastModified": "2024-04-12T17:16:46.063", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Transient DOS in Modem while processing invalid System Information Block 1." - }, - { - "lang": "es", - "value": "Un ataque de denegación de servicios (DOS) transitorio en Modem cuando se procesa información inválida del sistema Block 1." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:N\/I:N\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "availabilityImpact": "HIGH", - "baseScore": 7.5, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - }, - { - "source": "product-security@qualcomm.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:N\/I:N\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "availabilityImpact": "HIGH", - "baseScore": 7.5, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-617" - } - ] - }, - { - "source": "product-security@qualcomm.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-617" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ar8035_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C88B9C86-2E8E-4DCE-A30C-02977CC00F00" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ar8035:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EE473A5A-5CFC-4F08-A173-30717F8BD0D7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6390_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "96FBD6DF-F174-4690-AA3D-1E8974E3627F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6390:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A3BF86E1-3FAC-4A42-8C01-5944C6C30AE5" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6391_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "83B53119-1B2F-4978-B7F5-33B84BE73B68" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6391:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6FEBC0C5-CAA1-475C-96C2-B8D24B2E4536" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6574a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "828CFB37-76A6-4927-9D00-AF9A1C432DD6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6574a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "11405993-5903-4716-B452-370281034B42" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6595au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "288F637F-22F8-47CF-B67F-C798A730A1BD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6595au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D0996EA3-1C92-4933-BE34-9CF625E59FE7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6696_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0AE207DB-9770-40ED-961D-FDA75965826F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6696:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0E23922D-C37F-476F-A623-4C1458A9156F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8081_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1D1C53DC-D2F3-4C92-9725-9A85340AF026" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8081:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ED0585FF-E390-46E8-8701-70964A4057BB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8337_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2FA8F9DA-1386-4961-B9B2-484E4347852A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8337:-:*:*:*:*:*:*:*", - "matchCriteriaId": "117289C8-7484-4EAE-8F35-A25768F00EED" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcm6490_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ADD6D51E-5787-42A6-8A02-4EBBAFFF9C94" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcm6490:-:*:*:*:*:*:*:*", - "matchCriteriaId": "99AA0291-B822-4CAD-BA17-81B632FC3FEF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6024_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A49DBE04-E2EA-4DA1-B774-A878A71524AC" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6024:-:*:*:*:*:*:*:*", - "matchCriteriaId": "69E98386-3BB2-4E8C-AD00-E05123608439" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9024_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A64CDA49-19BF-413F-A0E0-2B9729E45E25" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9024:-:*:*:*:*:*:*:*", - "matchCriteriaId": "345CCD64-C09E-407D-AAA2-311C4CCFE24F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs6490_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "403AE561-6C9E-49F3-A5D6-C48DDD51D663" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs6490:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6FAC140F-FC5E-4C88-B777-7F5EBF49A695" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcx315_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D439DCCE-57AB-4C87-9C91-517A81341825" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcx315:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EA6C1487-0206-46BF-BF5D-21752F4262EA" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa515m_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "02A2DB6A-7137-4D3D-9D6E-B9B0D0376758" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa515m:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5BE4F498-4C58-4DCC-B7D8-1B461177D083" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm8450_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A38C0AFD-D666-423C-8903-BB026965D97C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm8450:-:*:*:*:*:*:*:*", - "matchCriteriaId": "59DBE92C-D428-4952-B94F-B46B3A627DFD" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd480_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "770F9905-E0A9-43BD-819F-DCF577D02C4F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd480:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FFA522F2-6A5D-4B8D-8CA3-3394AEDC2E3A" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd690_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A7EFE86D-A9B6-462C-BAD7-16E366A62344" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd690_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C1558857-DC78-4F88-9DB1-7474DD341D80" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd695_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "342B019D-CBE6-49C7-84F1-6E83C63F1891" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd695:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E1536231-1573-4385-9659-318C1B797E5B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd765_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C27A1EE0-EACE-4516-8423-A404E007DEC6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd765:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CF1560D8-14F6-4FD8-B83A-2023BB792065" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd765g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "40CAEB7F-1E1A-43CC-8663-171108DA27D0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd765g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CDE196A0-AB55-4A5B-A1D6-630706310163" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd768g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7E170AD8-2723-42AA-9350-344874C4AC8A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd768g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "13D505D9-E00B-4934-AD85-E5EA2921FD50" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd778g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "13286F2B-0FD1-474A-A632-1AA19B110536" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd778g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F6EA3F98-0F45-44D3-9305-4F548B437011" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd780g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2D52BC3A-6822-43B9-8CEA-2659481A9BA0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd780g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CC954854-0407-402B-8013-FAF53F1F5DC7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd865_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "72433485-B229-46A6-BCA4-394AA4EEA683" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd865_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "04D40EC4-BF31-4BFD-8D0A-8193F541AF02" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd870_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "577B18AC-9892-4373-AC0F-9FD477D64388" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd870:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EAF0EC2E-185F-40D4-AAE7-5F7ED76EC26F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd888_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B991D515-9072-488F-B338-D7776C70FB62" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd888_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3F65BF0A-CC8F-4A4B-9FD4-7FC7066424F6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sdx55_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E93FB34B-3674-404D-9687-E092E9A246AB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sdx55:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F3FF5A9A-A34A-499C-B6E0-D67B496C5454" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sdx55m_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B726BE34-E18B-4A88-B8E6-778215FD419E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sdx55m:-:*:*:*:*:*:*:*", - "matchCriteriaId": "585B794A-0674-418B-B45B-42EA97C40B9F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sdx65_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "223C2F4C-874E-4A44-9CCE-21CD8466F3B8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sdx65:-:*:*:*:*:*:*:*", - "matchCriteriaId": "39F6935C-DA92-4B1E-B5D3-C9489D520AE0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sdx70m_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D63AC620-8D09-4444-9D89-44A1A23E891C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sdx70m:-:*:*:*:*:*:*:*", - "matchCriteriaId": "92C6D0EC-44E5-4D87-AD5F-96C366EDCF1E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm7250p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "76DB5472-DF51-4144-8A69-9B231CF782DA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm7250p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1D395018-251C-45AA-9EE8-A638CAB0B508" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm7325p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4BEC725F-19B1-4078-B13D-CE624BE23344" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm7325p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4EA43E38-A12D-49C3-B05C-A2AF07ED2710" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm4375_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "117FAAF8-4E79-4BA8-BF6B-4572C114890F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm4375:-:*:*:*:*:*:*:*", - "matchCriteriaId": "233283A4-193F-430A-8019-EE1B83668E36" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9341_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CE852339-1CAE-4983-9757-8F00EDEF1141" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9341:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4D9E96B3-F1BB-46F8-B715-7DF90180F1E1" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9360_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C4D6C6B2-36DC-4D0D-AFF8-2108A090A78D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9360:-:*:*:*:*:*:*:*", - "matchCriteriaId": "28FEB3B1-F641-436D-AC4F-3304C37167C4" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1295D869-F4DD-4766-B4AA-3513752F43B4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9370:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B98784DC-3143-4D38-AD28-DBBDCCAB4272" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9375_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "34143ABA-7D09-429F-A65C-3A33438BF62C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9375:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9D56DFE3-5EF1-4B23-BBD5-0203FBF9CCEC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "70292B01-617F-44AD-AF77-1AFC1450523D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FA94C6D6-85DB-4031-AAF4-C399019AE16D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "92B17201-8185-47F1-9720-5AB4ECD11B22" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E1FA2EB9-416F-4D69-8786-386CC73978AE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3988_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E4BFB25F-013B-48E3-99FF-3E8687F94423" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3988:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BF676C5B-838B-446C-A689-6A25AB8A87E2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3991_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "19013619-9B73-4A4F-B5B2-2A7D9A41D81E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3991:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9523ACC9-9D2F-4A40-9CEF-9A9676176867" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3998_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "34AB9074-97A3-43F0-B829-CDB4E3066AC4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3998:-:*:*:*:*:*:*:*", - "matchCriteriaId": "362252ED-1DB3-4CF6-86DD-14919826D75E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn6740_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FB5DB2B8-25E1-4C0F-8AFB-7627FF9A04E1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn6740:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9BB21B3F-6D07-4B45-8A71-DC5490176296" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn6750_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F8EE21BA-7178-4D69-852D-2322844FC6B9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn6750:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E9BACB28-F6EA-445A-B74F-0C3881FE59CB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn6850_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3293739B-53D5-48C1-BC3A-FAA74D6C7954" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn6850:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E650C510-037F-47DB-A486-EBF871C73278" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn6851_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DD031A8D-A48A-4363-8C00-C1FF5458D0FB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn6851:-:*:*:*:*:*:*:*", - "matchCriteriaId": "64F5D7CA-6F31-4842-AC66-EB975C19C83D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn6855_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "180EB150-C114-429D-941F-9B99CDA4F810" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn6855:-:*:*:*:*:*:*:*", - "matchCriteriaId": "93BA62AF-3555-463A-8B51-76F07BF0B87E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn6856_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "54C616C5-6480-4FE0-9A1C-08026CCB08D8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn6856:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7D8E02BA-3A7E-4B13-A8D7-20FD0FAE3187" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn7850_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "16EB11D8-27A3-4D04-B863-7FD4549D0BCD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn7850:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CF9B5B84-3C57-4D3D-AFF0-958A19DE09E8" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn7851_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2FFC44DC-DA90-45F5-ACC1-5262D3E3A796" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn7851:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EE9D9A56-2157-43F0-BB18-2B7249D7E021" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "15307882-7039-43E9-9BA3-035045988B99" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA85B322-E593-4499-829A-CC6D70BAE884" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E839A0B9-64C3-4C7A-82B7-D2AAF65928F8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7E870D82-DE3B-4199-A730-C8FB545BAA98" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "11B69595-E488-4590-A150-CE5BE08B5E13" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BF680174-5FA6-47D9-8EAB-CC2A37A7BD42" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F80BC68E-7476-4A40-9F48-53722FE9A5BF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6B36F4B2-BAA3-45AD-9967-0EB482C99708" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.qualcomm.com\/company\/product-security\/bulletins\/september-2023-bulletin", - "source": "product-security@qualcomm.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-21653", - "sourceIdentifier": "product-security@qualcomm.com", - "published": "2023-09-05T07:15:12.490", - "lastModified": "2024-04-12T17:16:47.867", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Transient DOS in Modem while processing RRC reconfiguration message." - }, - { - "lang": "es", - "value": "Vulnerabilidad de Denegación de Servicios (DoS) transitorio en Modem durante el procesamiento del mensaje de reconfiguración RRC. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:N\/I:N\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "availabilityImpact": "HIGH", - "baseScore": 7.5, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - }, - { - "source": "product-security@qualcomm.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:N\/I:N\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "availabilityImpact": "HIGH", - "baseScore": 7.5, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-617" - } - ] - }, - { - "source": "product-security@qualcomm.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-617" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ar8035_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C88B9C86-2E8E-4DCE-A30C-02977CC00F00" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ar8035:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EE473A5A-5CFC-4F08-A173-30717F8BD0D7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8081_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1D1C53DC-D2F3-4C92-9725-9A85340AF026" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8081:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ED0585FF-E390-46E8-8701-70964A4057BB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8337_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2FA8F9DA-1386-4961-B9B2-484E4347852A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8337:-:*:*:*:*:*:*:*", - "matchCriteriaId": "117289C8-7484-4EAE-8F35-A25768F00EED" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6024_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A49DBE04-E2EA-4DA1-B774-A878A71524AC" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6024:-:*:*:*:*:*:*:*", - "matchCriteriaId": "69E98386-3BB2-4E8C-AD00-E05123608439" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9024_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A64CDA49-19BF-413F-A0E0-2B9729E45E25" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9024:-:*:*:*:*:*:*:*", - "matchCriteriaId": "345CCD64-C09E-407D-AAA2-311C4CCFE24F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sdx65_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "223C2F4C-874E-4A44-9CCE-21CD8466F3B8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sdx65:-:*:*:*:*:*:*:*", - "matchCriteriaId": "39F6935C-DA92-4B1E-B5D3-C9489D520AE0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sdx70m_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D63AC620-8D09-4444-9D89-44A1A23E891C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sdx70m:-:*:*:*:*:*:*:*", - "matchCriteriaId": "92C6D0EC-44E5-4D87-AD5F-96C366EDCF1E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "70292B01-617F-44AD-AF77-1AFC1450523D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FA94C6D6-85DB-4031-AAF4-C399019AE16D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn6855_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "180EB150-C114-429D-941F-9B99CDA4F810" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn6855:-:*:*:*:*:*:*:*", - "matchCriteriaId": "93BA62AF-3555-463A-8B51-76F07BF0B87E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn6856_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "54C616C5-6480-4FE0-9A1C-08026CCB08D8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn6856:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7D8E02BA-3A7E-4B13-A8D7-20FD0FAE3187" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.qualcomm.com\/company\/product-security\/bulletins\/september-2023-bulletin", - "source": "product-security@qualcomm.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-21654", - "sourceIdentifier": "product-security@qualcomm.com", - "published": "2023-09-05T07:15:12.570", - "lastModified": "2024-04-12T17:16:48.010", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Memory corruption in Audio during playback session with audio effects enabled." - }, - { - "lang": "es", - "value": "Corrupción de la memoria en audio durante la sesión de reproducción con efectos de audio habilitados." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - }, - { - "source": "product-security@qualcomm.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:H\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 6.7, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 0.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-787" - } - ] - }, - { - "source": "product-security@qualcomm.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-119" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:apq8096au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B1F31FFB-982A-4308-82F8-C2480DABDED8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:apq8096au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DD17C0A3-A200-4659-968B-B2DA03CB683F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:aqt1000:-:*:*:*:*:*:*:*", - "matchCriteriaId": "715A9F94-5F9E-45E5-B07B-699410C01478" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:aqt1000_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EC6FCE91-BF38-49ED-8FFB-429BAFEE7832" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:mdm9150:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4EB171B1-D163-4801-A241-8DD7193A5DCB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:mdm9150_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4E2F2D26-2833-45A4-81F0-8E9F338C1E13" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:mdm9628:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F6BD8A1C-D9AB-4BE7-A855-31E58631879C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:mdm9628_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ADC6FBEE-D2FA-4660-A078-D6CE2097653D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:msm8996au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "95CB08EC-AE12-4A54-AA3C-998F01FC8763" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:msm8996au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8CA1E7B0-782B-4757-B118-802943798984" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qam8295p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "44EBEBD5-98C3-493B-A108-FD4DE6FFBE97" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qam8295p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C2D9E281-B382-41AC-84CB-5B1063E5AC51" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6390:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A3BF86E1-3FAC-4A42-8C01-5944C6C30AE5" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6390_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "96FBD6DF-F174-4690-AA3D-1E8974E3627F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6391:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6FEBC0C5-CAA1-475C-96C2-B8D24B2E4536" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6391_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "83B53119-1B2F-4978-B7F5-33B84BE73B68" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6420:-:*:*:*:*:*:*:*", - "matchCriteriaId": "47E674DE-55AB-44E5-8E00-C804FC9D4DC0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6420_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7E16994A-6DBA-426C-ADD2-B1E8B49FEDBF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6426:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8FF5EC23-4884-4C2B-8E77-50B1E8E28A3D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6426_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A344E78F-D15A-460E-8EF8-7C6FC39F2D5E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6430:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0A963FDF-6FF4-4F48-834E-2A14D241716D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6430_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "95AFC483-1468-43FC-96FA-A56165C290E0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6436:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A34D021D-C043-4EFD-9AB3-B2174528CBA3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6436_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "04F574BC-9AB2-4B83-A466-556ECEBBD3DF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6564a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "886124F6-B397-4EB6-8E01-6012E468ABE9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6564a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "93ED74CE-6BF2-4983-8780-07D5336745B3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6564au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B59672A0-2FA6-46CC-B75A-C599B842AFB9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6564au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3847F4A5-90A5-4C84-B43F-0DDD81BD79CE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6574a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "828CFB37-76A6-4927-9D00-AF9A1C432DD6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6574a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "11405993-5903-4716-B452-370281034B42" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6574au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D527E2B1-2A46-4FBA-9F7A-F5543677C8FB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6574au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8374DDB3-D484-4141-AE0C-42333D2721F6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6696_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0AE207DB-9770-40ED-961D-FDA75965826F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6696:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0E23922D-C37F-476F-A623-4C1458A9156F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcc5100_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "58C4A954-9822-4B21-9221-C21031AD4180" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcc5100:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0B1614E0-A51C-47DA-BBE1-89BF538D396E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9074_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "65303C2D-C6BF-47CB-8146-E240CB8BBE42" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9074:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A6B03022-497A-4F42-BB4D-5624EA7DF1B9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs410_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DC43BB27-0516-4750-A4C2-C45298441398" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs410:-:*:*:*:*:*:*:*", - "matchCriteriaId": "969585DE-93D6-4406-A632-D838ECD4D5AD" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs610_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E634F59C-6817-4898-A141-082044E66836" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs610:-:*:*:*:*:*:*:*", - "matchCriteriaId": "29762819-EC90-499C-A8C6-1423DE3FE6B9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qsm8250_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8C194363-7FDE-43C9-B6FE-2BD6B474816F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qsm8250:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B8CC9433-6B33-4B9C-8EC3-BBBB43897E5C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa415m_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D4387DBE-67F7-4E95-A2B0-828211EBDC22" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa415m:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AC798E06-0A2E-4DAD-81D1-9B2FAE6327C0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6145p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C66671C1-AE1A-44BE-9DB2-0B09FF4417DB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6145p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "74AA3929-3F80-4D54-B13A-9B070D5C03BB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6150p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "054F77D6-FC66-4151-9005-DC7ECDB5C722" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6150p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8ED3F589-16D9-46A7-A539-C9862473EE0D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6155p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8DC40C14-3B2D-4E00-9E0F-86E6BDBF2D81" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6155p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0514D433-162C-4680-8912-721D19BE6201" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8145p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A71D74B0-0963-49FD-8E97-148C8993B263" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8145p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "910CBFA4-50F7-4C7A-B9B9-B88C8A919827" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8150p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "69C1B02F-8D2D-42E7-B70D-41F4D9844FD1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8150p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3FEACAA9-C061-4713-9A54-37D8BFC0B00B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8155p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A01CD59B-8F21-4CD6-8A1A-7B37547A8715" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8155p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C8648B38-2597-401A-8F53-D582FA911569" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8195p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D8DA4D12-7ABF-4A04-B44E-E1D68C8E58AB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8195p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "51BC0A66-493B-43BE-B51F-640BDF2FF32E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8295p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F978041A-CE28-4BDF-A7DB-F0360F1A5F14" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8295p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2A19659B-A0C3-44B7-8D54-BA21729873A4" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd855:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F562ED3D-CBE3-4DCC-BFBB-DE0AD2425A9C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd855_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "42B30014-95AB-4F24-A7A5-60A907502609" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd865_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "04D40EC4-BF31-4BFD-8D0A-8193F541AF02" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd865_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "72433485-B229-46A6-BCA4-394AA4EEA683" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd870:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EAF0EC2E-185F-40D4-AAE7-5F7ED76EC26F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd870_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "577B18AC-9892-4373-AC0F-9FD477D64388" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sda429w:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6616E0B9-B10F-483C-9B28-0A0557DC3372" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sda429w_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "913796B0-E3FB-4654-89A8-ED72D45A8D4E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sdx55:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F3FF5A9A-A34A-499C-B6E0-D67B496C5454" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sdx55_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E93FB34B-3674-404D-9687-E092E9A246AB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sdx55m:-:*:*:*:*:*:*:*", - "matchCriteriaId": "585B794A-0674-418B-B45B-42EA97C40B9F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sdx55m_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B726BE34-E18B-4A88-B8E6-778215FD419E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sdxr2_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "41EE5CAD-014A-4623-A177-154A8D93E01F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sdxr2_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A27D26F2-3D91-40DE-8ABA-8CB03F02D0A2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sw5100:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7B8455D6-287D-4934-8E4D-F4127A9C0449" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sw5100_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA1BF9BB-AF11-46A7-A71C-F7D289E76E3F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sw5100p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DB599A9F-0305-4FE4-8623-0F86630FEDCB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sw5100p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EEB883BF-68B2-4C25-84DC-5DA953BFAA2F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9341_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CE852339-1CAE-4983-9757-8F00EDEF1141" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9341:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4D9E96B3-F1BB-46F8-B715-7DF90180F1E1" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1295D869-F4DD-4766-B4AA-3513752F43B4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9370:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B98784DC-3143-4D38-AD28-DBBDCCAB4272" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "70292B01-617F-44AD-AF77-1AFC1450523D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FA94C6D6-85DB-4031-AAF4-C399019AE16D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3610_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DAFD64E7-3F13-4DCA-8C46-6E8FE0C6F798" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3610:-:*:*:*:*:*:*:*", - "matchCriteriaId": "044A14FB-64F6-4200-AC85-8DC91C31BD16" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3660b_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FB37B5DB-2493-4082-B2BF-60385B7E027C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3660b:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6BCD2FE2-11F2-4B2A-9BD7-EB26718139DA" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3680b_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0755F669-6D7E-454A-95DA-D60FA0696FD9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3680b:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BE861CE7-B530-4698-A9BC-43A159647BF2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3950_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3FEF2DB6-00F5-4B07-953B-EF58B31267F1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3950:-:*:*:*:*:*:*:*", - "matchCriteriaId": "120E8F0F-EBEB-4565-9927-2D473F783EF7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9C6E9038-9B18-4958-BE1E-215901C9B4B2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3980:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B36D3274-F8D0-49C5-A6D5-95F5DC6D1950" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3988_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E4BFB25F-013B-48E3-99FF-3E8687F94423" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3988:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BF676C5B-838B-446C-A689-6A25AB8A87E2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3998_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "34AB9074-97A3-43F0-B829-CDB4E3066AC4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3998:-:*:*:*:*:*:*:*", - "matchCriteriaId": "362252ED-1DB3-4CF6-86DD-14919826D75E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn6850_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3293739B-53D5-48C1-BC3A-FAA74D6C7954" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn6850:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E650C510-037F-47DB-A486-EBF871C73278" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn6851_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DD031A8D-A48A-4363-8C00-C1FF5458D0FB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn6851:-:*:*:*:*:*:*:*", - "matchCriteriaId": "64F5D7CA-6F31-4842-AC66-EB975C19C83D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "15307882-7039-43E9-9BA3-035045988B99" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA85B322-E593-4499-829A-CC6D70BAE884" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E839A0B9-64C3-4C7A-82B7-D2AAF65928F8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7E870D82-DE3B-4199-A730-C8FB545BAA98" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "11B69595-E488-4590-A150-CE5BE08B5E13" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BF680174-5FA6-47D9-8EAB-CC2A37A7BD42" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F80BC68E-7476-4A40-9F48-53722FE9A5BF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6B36F4B2-BAA3-45AD-9967-0EB482C99708" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.qualcomm.com\/company\/product-security\/bulletins\/september-2023-bulletin", - "source": "product-security@qualcomm.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-21655", - "sourceIdentifier": "product-security@qualcomm.com", - "published": "2023-09-05T07:15:12.697", - "lastModified": "2024-04-12T17:16:48.177", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Memory corruption in Audio while validating and mapping metadata." - }, - { - "lang": "es", - "value": "Corrupción de memoria en Audio durante la validación y asignación de metadatos. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - }, - { - "source": "product-security@qualcomm.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:H\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 6.7, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 0.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-190" - } - ] - }, - { - "source": "product-security@qualcomm.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-190" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6391_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "83B53119-1B2F-4978-B7F5-33B84BE73B68" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6391:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6FEBC0C5-CAA1-475C-96C2-B8D24B2E4536" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6574au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D527E2B1-2A46-4FBA-9F7A-F5543677C8FB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6574au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8374DDB3-D484-4141-AE0C-42333D2721F6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6696_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0AE207DB-9770-40ED-961D-FDA75965826F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6696:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0E23922D-C37F-476F-A623-4C1458A9156F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcc5100_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "58C4A954-9822-4B21-9221-C21031AD4180" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcc5100:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0B1614E0-A51C-47DA-BBE1-89BF538D396E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6145p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C66671C1-AE1A-44BE-9DB2-0B09FF4417DB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6145p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "74AA3929-3F80-4D54-B13A-9B070D5C03BB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6150p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "054F77D6-FC66-4151-9005-DC7ECDB5C722" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6150p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8ED3F589-16D9-46A7-A539-C9862473EE0D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6155p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8DC40C14-3B2D-4E00-9E0F-86E6BDBF2D81" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6155p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0514D433-162C-4680-8912-721D19BE6201" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8145p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A71D74B0-0963-49FD-8E97-148C8993B263" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8145p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "910CBFA4-50F7-4C7A-B9B9-B88C8A919827" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8150p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "69C1B02F-8D2D-42E7-B70D-41F4D9844FD1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8150p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3FEACAA9-C061-4713-9A54-37D8BFC0B00B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8155p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C8648B38-2597-401A-8F53-D582FA911569" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8155p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A01CD59B-8F21-4CD6-8A1A-7B37547A8715" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8195p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "51BC0A66-493B-43BE-B51F-640BDF2FF32E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8195p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D8DA4D12-7ABF-4A04-B44E-E1D68C8E58AB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd_8_gen1_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "76910884-45D9-4EA2-BA30-44A8C7CC1339" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd_8_gen1_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "33D393A6-4586-4416-86EB-F9D86DC3DED8" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd888_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B991D515-9072-488F-B338-D7776C70FB62" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd888_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3F65BF0A-CC8F-4A4B-9FD4-7FC7066424F6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sda429w_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "913796B0-E3FB-4654-89A8-ED72D45A8D4E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sda429w:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6616E0B9-B10F-483C-9B28-0A0557DC3372" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sw5100_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA1BF9BB-AF11-46A7-A71C-F7D289E76E3F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sw5100:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7B8455D6-287D-4934-8E4D-F4127A9C0449" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sw5100p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DB599A9F-0305-4FE4-8623-0F86630FEDCB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sw5100p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EEB883BF-68B2-4C25-84DC-5DA953BFAA2F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "70292B01-617F-44AD-AF77-1AFC1450523D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FA94C6D6-85DB-4031-AAF4-C399019AE16D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "92B17201-8185-47F1-9720-5AB4ECD11B22" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E1FA2EB9-416F-4D69-8786-386CC73978AE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3610_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DAFD64E7-3F13-4DCA-8C46-6E8FE0C6F798" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3610:-:*:*:*:*:*:*:*", - "matchCriteriaId": "044A14FB-64F6-4200-AC85-8DC91C31BD16" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3660b_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FB37B5DB-2493-4082-B2BF-60385B7E027C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3660b:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6BCD2FE2-11F2-4B2A-9BD7-EB26718139DA" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3680b_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0755F669-6D7E-454A-95DA-D60FA0696FD9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3680b:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BE861CE7-B530-4698-A9BC-43A159647BF2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9C6E9038-9B18-4958-BE1E-215901C9B4B2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3980:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B36D3274-F8D0-49C5-A6D5-95F5DC6D1950" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3988_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E4BFB25F-013B-48E3-99FF-3E8687F94423" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3988:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BF676C5B-838B-446C-A689-6A25AB8A87E2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn6850_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3293739B-53D5-48C1-BC3A-FAA74D6C7954" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn6850:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E650C510-037F-47DB-A486-EBF871C73278" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn6851_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DD031A8D-A48A-4363-8C00-C1FF5458D0FB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn6851:-:*:*:*:*:*:*:*", - "matchCriteriaId": "64F5D7CA-6F31-4842-AC66-EB975C19C83D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn6855_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "180EB150-C114-429D-941F-9B99CDA4F810" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn6855:-:*:*:*:*:*:*:*", - "matchCriteriaId": "93BA62AF-3555-463A-8B51-76F07BF0B87E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn6856_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "54C616C5-6480-4FE0-9A1C-08026CCB08D8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn6856:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7D8E02BA-3A7E-4B13-A8D7-20FD0FAE3187" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn7850_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "16EB11D8-27A3-4D04-B863-7FD4549D0BCD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn7850:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CF9B5B84-3C57-4D3D-AFF0-958A19DE09E8" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn7851_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2FFC44DC-DA90-45F5-ACC1-5262D3E3A796" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn7851:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EE9D9A56-2157-43F0-BB18-2B7249D7E021" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "11B69595-E488-4590-A150-CE5BE08B5E13" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BF680174-5FA6-47D9-8EAB-CC2A37A7BD42" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F80BC68E-7476-4A40-9F48-53722FE9A5BF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6B36F4B2-BAA3-45AD-9967-0EB482C99708" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.qualcomm.com\/company\/product-security\/bulletins\/september-2023-bulletin", - "source": "product-security@qualcomm.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-21662", - "sourceIdentifier": "product-security@qualcomm.com", - "published": "2023-09-05T07:15:12.780", - "lastModified": "2024-04-12T17:16:49.860", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Memory corruption in Core Platform while printing the response buffer in log." - }, - { - "lang": "es", - "value": "Corrupción de la memoria en Core Platform al imprimir el búfer de respuesta en el registro." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - }, - { - "source": "product-security@qualcomm.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-120" - } - ] - }, - { - "source": "product-security@qualcomm.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-120" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:aqt1000_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EC6FCE91-BF38-49ED-8FFB-429BAFEE7832" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:aqt1000:-:*:*:*:*:*:*:*", - "matchCriteriaId": "715A9F94-5F9E-45E5-B07B-699410C01478" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ar8035_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C88B9C86-2E8E-4DCE-A30C-02977CC00F00" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ar8035:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EE473A5A-5CFC-4F08-A173-30717F8BD0D7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:fsm10056_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F0EF47C0-45AA-4B1C-B9E8-A83E5D9938F9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:fsm10056:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A78E2A04-CD5D-4963-A45D-B111DD5E0B44" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq5010_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8543C671-054B-489F-ACFE-B7D7BEC1DEE6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq5010:-:*:*:*:*:*:*:*", - "matchCriteriaId": "15C5F8CB-3291-4E13-94F0-680FC85A9669" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq5018_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9C84001E-B14B-4657-85E1-60FB0AD388AF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq5018:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0E84640A-6848-4C76-96FC-EA349801D440" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq5028_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5AE3085F-59BE-46A0-9A96-65CFAB7DFEAE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq5028:-:*:*:*:*:*:*:*", - "matchCriteriaId": "825524E0-BB01-4CAD-9F65-95E096467D28" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq9008_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "78A6F4F3-0CE3-4A02-B615-63E76C93ADC4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq9008:-:*:*:*:*:*:*:*", - "matchCriteriaId": "31D07608-80F7-44AA-BE91-1F97FC1CE313" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq9574_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0327D8C9-DD6B-4831-BBD4-2EE57A351493" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq9574:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0C866E83-23ED-495C-AA5A-0B01973674BF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qam8295p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C2D9E281-B382-41AC-84CB-5B1063E5AC51" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qam8295p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "44EBEBD5-98C3-493B-A108-FD4DE6FFBE97" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6174a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4FF653D0-15CF-4A10-8D8E-BE56F4DAB890" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6174a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C31FA74C-6659-4457-BC32-257624F43C66" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6310_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "62DC4FBB-D9CB-43EB-829E-0A892306D0E2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6310:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5B0F8ED6-EAE7-44EA-A8C6-F5AD408261F0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6335_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "966CDA56-809F-4FF4-909D-0DD92F44CF67" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6335:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C90747B4-2CC0-4816-A994-58E00F5ADA05" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6390_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "96FBD6DF-F174-4690-AA3D-1E8974E3627F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6390:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A3BF86E1-3FAC-4A42-8C01-5944C6C30AE5" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6391_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "83B53119-1B2F-4978-B7F5-33B84BE73B68" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6391:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6FEBC0C5-CAA1-475C-96C2-B8D24B2E4536" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6420_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7E16994A-6DBA-426C-ADD2-B1E8B49FEDBF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6420:-:*:*:*:*:*:*:*", - "matchCriteriaId": "47E674DE-55AB-44E5-8E00-C804FC9D4DC0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6421_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "503CEDEF-99D0-4432-88A0-295340743606" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6421:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CE9115A0-0D87-49BE-9A9B-091DBF8D9E6E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6426_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A344E78F-D15A-460E-8EF8-7C6FC39F2D5E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6426:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8FF5EC23-4884-4C2B-8E77-50B1E8E28A3D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6430_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "95AFC483-1468-43FC-96FA-A56165C290E0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6430:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0A963FDF-6FF4-4F48-834E-2A14D241716D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6431_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "76FD6A24-B6F4-4C65-968F-AFF90A1A60B8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6431:-:*:*:*:*:*:*:*", - "matchCriteriaId": "34661A30-92C3-4F0D-ABD1-8DA8E928DFF9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6436_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "04F574BC-9AB2-4B83-A466-556ECEBBD3DF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6436:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A34D021D-C043-4EFD-9AB3-B2174528CBA3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6564_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "00FE294D-4BE0-4436-9273-507E760884EC" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6564:-:*:*:*:*:*:*:*", - "matchCriteriaId": "424CB795-58E5-43A4-A2EC-C563D93C5E72" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6564a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "886124F6-B397-4EB6-8E01-6012E468ABE9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6564a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "93ED74CE-6BF2-4983-8780-07D5336745B3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6564au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B59672A0-2FA6-46CC-B75A-C599B842AFB9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6564au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3847F4A5-90A5-4C84-B43F-0DDD81BD79CE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6574_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9B828AC8-4A01-4537-B2BD-8180C99F5C32" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6574:-:*:*:*:*:*:*:*", - "matchCriteriaId": "66C16E1E-9D4A-4F20-B697-833FDCCA86FB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6574a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "828CFB37-76A6-4927-9D00-AF9A1C432DD6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6574a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "11405993-5903-4716-B452-370281034B42" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6574au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D527E2B1-2A46-4FBA-9F7A-F5543677C8FB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6574au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8374DDB3-D484-4141-AE0C-42333D2721F6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6595_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "643EC76D-2836-48E6-81DA-78C4883C33CA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6595:-:*:*:*:*:*:*:*", - "matchCriteriaId": "477F6529-4CE1-44FC-B6EE-D24D44C71AE7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6595au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "288F637F-22F8-47CF-B67F-C798A730A1BD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6595au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D0996EA3-1C92-4933-BE34-9CF625E59FE7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6696_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0AE207DB-9770-40ED-961D-FDA75965826F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6696:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0E23922D-C37F-476F-A623-4C1458A9156F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6698aq_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5FA1F8F4-EAF2-4704-A8A6-19AD3CA1B577" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6698aq:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B3F7853D-09EE-476F-B48D-BB30AEB4A67D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8081_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1D1C53DC-D2F3-4C92-9725-9A85340AF026" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8081:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ED0585FF-E390-46E8-8701-70964A4057BB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8082_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EB1F2E8B-1ED2-473D-AFD8-F2590F6BD414" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8082:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FBDA9657-7D30-41FD-8112-F53E6C69D53A" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8084_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1B9045A8-BA53-43C4-B24D-5EF320DE7A4A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8084:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3D6E8939-AFA3-41AC-B811-BCC282A43106" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8085_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B87335A8-DC52-478E-B19F-0C4CC63132EA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8085:-:*:*:*:*:*:*:*", - "matchCriteriaId": "99C34523-FE2A-4DDC-9A8A-D9072F3D0FD3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8337_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2FA8F9DA-1386-4961-B9B2-484E4347852A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8337:-:*:*:*:*:*:*:*", - "matchCriteriaId": "117289C8-7484-4EAE-8F35-A25768F00EED" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8386_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "08E9E6CB-2216-4AF2-81C2-D482598298BE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8386:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4774FAA6-6141-4B08-819C-58D4D9A2B69F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9377_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C4D2B46E-3996-42FD-B932-09E92C02EC8A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9377:-:*:*:*:*:*:*:*", - "matchCriteriaId": "98E58C63-F253-4DCC-8A14-48FEB64B4C3D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcm6490_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ADD6D51E-5787-42A6-8A02-4EBBAFFF9C94" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcm6490:-:*:*:*:*:*:*:*", - "matchCriteriaId": "99AA0291-B822-4CAD-BA17-81B632FC3FEF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6023_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "63FF89C5-3BBF-4A13-8A3B-F490C2FA1A95" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6023:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6784EC5F-2C26-49C5-9A03-6FD2056C04EF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6024_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A49DBE04-E2EA-4DA1-B774-A878A71524AC" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6024:-:*:*:*:*:*:*:*", - "matchCriteriaId": "69E98386-3BB2-4E8C-AD00-E05123608439" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6122_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1A988BD3-71D8-4F2B-9EC2-8E385B114114" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6122:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1E7049A3-9F35-465F-9B2E-96788E54EC63" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6132_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A59FBBDC-0495-422C-B25A-FFDF94D33C34" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6132:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F6E55C06-45EE-4144-8CBC-4D41DDE4D899" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9000_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5BCCFF8B-4857-439D-BD4A-EB35672F474B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9000:-:*:*:*:*:*:*:*", - "matchCriteriaId": "86896D55-89F5-440B-9082-916E486B65D9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9011_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9306C34D-47E4-40CF-89F4-BA5263655D13" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9011:-:*:*:*:*:*:*:*", - "matchCriteriaId": "02BA009F-24E1-4953-BA95-2A5BC1CDBDBB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9012_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "61F34DD2-9DC0-49E5-BC85-1543EA199477" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9012:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1A06879F-6FE9-448A-8186-8347D76F872B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9022_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "36A10EB2-E7A2-461F-836E-FC38B9428C98" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9022:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A457C1D6-A026-4B5F-9CB1-FA795785A515" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9024_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A64CDA49-19BF-413F-A0E0-2B9729E45E25" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9024:-:*:*:*:*:*:*:*", - "matchCriteriaId": "345CCD64-C09E-407D-AAA2-311C4CCFE24F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9070_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2C10CAAC-FD93-4116-9F0C-E983B3693FAF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9070:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9FEC2402-BA39-49BB-A34C-FF32ED44A158" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9072_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "809FD84D-11C5-4EE3-B830-62CF5F6CB1BC" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9072:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DFD77A52-D53C-424F-9E17-160B710469C3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9074_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "65303C2D-C6BF-47CB-8146-E240CB8BBE42" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9074:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A6B03022-497A-4F42-BB4D-5624EA7DF1B9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9100_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B31EEE9E-CDEC-4E88-B950-3413205E483E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9100:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3E1E341A-7DDD-47E5-BB5F-0666482B41C0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9274_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9129A244-AB8C-4AA4-BFBB-37F84D66BD3E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9274:-:*:*:*:*:*:*:*", - "matchCriteriaId": "41F243A1-3C0B-4780-95BF-69A4E1A91F18" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs603_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2EEFADBF-D751-499B-80E5-C1069E129F18" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs603:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D327FBA1-69B5-467B-9B1B-A0380994D21B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs605_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B05FD66D-13A6-40E9-A64B-E428378F237E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs605:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D0D665C1-3EBA-42F2-BF56-55E6C365F7DF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs6490_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "403AE561-6C9E-49F3-A5D6-C48DDD51D663" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs6490:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6FAC140F-FC5E-4C88-B777-7F5EBF49A695" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs8155_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "487E7EA3-CE9C-4DB9-97D9-A74406C8BC9B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs8155:-:*:*:*:*:*:*:*", - "matchCriteriaId": "644A4FF4-1494-480B-BDBA-22CC13C4E8EF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qrb5165_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "89A1AAD0-9336-4657-8E1E-74E8F490C06E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qrb5165:-:*:*:*:*:*:*:*", - "matchCriteriaId": "386F2F37-974B-40F2-9B23-ABD49C60E32D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qrb5165m_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D9CC1C8B-F642-4068-B9E3-ECE027486E45" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qrb5165m:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A60F8378-B827-4557-B891-A8A02F8F2A25" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qrb5165n_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "97BB1EB7-D194-4FE2-B4F6-A7A52F344DDE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qrb5165n:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA2C90E7-0F3A-43BB-ABF7-63CEA7A85ADA" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qsm8350_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1894F6B9-31DA-44E8-AA28-064F73EBEE8D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qsm8350:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8AA23845-D9F5-4035-8A93-F475D865586F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa4150p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0DC99C0C-8AE3-4918-B91D-2C26990FE931" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa4150p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A558A868-1B67-48D2-8A94-FDEA7126FAE7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa4155p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D8D28764-EF4F-4FB3-B936-B42397450EFD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa4155p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7964A762-467B-47D7-865F-30D48A0AE47C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6145p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C66671C1-AE1A-44BE-9DB2-0B09FF4417DB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6145p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "74AA3929-3F80-4D54-B13A-9B070D5C03BB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6150p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "054F77D6-FC66-4151-9005-DC7ECDB5C722" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6150p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8ED3F589-16D9-46A7-A539-C9862473EE0D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6155_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4C40544E-B040-491C-8DF3-50225E70B50C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6155:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A2DAC85C-CDC9-4784-A69A-147A2CE8A8B2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6155p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8DC40C14-3B2D-4E00-9E0F-86E6BDBF2D81" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6155p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0514D433-162C-4680-8912-721D19BE6201" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8145p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A71D74B0-0963-49FD-8E97-148C8993B263" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8145p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "910CBFA4-50F7-4C7A-B9B9-B88C8A919827" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8150p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "69C1B02F-8D2D-42E7-B70D-41F4D9844FD1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8150p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3FEACAA9-C061-4713-9A54-37D8BFC0B00B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8155_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F33EB594-B0D3-42F2-B1CA-B0E6C9D82C6B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8155:-:*:*:*:*:*:*:*", - "matchCriteriaId": "50EF47E5-2875-412F-815D-44804BB3A739" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8155p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C8648B38-2597-401A-8F53-D582FA911569" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8155p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A01CD59B-8F21-4CD6-8A1A-7B37547A8715" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8195p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "51BC0A66-493B-43BE-B51F-640BDF2FF32E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8195p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D8DA4D12-7ABF-4A04-B44E-E1D68C8E58AB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8295p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2A19659B-A0C3-44B7-8D54-BA21729873A4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8295p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F978041A-CE28-4BDF-A7DB-F0360F1A5F14" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8540p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8FE8B62D-83B4-4326-8A53-FED5947D5FFE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8540p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2D6F8899-136A-4A57-9F02-BD428E1663DA" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa9000p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A024AB04-B213-4018-A4C1-FA467C7BA775" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa9000p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A2A8AB7C-5D34-4794-8C06-2193075B323F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd_675_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3F900C8F-9763-441A-B97E-E5394A68A08A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd_675:-:*:*:*:*:*:*:*", - "matchCriteriaId": "589C1001-E9F6-41A6-BCC8-A94A3C97F2E6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd_8_gen1_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "76910884-45D9-4EA2-BA30-44A8C7CC1339" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd_8_gen1_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "33D393A6-4586-4416-86EB-F9D86DC3DED8" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd_8cx_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A71D1A7C-537F-458B-BA56-A11F95E36EA9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd_8cx:-:*:*:*:*:*:*:*", - "matchCriteriaId": "716DEC4D-D854-44CD-8A14-AA5AFD96809E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd_8cx_gen2_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1AB0A573-CFAF-4DC3-9189-DD6289104F26" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd_8cx_gen2:-:*:*:*:*:*:*:*", - "matchCriteriaId": "43B95761-5932-4D49-9E64-9FA89C6064D2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd_8cx_gen3_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AF04B5E4-D051-4471-886D-4155ED390D7A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd_8cx_gen3:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1C1B8D95-58C8-4259-9B70-C9A9391FBF47" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd660_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3991C516-4FBE-43D8-835F-413FE45BF73E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd660:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D9CF5EBB-B25A-4A76-B522-951F108263CC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd670_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5B8DA94C-23A0-4C99-9F05-144B9B5224B3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd670:-:*:*:*:*:*:*:*", - "matchCriteriaId": "39E10E22-E7CC-41D6-80F3-030083F45645" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd675_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1497D052-884E-496B-BEF8-6904A25125ED" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd675:-:*:*:*:*:*:*:*", - "matchCriteriaId": "589F4888-28F6-4ECA-860E-8054C2A8C419" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd678_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "37279B9A-6074-455A-80E2-80EFC0DD535B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd678:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DC637743-D088-48A2-A0F8-829776DD3065" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd765_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C27A1EE0-EACE-4516-8423-A404E007DEC6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd765:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CF1560D8-14F6-4FD8-B83A-2023BB792065" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd765g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "40CAEB7F-1E1A-43CC-8663-171108DA27D0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd765g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CDE196A0-AB55-4A5B-A1D6-630706310163" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd768g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7E170AD8-2723-42AA-9350-344874C4AC8A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd768g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "13D505D9-E00B-4934-AD85-E5EA2921FD50" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd778g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "13286F2B-0FD1-474A-A632-1AA19B110536" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd778g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F6EA3F98-0F45-44D3-9305-4F548B437011" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd780g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2D52BC3A-6822-43B9-8CEA-2659481A9BA0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd780g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CC954854-0407-402B-8013-FAF53F1F5DC7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd845_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DB222869-9CDB-43B1-8947-954C8C8520B8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd845:-:*:*:*:*:*:*:*", - "matchCriteriaId": "306DAB18-F737-47DE-A47D-C39F1B25D515" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd850_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B1CA3237-5F9A-4490-A66B-853BE9310028" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd850:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B8F3601C-A801-4EBD-BDCC-2B84898DFBEA" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd855_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "42B30014-95AB-4F24-A7A5-60A907502609" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd855:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F562ED3D-CBE3-4DCC-BFBB-DE0AD2425A9C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd865_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "72433485-B229-46A6-BCA4-394AA4EEA683" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd865_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "04D40EC4-BF31-4BFD-8D0A-8193F541AF02" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd870_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "577B18AC-9892-4373-AC0F-9FD477D64388" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd870:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EAF0EC2E-185F-40D4-AAE7-5F7ED76EC26F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd888_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "79219DA5-0D09-4CEF-AEFD-917F269AE7DF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd888:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4D30BACF-71C1-4A6D-8811-9AD708A98307" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd888_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B991D515-9072-488F-B338-D7776C70FB62" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd888_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3F65BF0A-CC8F-4A4B-9FD4-7FC7066424F6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sdx24_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F9BE864E-7B1E-44D5-A10A-60078095DE33" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sdx24:-:*:*:*:*:*:*:*", - "matchCriteriaId": "96DD6B48-2554-464D-A061-DBB4B8E00758" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sdx50m_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "77FE5DEF-CB0F-459D-B5AA-9F45FE24AFD2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sdx50m:-:*:*:*:*:*:*:*", - "matchCriteriaId": "657515D9-D609-4F76-9154-5ACC773A1C70" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sdx55_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E93FB34B-3674-404D-9687-E092E9A246AB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sdx55:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F3FF5A9A-A34A-499C-B6E0-D67B496C5454" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sdx55m_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B726BE34-E18B-4A88-B8E6-778215FD419E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sdx55m:-:*:*:*:*:*:*:*", - "matchCriteriaId": "585B794A-0674-418B-B45B-42EA97C40B9F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sdx57m_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "18431C93-7497-4A2C-9B5A-B9E4C7F88B7D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sdx57m:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0BF0FFBA-73EC-4615-98D2-BA62D67353DB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sdx65_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "223C2F4C-874E-4A44-9CCE-21CD8466F3B8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sdx65:-:*:*:*:*:*:*:*", - "matchCriteriaId": "39F6935C-DA92-4B1E-B5D3-C9489D520AE0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sdx65m_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "08C59BD9-8629-467F-9C1C-F2232C821DDB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sdx65m:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7E7510FC-E89C-4EE4-84AE-8002E48937D2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sdx70m_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D63AC620-8D09-4444-9D89-44A1A23E891C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sdx70m:-:*:*:*:*:*:*:*", - "matchCriteriaId": "92C6D0EC-44E5-4D87-AD5F-96C366EDCF1E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sdxr2_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A27D26F2-3D91-40DE-8ABA-8CB03F02D0A2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sdxr2_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "41EE5CAD-014A-4623-A177-154A8D93E01F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm7250p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "76DB5472-DF51-4144-8A69-9B231CF782DA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm7250p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1D395018-251C-45AA-9EE8-A638CAB0B508" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm7315_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A4508742-7D97-43D8-B8F5-041F4C588723" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm7315:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CF8C63E8-169F-4164-BD49-348ED894813F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm7325p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4BEC725F-19B1-4078-B13D-CE624BE23344" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm7325p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4EA43E38-A12D-49C3-B05C-A2AF07ED2710" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ssg2115p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A146E52D-4AFC-47B4-920F-DAC76077DF25" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ssg2115p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2BA4BA00-C8D1-4DAC-8030-CB5EEC7D4591" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ssg2125p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EA41907C-1CDE-42F3-B21D-5D53B2F06AF7" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ssg2125p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EDC270A7-205C-41EB-A2E5-2A381A16BFBB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sxr1230p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BE3236D6-0D01-4D05-B580-8888B99BAA5D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sxr1230p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7E1753FC-F3CD-4B50-886D-8E16D9301A84" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9326_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3A2FAD34-B7C5-400A-8575-A12CDE65ACBE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9326:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5A39A2E5-6D8D-4F6E-98CB-96DB1975A4BC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9335_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "28717583-463A-468A-8073-ECF0F90585F6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9335:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4D1A7188-7D5D-4D46-AEAB-08BA84FFF539" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9340_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8BA28CC6-C8BB-4F50-BFE3-A59F664A4F54" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9340:-:*:*:*:*:*:*:*", - "matchCriteriaId": "94D2BDF1-764C-48BA-8944-3275E8768078" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9341_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CE852339-1CAE-4983-9757-8F00EDEF1141" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9341:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4D9E96B3-F1BB-46F8-B715-7DF90180F1E1" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1295D869-F4DD-4766-B4AA-3513752F43B4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9370:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B98784DC-3143-4D38-AD28-DBBDCCAB4272" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9375_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "34143ABA-7D09-429F-A65C-3A33438BF62C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9375:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9D56DFE3-5EF1-4B23-BBD5-0203FBF9CCEC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "70292B01-617F-44AD-AF77-1AFC1450523D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FA94C6D6-85DB-4031-AAF4-C399019AE16D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "92B17201-8185-47F1-9720-5AB4ECD11B22" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E1FA2EB9-416F-4D69-8786-386CC73978AE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3950_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3FEF2DB6-00F5-4B07-953B-EF58B31267F1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3950:-:*:*:*:*:*:*:*", - "matchCriteriaId": "120E8F0F-EBEB-4565-9927-2D473F783EF7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9C6E9038-9B18-4958-BE1E-215901C9B4B2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3980:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B36D3274-F8D0-49C5-A6D5-95F5DC6D1950" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3990_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2744A053-5BD9-45A9-A2FC-791BCA0CCD4C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3990:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D5F28E29-520F-469E-B048-62DE2EF07ADD" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3991_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "19013619-9B73-4A4F-B5B2-2A7D9A41D81E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3991:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9523ACC9-9D2F-4A40-9CEF-9A9676176867" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3998_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "34AB9074-97A3-43F0-B829-CDB4E3066AC4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3998:-:*:*:*:*:*:*:*", - "matchCriteriaId": "362252ED-1DB3-4CF6-86DD-14919826D75E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn6740_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FB5DB2B8-25E1-4C0F-8AFB-7627FF9A04E1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn6740:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9BB21B3F-6D07-4B45-8A71-DC5490176296" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn6750_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F8EE21BA-7178-4D69-852D-2322844FC6B9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn6750:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E9BACB28-F6EA-445A-B74F-0C3881FE59CB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn6850_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3293739B-53D5-48C1-BC3A-FAA74D6C7954" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn6850:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E650C510-037F-47DB-A486-EBF871C73278" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn6851_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DD031A8D-A48A-4363-8C00-C1FF5458D0FB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn6851:-:*:*:*:*:*:*:*", - "matchCriteriaId": "64F5D7CA-6F31-4842-AC66-EB975C19C83D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn6855_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "180EB150-C114-429D-941F-9B99CDA4F810" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn6855:-:*:*:*:*:*:*:*", - "matchCriteriaId": "93BA62AF-3555-463A-8B51-76F07BF0B87E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn6856_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "54C616C5-6480-4FE0-9A1C-08026CCB08D8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn6856:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7D8E02BA-3A7E-4B13-A8D7-20FD0FAE3187" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn7850_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "16EB11D8-27A3-4D04-B863-7FD4549D0BCD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn7850:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CF9B5B84-3C57-4D3D-AFF0-958A19DE09E8" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn7851_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2FFC44DC-DA90-45F5-ACC1-5262D3E3A796" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn7851:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EE9D9A56-2157-43F0-BB18-2B7249D7E021" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "15307882-7039-43E9-9BA3-035045988B99" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA85B322-E593-4499-829A-CC6D70BAE884" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E839A0B9-64C3-4C7A-82B7-D2AAF65928F8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7E870D82-DE3B-4199-A730-C8FB545BAA98" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "11B69595-E488-4590-A150-CE5BE08B5E13" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BF680174-5FA6-47D9-8EAB-CC2A37A7BD42" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7ACAD26E-B79E-4659-91A5-D301281F7D36" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8832:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F0E46DA6-9494-4D92-A4AE-A272AF6ACCCC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F80BC68E-7476-4A40-9F48-53722FE9A5BF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6B36F4B2-BAA3-45AD-9967-0EB482C99708" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.qualcomm.com\/company\/product-security\/bulletins\/september-2023-bulletin", - "source": "product-security@qualcomm.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-21663", - "sourceIdentifier": "product-security@qualcomm.com", - "published": "2023-09-05T07:15:12.863", - "lastModified": "2024-04-12T17:16:50.320", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Memory Corruption while accessing metadata in Display." - }, - { - "lang": "es", - "value": "Corrupción de memoria al acceder a metadatos en Display. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - }, - { - "source": "product-security@qualcomm.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:H\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 6.7, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 0.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-787" - } - ] - }, - { - "source": "product-security@qualcomm.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-119" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:aqt1000:-:*:*:*:*:*:*:*", - "matchCriteriaId": "715A9F94-5F9E-45E5-B07B-699410C01478" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:aqt1000_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EC6FCE91-BF38-49ED-8FFB-429BAFEE7832" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6420:-:*:*:*:*:*:*:*", - "matchCriteriaId": "47E674DE-55AB-44E5-8E00-C804FC9D4DC0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6420_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7E16994A-6DBA-426C-ADD2-B1E8B49FEDBF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6430:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0A963FDF-6FF4-4F48-834E-2A14D241716D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6430_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "95AFC483-1468-43FC-96FA-A56165C290E0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6574au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8374DDB3-D484-4141-AE0C-42333D2721F6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6574au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D527E2B1-2A46-4FBA-9F7A-F5543677C8FB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6696:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0E23922D-C37F-476F-A623-4C1458A9156F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6696_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0AE207DB-9770-40ED-961D-FDA75965826F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcc5100:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0B1614E0-A51C-47DA-BBE1-89BF538D396E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcc5100_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "58C4A954-9822-4B21-9221-C21031AD4180" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6145p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "74AA3929-3F80-4D54-B13A-9B070D5C03BB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6145p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C66671C1-AE1A-44BE-9DB2-0B09FF4417DB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6150p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8ED3F589-16D9-46A7-A539-C9862473EE0D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6150p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "054F77D6-FC66-4151-9005-DC7ECDB5C722" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6155p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8DC40C14-3B2D-4E00-9E0F-86E6BDBF2D81" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6155p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0514D433-162C-4680-8912-721D19BE6201" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8145p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A71D74B0-0963-49FD-8E97-148C8993B263" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8145p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "910CBFA4-50F7-4C7A-B9B9-B88C8A919827" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8150p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "69C1B02F-8D2D-42E7-B70D-41F4D9844FD1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8150p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3FEACAA9-C061-4713-9A54-37D8BFC0B00B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8155p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C8648B38-2597-401A-8F53-D582FA911569" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8155p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A01CD59B-8F21-4CD6-8A1A-7B37547A8715" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8195p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D8DA4D12-7ABF-4A04-B44E-E1D68C8E58AB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8195p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "51BC0A66-493B-43BE-B51F-640BDF2FF32E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd_8_gen1_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "76910884-45D9-4EA2-BA30-44A8C7CC1339" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd_8_gen1_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "33D393A6-4586-4416-86EB-F9D86DC3DED8" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd855_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "42B30014-95AB-4F24-A7A5-60A907502609" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd855:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F562ED3D-CBE3-4DCC-BFBB-DE0AD2425A9C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd888_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B991D515-9072-488F-B338-D7776C70FB62" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd888_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3F65BF0A-CC8F-4A4B-9FD4-7FC7066424F6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sda429w_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "913796B0-E3FB-4654-89A8-ED72D45A8D4E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sda429w:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6616E0B9-B10F-483C-9B28-0A0557DC3372" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sw5100_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA1BF9BB-AF11-46A7-A71C-F7D289E76E3F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sw5100:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7B8455D6-287D-4934-8E4D-F4127A9C0449" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sw5100p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DB599A9F-0305-4FE4-8623-0F86630FEDCB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sw5100p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EEB883BF-68B2-4C25-84DC-5DA953BFAA2F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9341_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CE852339-1CAE-4983-9757-8F00EDEF1141" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9341:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4D9E96B3-F1BB-46F8-B715-7DF90180F1E1" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "70292B01-617F-44AD-AF77-1AFC1450523D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FA94C6D6-85DB-4031-AAF4-C399019AE16D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "92B17201-8185-47F1-9720-5AB4ECD11B22" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E1FA2EB9-416F-4D69-8786-386CC73978AE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3610_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DAFD64E7-3F13-4DCA-8C46-6E8FE0C6F798" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3610:-:*:*:*:*:*:*:*", - "matchCriteriaId": "044A14FB-64F6-4200-AC85-8DC91C31BD16" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3660b_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FB37B5DB-2493-4082-B2BF-60385B7E027C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3660b:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6BCD2FE2-11F2-4B2A-9BD7-EB26718139DA" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3680b_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0755F669-6D7E-454A-95DA-D60FA0696FD9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3680b:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BE861CE7-B530-4698-A9BC-43A159647BF2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9C6E9038-9B18-4958-BE1E-215901C9B4B2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3980:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B36D3274-F8D0-49C5-A6D5-95F5DC6D1950" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3988_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E4BFB25F-013B-48E3-99FF-3E8687F94423" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3988:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BF676C5B-838B-446C-A689-6A25AB8A87E2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3998_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "34AB9074-97A3-43F0-B829-CDB4E3066AC4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3998:-:*:*:*:*:*:*:*", - "matchCriteriaId": "362252ED-1DB3-4CF6-86DD-14919826D75E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn6850_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3293739B-53D5-48C1-BC3A-FAA74D6C7954" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn6850:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E650C510-037F-47DB-A486-EBF871C73278" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn6851_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DD031A8D-A48A-4363-8C00-C1FF5458D0FB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn6851:-:*:*:*:*:*:*:*", - "matchCriteriaId": "64F5D7CA-6F31-4842-AC66-EB975C19C83D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn6855_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "180EB150-C114-429D-941F-9B99CDA4F810" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn6855:-:*:*:*:*:*:*:*", - "matchCriteriaId": "93BA62AF-3555-463A-8B51-76F07BF0B87E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn6856_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "54C616C5-6480-4FE0-9A1C-08026CCB08D8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn6856:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7D8E02BA-3A7E-4B13-A8D7-20FD0FAE3187" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn7850_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "16EB11D8-27A3-4D04-B863-7FD4549D0BCD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn7850:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CF9B5B84-3C57-4D3D-AFF0-958A19DE09E8" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn7851_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2FFC44DC-DA90-45F5-ACC1-5262D3E3A796" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn7851:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EE9D9A56-2157-43F0-BB18-2B7249D7E021" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "15307882-7039-43E9-9BA3-035045988B99" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA85B322-E593-4499-829A-CC6D70BAE884" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E839A0B9-64C3-4C7A-82B7-D2AAF65928F8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7E870D82-DE3B-4199-A730-C8FB545BAA98" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "11B69595-E488-4590-A150-CE5BE08B5E13" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BF680174-5FA6-47D9-8EAB-CC2A37A7BD42" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F80BC68E-7476-4A40-9F48-53722FE9A5BF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6B36F4B2-BAA3-45AD-9967-0EB482C99708" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.qualcomm.com\/company\/product-security\/bulletins\/september-2023-bulletin", - "source": "product-security@qualcomm.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-21664", - "sourceIdentifier": "product-security@qualcomm.com", - "published": "2023-09-05T07:15:12.940", - "lastModified": "2024-04-12T17:16:50.480", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Memory Corruption in Core Platform while printing the response buffer in log." - }, - { - "lang": "es", - "value": "Corrupción de la memoria en Core Platform al imprimir el búfer de respuesta en el registro." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - }, - { - "source": "product-security@qualcomm.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-787" - } - ] - }, - { - "source": "product-security@qualcomm.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-120" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:aqt1000_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EC6FCE91-BF38-49ED-8FFB-429BAFEE7832" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:aqt1000:-:*:*:*:*:*:*:*", - "matchCriteriaId": "715A9F94-5F9E-45E5-B07B-699410C01478" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ar8035_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C88B9C86-2E8E-4DCE-A30C-02977CC00F00" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ar8035:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EE473A5A-5CFC-4F08-A173-30717F8BD0D7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:fsm10056_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F0EF47C0-45AA-4B1C-B9E8-A83E5D9938F9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:fsm10056:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A78E2A04-CD5D-4963-A45D-B111DD5E0B44" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq5010_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8543C671-054B-489F-ACFE-B7D7BEC1DEE6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq5010:-:*:*:*:*:*:*:*", - "matchCriteriaId": "15C5F8CB-3291-4E13-94F0-680FC85A9669" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq5018_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9C84001E-B14B-4657-85E1-60FB0AD388AF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq5018:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0E84640A-6848-4C76-96FC-EA349801D440" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq5028_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5AE3085F-59BE-46A0-9A96-65CFAB7DFEAE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq5028:-:*:*:*:*:*:*:*", - "matchCriteriaId": "825524E0-BB01-4CAD-9F65-95E096467D28" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq9008_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "78A6F4F3-0CE3-4A02-B615-63E76C93ADC4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq9008:-:*:*:*:*:*:*:*", - "matchCriteriaId": "31D07608-80F7-44AA-BE91-1F97FC1CE313" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq9574_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0327D8C9-DD6B-4831-BBD4-2EE57A351493" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq9574:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0C866E83-23ED-495C-AA5A-0B01973674BF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qam8295p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C2D9E281-B382-41AC-84CB-5B1063E5AC51" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qam8295p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "44EBEBD5-98C3-493B-A108-FD4DE6FFBE97" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6174a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4FF653D0-15CF-4A10-8D8E-BE56F4DAB890" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6174a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C31FA74C-6659-4457-BC32-257624F43C66" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6310_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "62DC4FBB-D9CB-43EB-829E-0A892306D0E2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6310:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5B0F8ED6-EAE7-44EA-A8C6-F5AD408261F0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6335_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "966CDA56-809F-4FF4-909D-0DD92F44CF67" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6335:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C90747B4-2CC0-4816-A994-58E00F5ADA05" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6390_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "96FBD6DF-F174-4690-AA3D-1E8974E3627F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6390:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A3BF86E1-3FAC-4A42-8C01-5944C6C30AE5" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6391_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "83B53119-1B2F-4978-B7F5-33B84BE73B68" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6391:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6FEBC0C5-CAA1-475C-96C2-B8D24B2E4536" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6420_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7E16994A-6DBA-426C-ADD2-B1E8B49FEDBF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6420:-:*:*:*:*:*:*:*", - "matchCriteriaId": "47E674DE-55AB-44E5-8E00-C804FC9D4DC0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6421_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "503CEDEF-99D0-4432-88A0-295340743606" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6421:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CE9115A0-0D87-49BE-9A9B-091DBF8D9E6E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6426_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A344E78F-D15A-460E-8EF8-7C6FC39F2D5E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6426:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8FF5EC23-4884-4C2B-8E77-50B1E8E28A3D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6430_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "95AFC483-1468-43FC-96FA-A56165C290E0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6430:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0A963FDF-6FF4-4F48-834E-2A14D241716D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6431_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "76FD6A24-B6F4-4C65-968F-AFF90A1A60B8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6431:-:*:*:*:*:*:*:*", - "matchCriteriaId": "34661A30-92C3-4F0D-ABD1-8DA8E928DFF9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6436_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "04F574BC-9AB2-4B83-A466-556ECEBBD3DF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6436:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A34D021D-C043-4EFD-9AB3-B2174528CBA3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6564_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "00FE294D-4BE0-4436-9273-507E760884EC" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6564:-:*:*:*:*:*:*:*", - "matchCriteriaId": "424CB795-58E5-43A4-A2EC-C563D93C5E72" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6564a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "886124F6-B397-4EB6-8E01-6012E468ABE9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6564a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "93ED74CE-6BF2-4983-8780-07D5336745B3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6564au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B59672A0-2FA6-46CC-B75A-C599B842AFB9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6564au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3847F4A5-90A5-4C84-B43F-0DDD81BD79CE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6574_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9B828AC8-4A01-4537-B2BD-8180C99F5C32" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6574:-:*:*:*:*:*:*:*", - "matchCriteriaId": "66C16E1E-9D4A-4F20-B697-833FDCCA86FB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6574a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "828CFB37-76A6-4927-9D00-AF9A1C432DD6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6574a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "11405993-5903-4716-B452-370281034B42" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6574au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D527E2B1-2A46-4FBA-9F7A-F5543677C8FB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6574au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8374DDB3-D484-4141-AE0C-42333D2721F6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6595_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "643EC76D-2836-48E6-81DA-78C4883C33CA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6595:-:*:*:*:*:*:*:*", - "matchCriteriaId": "477F6529-4CE1-44FC-B6EE-D24D44C71AE7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6595au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "288F637F-22F8-47CF-B67F-C798A730A1BD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6595au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D0996EA3-1C92-4933-BE34-9CF625E59FE7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6696_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0AE207DB-9770-40ED-961D-FDA75965826F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6696:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0E23922D-C37F-476F-A623-4C1458A9156F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6698aq_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5FA1F8F4-EAF2-4704-A8A6-19AD3CA1B577" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6698aq:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B3F7853D-09EE-476F-B48D-BB30AEB4A67D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8081_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1D1C53DC-D2F3-4C92-9725-9A85340AF026" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8081:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ED0585FF-E390-46E8-8701-70964A4057BB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8082_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EB1F2E8B-1ED2-473D-AFD8-F2590F6BD414" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8082:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FBDA9657-7D30-41FD-8112-F53E6C69D53A" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8084_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1B9045A8-BA53-43C4-B24D-5EF320DE7A4A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8084:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3D6E8939-AFA3-41AC-B811-BCC282A43106" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8085_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B87335A8-DC52-478E-B19F-0C4CC63132EA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8085:-:*:*:*:*:*:*:*", - "matchCriteriaId": "99C34523-FE2A-4DDC-9A8A-D9072F3D0FD3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8337_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2FA8F9DA-1386-4961-B9B2-484E4347852A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8337:-:*:*:*:*:*:*:*", - "matchCriteriaId": "117289C8-7484-4EAE-8F35-A25768F00EED" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8386_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "08E9E6CB-2216-4AF2-81C2-D482598298BE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8386:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4774FAA6-6141-4B08-819C-58D4D9A2B69F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9377_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C4D2B46E-3996-42FD-B932-09E92C02EC8A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9377:-:*:*:*:*:*:*:*", - "matchCriteriaId": "98E58C63-F253-4DCC-8A14-48FEB64B4C3D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcm6490_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ADD6D51E-5787-42A6-8A02-4EBBAFFF9C94" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcm6490:-:*:*:*:*:*:*:*", - "matchCriteriaId": "99AA0291-B822-4CAD-BA17-81B632FC3FEF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6023_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "63FF89C5-3BBF-4A13-8A3B-F490C2FA1A95" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6023:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6784EC5F-2C26-49C5-9A03-6FD2056C04EF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6024_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A49DBE04-E2EA-4DA1-B774-A878A71524AC" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6024:-:*:*:*:*:*:*:*", - "matchCriteriaId": "69E98386-3BB2-4E8C-AD00-E05123608439" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6122_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1A988BD3-71D8-4F2B-9EC2-8E385B114114" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6122:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1E7049A3-9F35-465F-9B2E-96788E54EC63" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6132_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A59FBBDC-0495-422C-B25A-FFDF94D33C34" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6132:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F6E55C06-45EE-4144-8CBC-4D41DDE4D899" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9000_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5BCCFF8B-4857-439D-BD4A-EB35672F474B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9000:-:*:*:*:*:*:*:*", - "matchCriteriaId": "86896D55-89F5-440B-9082-916E486B65D9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9011_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9306C34D-47E4-40CF-89F4-BA5263655D13" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9011:-:*:*:*:*:*:*:*", - "matchCriteriaId": "02BA009F-24E1-4953-BA95-2A5BC1CDBDBB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9012_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "61F34DD2-9DC0-49E5-BC85-1543EA199477" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9012:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1A06879F-6FE9-448A-8186-8347D76F872B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9022_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "36A10EB2-E7A2-461F-836E-FC38B9428C98" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9022:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A457C1D6-A026-4B5F-9CB1-FA795785A515" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9024_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A64CDA49-19BF-413F-A0E0-2B9729E45E25" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9024:-:*:*:*:*:*:*:*", - "matchCriteriaId": "345CCD64-C09E-407D-AAA2-311C4CCFE24F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9070_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2C10CAAC-FD93-4116-9F0C-E983B3693FAF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9070:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9FEC2402-BA39-49BB-A34C-FF32ED44A158" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9072_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "809FD84D-11C5-4EE3-B830-62CF5F6CB1BC" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9072:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DFD77A52-D53C-424F-9E17-160B710469C3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9074_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "65303C2D-C6BF-47CB-8146-E240CB8BBE42" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9074:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A6B03022-497A-4F42-BB4D-5624EA7DF1B9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9100_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B31EEE9E-CDEC-4E88-B950-3413205E483E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9100:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3E1E341A-7DDD-47E5-BB5F-0666482B41C0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9274_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9129A244-AB8C-4AA4-BFBB-37F84D66BD3E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9274:-:*:*:*:*:*:*:*", - "matchCriteriaId": "41F243A1-3C0B-4780-95BF-69A4E1A91F18" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs603_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2EEFADBF-D751-499B-80E5-C1069E129F18" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs603:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D327FBA1-69B5-467B-9B1B-A0380994D21B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs605_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B05FD66D-13A6-40E9-A64B-E428378F237E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs605:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D0D665C1-3EBA-42F2-BF56-55E6C365F7DF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs6490_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "403AE561-6C9E-49F3-A5D6-C48DDD51D663" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs6490:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6FAC140F-FC5E-4C88-B777-7F5EBF49A695" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs8155_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "487E7EA3-CE9C-4DB9-97D9-A74406C8BC9B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs8155:-:*:*:*:*:*:*:*", - "matchCriteriaId": "644A4FF4-1494-480B-BDBA-22CC13C4E8EF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qrb5165_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "89A1AAD0-9336-4657-8E1E-74E8F490C06E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qrb5165:-:*:*:*:*:*:*:*", - "matchCriteriaId": "386F2F37-974B-40F2-9B23-ABD49C60E32D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qrb5165m_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D9CC1C8B-F642-4068-B9E3-ECE027486E45" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qrb5165m:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A60F8378-B827-4557-B891-A8A02F8F2A25" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qrb5165n_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "97BB1EB7-D194-4FE2-B4F6-A7A52F344DDE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qrb5165n:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA2C90E7-0F3A-43BB-ABF7-63CEA7A85ADA" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qsm8350_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1894F6B9-31DA-44E8-AA28-064F73EBEE8D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qsm8350:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8AA23845-D9F5-4035-8A93-F475D865586F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa4150p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0DC99C0C-8AE3-4918-B91D-2C26990FE931" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa4150p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A558A868-1B67-48D2-8A94-FDEA7126FAE7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa4155p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D8D28764-EF4F-4FB3-B936-B42397450EFD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa4155p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7964A762-467B-47D7-865F-30D48A0AE47C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6145p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C66671C1-AE1A-44BE-9DB2-0B09FF4417DB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6145p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "74AA3929-3F80-4D54-B13A-9B070D5C03BB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6150p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "054F77D6-FC66-4151-9005-DC7ECDB5C722" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6150p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8ED3F589-16D9-46A7-A539-C9862473EE0D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6155_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4C40544E-B040-491C-8DF3-50225E70B50C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6155:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A2DAC85C-CDC9-4784-A69A-147A2CE8A8B2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6155p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8DC40C14-3B2D-4E00-9E0F-86E6BDBF2D81" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6155p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0514D433-162C-4680-8912-721D19BE6201" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8145p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A71D74B0-0963-49FD-8E97-148C8993B263" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8145p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "910CBFA4-50F7-4C7A-B9B9-B88C8A919827" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8150p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "69C1B02F-8D2D-42E7-B70D-41F4D9844FD1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8150p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3FEACAA9-C061-4713-9A54-37D8BFC0B00B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8155_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F33EB594-B0D3-42F2-B1CA-B0E6C9D82C6B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8155:-:*:*:*:*:*:*:*", - "matchCriteriaId": "50EF47E5-2875-412F-815D-44804BB3A739" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8155p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C8648B38-2597-401A-8F53-D582FA911569" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8155p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A01CD59B-8F21-4CD6-8A1A-7B37547A8715" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8195p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "51BC0A66-493B-43BE-B51F-640BDF2FF32E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8195p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D8DA4D12-7ABF-4A04-B44E-E1D68C8E58AB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8295p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2A19659B-A0C3-44B7-8D54-BA21729873A4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8295p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F978041A-CE28-4BDF-A7DB-F0360F1A5F14" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8540p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8FE8B62D-83B4-4326-8A53-FED5947D5FFE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8540p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2D6F8899-136A-4A57-9F02-BD428E1663DA" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa9000p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A024AB04-B213-4018-A4C1-FA467C7BA775" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa9000p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A2A8AB7C-5D34-4794-8C06-2193075B323F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd_675_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3F900C8F-9763-441A-B97E-E5394A68A08A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd_675:-:*:*:*:*:*:*:*", - "matchCriteriaId": "589C1001-E9F6-41A6-BCC8-A94A3C97F2E6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd_8_gen1_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "76910884-45D9-4EA2-BA30-44A8C7CC1339" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd_8_gen1_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "33D393A6-4586-4416-86EB-F9D86DC3DED8" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd_8cx_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A71D1A7C-537F-458B-BA56-A11F95E36EA9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd_8cx:-:*:*:*:*:*:*:*", - "matchCriteriaId": "716DEC4D-D854-44CD-8A14-AA5AFD96809E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd_8cx_gen2_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1AB0A573-CFAF-4DC3-9189-DD6289104F26" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd_8cx_gen2:-:*:*:*:*:*:*:*", - "matchCriteriaId": "43B95761-5932-4D49-9E64-9FA89C6064D2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd_8cx_gen3_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AF04B5E4-D051-4471-886D-4155ED390D7A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd_8cx_gen3:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1C1B8D95-58C8-4259-9B70-C9A9391FBF47" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd660_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3991C516-4FBE-43D8-835F-413FE45BF73E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd660:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D9CF5EBB-B25A-4A76-B522-951F108263CC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd670_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5B8DA94C-23A0-4C99-9F05-144B9B5224B3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd670:-:*:*:*:*:*:*:*", - "matchCriteriaId": "39E10E22-E7CC-41D6-80F3-030083F45645" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd675_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1497D052-884E-496B-BEF8-6904A25125ED" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd675:-:*:*:*:*:*:*:*", - "matchCriteriaId": "589F4888-28F6-4ECA-860E-8054C2A8C419" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd678_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "37279B9A-6074-455A-80E2-80EFC0DD535B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd678:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DC637743-D088-48A2-A0F8-829776DD3065" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd765_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C27A1EE0-EACE-4516-8423-A404E007DEC6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd765:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CF1560D8-14F6-4FD8-B83A-2023BB792065" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd765g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "40CAEB7F-1E1A-43CC-8663-171108DA27D0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd765g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CDE196A0-AB55-4A5B-A1D6-630706310163" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd768g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7E170AD8-2723-42AA-9350-344874C4AC8A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd768g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "13D505D9-E00B-4934-AD85-E5EA2921FD50" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd778g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "13286F2B-0FD1-474A-A632-1AA19B110536" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd778g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F6EA3F98-0F45-44D3-9305-4F548B437011" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd780g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2D52BC3A-6822-43B9-8CEA-2659481A9BA0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd780g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CC954854-0407-402B-8013-FAF53F1F5DC7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd845_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DB222869-9CDB-43B1-8947-954C8C8520B8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd845:-:*:*:*:*:*:*:*", - "matchCriteriaId": "306DAB18-F737-47DE-A47D-C39F1B25D515" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd850_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B1CA3237-5F9A-4490-A66B-853BE9310028" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd850:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B8F3601C-A801-4EBD-BDCC-2B84898DFBEA" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd855_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "42B30014-95AB-4F24-A7A5-60A907502609" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd855:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F562ED3D-CBE3-4DCC-BFBB-DE0AD2425A9C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd865_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "72433485-B229-46A6-BCA4-394AA4EEA683" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd865_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "04D40EC4-BF31-4BFD-8D0A-8193F541AF02" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd870_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "577B18AC-9892-4373-AC0F-9FD477D64388" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd870:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EAF0EC2E-185F-40D4-AAE7-5F7ED76EC26F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd888_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "79219DA5-0D09-4CEF-AEFD-917F269AE7DF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd888:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4D30BACF-71C1-4A6D-8811-9AD708A98307" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd888_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B991D515-9072-488F-B338-D7776C70FB62" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd888_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3F65BF0A-CC8F-4A4B-9FD4-7FC7066424F6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sdx24_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F9BE864E-7B1E-44D5-A10A-60078095DE33" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sdx24:-:*:*:*:*:*:*:*", - "matchCriteriaId": "96DD6B48-2554-464D-A061-DBB4B8E00758" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sdx50m_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "77FE5DEF-CB0F-459D-B5AA-9F45FE24AFD2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sdx50m:-:*:*:*:*:*:*:*", - "matchCriteriaId": "657515D9-D609-4F76-9154-5ACC773A1C70" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sdx55_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E93FB34B-3674-404D-9687-E092E9A246AB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sdx55:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F3FF5A9A-A34A-499C-B6E0-D67B496C5454" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sdx55m_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B726BE34-E18B-4A88-B8E6-778215FD419E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sdx55m:-:*:*:*:*:*:*:*", - "matchCriteriaId": "585B794A-0674-418B-B45B-42EA97C40B9F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sdx57m_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "18431C93-7497-4A2C-9B5A-B9E4C7F88B7D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sdx57m:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0BF0FFBA-73EC-4615-98D2-BA62D67353DB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sdx65_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "223C2F4C-874E-4A44-9CCE-21CD8466F3B8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sdx65:-:*:*:*:*:*:*:*", - "matchCriteriaId": "39F6935C-DA92-4B1E-B5D3-C9489D520AE0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sdx65m_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "08C59BD9-8629-467F-9C1C-F2232C821DDB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sdx65m:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7E7510FC-E89C-4EE4-84AE-8002E48937D2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sdx70m_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D63AC620-8D09-4444-9D89-44A1A23E891C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sdx70m:-:*:*:*:*:*:*:*", - "matchCriteriaId": "92C6D0EC-44E5-4D87-AD5F-96C366EDCF1E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sdxr2_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A27D26F2-3D91-40DE-8ABA-8CB03F02D0A2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sdxr2_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "41EE5CAD-014A-4623-A177-154A8D93E01F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm7250p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "76DB5472-DF51-4144-8A69-9B231CF782DA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm7250p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1D395018-251C-45AA-9EE8-A638CAB0B508" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm7315_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A4508742-7D97-43D8-B8F5-041F4C588723" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm7315:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CF8C63E8-169F-4164-BD49-348ED894813F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm7325p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4BEC725F-19B1-4078-B13D-CE624BE23344" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm7325p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4EA43E38-A12D-49C3-B05C-A2AF07ED2710" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ssg2115p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A146E52D-4AFC-47B4-920F-DAC76077DF25" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ssg2115p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2BA4BA00-C8D1-4DAC-8030-CB5EEC7D4591" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ssg2125p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EA41907C-1CDE-42F3-B21D-5D53B2F06AF7" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ssg2125p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EDC270A7-205C-41EB-A2E5-2A381A16BFBB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sxr1230p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BE3236D6-0D01-4D05-B580-8888B99BAA5D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sxr1230p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7E1753FC-F3CD-4B50-886D-8E16D9301A84" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sxr2230p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CD6444F6-A477-4B4C-8A09-C22C47CCE45B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sxr2230p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F3E20681-4FC4-46E2-AF77-BCF03BC8E77E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9326_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3A2FAD34-B7C5-400A-8575-A12CDE65ACBE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9326:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5A39A2E5-6D8D-4F6E-98CB-96DB1975A4BC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9335_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "28717583-463A-468A-8073-ECF0F90585F6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9335:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4D1A7188-7D5D-4D46-AEAB-08BA84FFF539" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9340_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8BA28CC6-C8BB-4F50-BFE3-A59F664A4F54" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9340:-:*:*:*:*:*:*:*", - "matchCriteriaId": "94D2BDF1-764C-48BA-8944-3275E8768078" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9341_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CE852339-1CAE-4983-9757-8F00EDEF1141" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9341:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4D9E96B3-F1BB-46F8-B715-7DF90180F1E1" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1295D869-F4DD-4766-B4AA-3513752F43B4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9370:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B98784DC-3143-4D38-AD28-DBBDCCAB4272" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9375_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "34143ABA-7D09-429F-A65C-3A33438BF62C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9375:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9D56DFE3-5EF1-4B23-BBD5-0203FBF9CCEC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "70292B01-617F-44AD-AF77-1AFC1450523D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FA94C6D6-85DB-4031-AAF4-C399019AE16D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "92B17201-8185-47F1-9720-5AB4ECD11B22" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E1FA2EB9-416F-4D69-8786-386CC73978AE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3950_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3FEF2DB6-00F5-4B07-953B-EF58B31267F1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3950:-:*:*:*:*:*:*:*", - "matchCriteriaId": "120E8F0F-EBEB-4565-9927-2D473F783EF7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9C6E9038-9B18-4958-BE1E-215901C9B4B2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3980:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B36D3274-F8D0-49C5-A6D5-95F5DC6D1950" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3990_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2744A053-5BD9-45A9-A2FC-791BCA0CCD4C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3990:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D5F28E29-520F-469E-B048-62DE2EF07ADD" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3991_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "19013619-9B73-4A4F-B5B2-2A7D9A41D81E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3991:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9523ACC9-9D2F-4A40-9CEF-9A9676176867" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3998_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "34AB9074-97A3-43F0-B829-CDB4E3066AC4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3998:-:*:*:*:*:*:*:*", - "matchCriteriaId": "362252ED-1DB3-4CF6-86DD-14919826D75E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn6740_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FB5DB2B8-25E1-4C0F-8AFB-7627FF9A04E1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn6740:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9BB21B3F-6D07-4B45-8A71-DC5490176296" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn6750_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F8EE21BA-7178-4D69-852D-2322844FC6B9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn6750:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E9BACB28-F6EA-445A-B74F-0C3881FE59CB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn6850_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3293739B-53D5-48C1-BC3A-FAA74D6C7954" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn6850:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E650C510-037F-47DB-A486-EBF871C73278" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn6851_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DD031A8D-A48A-4363-8C00-C1FF5458D0FB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn6851:-:*:*:*:*:*:*:*", - "matchCriteriaId": "64F5D7CA-6F31-4842-AC66-EB975C19C83D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn6855_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "180EB150-C114-429D-941F-9B99CDA4F810" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn6855:-:*:*:*:*:*:*:*", - "matchCriteriaId": "93BA62AF-3555-463A-8B51-76F07BF0B87E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn6856_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "54C616C5-6480-4FE0-9A1C-08026CCB08D8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn6856:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7D8E02BA-3A7E-4B13-A8D7-20FD0FAE3187" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn7850_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "16EB11D8-27A3-4D04-B863-7FD4549D0BCD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn7850:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CF9B5B84-3C57-4D3D-AFF0-958A19DE09E8" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn7851_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2FFC44DC-DA90-45F5-ACC1-5262D3E3A796" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn7851:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EE9D9A56-2157-43F0-BB18-2B7249D7E021" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "15307882-7039-43E9-9BA3-035045988B99" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA85B322-E593-4499-829A-CC6D70BAE884" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E839A0B9-64C3-4C7A-82B7-D2AAF65928F8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7E870D82-DE3B-4199-A730-C8FB545BAA98" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "11B69595-E488-4590-A150-CE5BE08B5E13" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BF680174-5FA6-47D9-8EAB-CC2A37A7BD42" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7ACAD26E-B79E-4659-91A5-D301281F7D36" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8832:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F0E46DA6-9494-4D92-A4AE-A272AF6ACCCC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F80BC68E-7476-4A40-9F48-53722FE9A5BF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6B36F4B2-BAA3-45AD-9967-0EB482C99708" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.qualcomm.com\/company\/product-security\/bulletins\/september-2023-bulletin", - "source": "product-security@qualcomm.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-21667", - "sourceIdentifier": "product-security@qualcomm.com", - "published": "2023-09-05T07:15:13.020", - "lastModified": "2024-04-12T17:16:51.450", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Transient DOS in Bluetooth HOST while passing descriptor to validate the blacklisted BT keyboard." - }, - { - "lang": "es", - "value": "Vulnerabilidad de denegación de servicios (DoS) transitorio en Bluetooth HOST al pasar el descriptor para validar el teclado BT de la lista negra. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:A\/AC:L\/PR:N\/UI:N\/S:U\/C:N\/I:N\/A:H", - "attackVector": "ADJACENT_NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "availabilityImpact": "HIGH", - "baseScore": 6.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 3.6 - }, - { - "source": "product-security@qualcomm.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:N\/I:N\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "availabilityImpact": "HIGH", - "baseScore": 6.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-125" - } - ] - }, - { - "source": "product-security@qualcomm.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-126" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6390_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "96FBD6DF-F174-4690-AA3D-1E8974E3627F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6390:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A3BF86E1-3FAC-4A42-8C01-5944C6C30AE5" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6391_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "83B53119-1B2F-4978-B7F5-33B84BE73B68" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6391:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6FEBC0C5-CAA1-475C-96C2-B8D24B2E4536" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6426_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A344E78F-D15A-460E-8EF8-7C6FC39F2D5E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6426:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8FF5EC23-4884-4C2B-8E77-50B1E8E28A3D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6436_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "04F574BC-9AB2-4B83-A466-556ECEBBD3DF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6436:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A34D021D-C043-4EFD-9AB3-B2174528CBA3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6574au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D527E2B1-2A46-4FBA-9F7A-F5543677C8FB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6574au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8374DDB3-D484-4141-AE0C-42333D2721F6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6595au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "288F637F-22F8-47CF-B67F-C798A730A1BD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6595au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D0996EA3-1C92-4933-BE34-9CF625E59FE7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6696_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0AE207DB-9770-40ED-961D-FDA75965826F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6696:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0E23922D-C37F-476F-A623-4C1458A9156F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcc5100_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "58C4A954-9822-4B21-9221-C21031AD4180" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcc5100:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0B1614E0-A51C-47DA-BBE1-89BF538D396E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9074_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "65303C2D-C6BF-47CB-8146-E240CB8BBE42" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9074:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A6B03022-497A-4F42-BB4D-5624EA7DF1B9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs410_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DC43BB27-0516-4750-A4C2-C45298441398" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs410:-:*:*:*:*:*:*:*", - "matchCriteriaId": "969585DE-93D6-4406-A632-D838ECD4D5AD" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs610_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E634F59C-6817-4898-A141-082044E66836" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs610:-:*:*:*:*:*:*:*", - "matchCriteriaId": "29762819-EC90-499C-A8C6-1423DE3FE6B9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6145p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C66671C1-AE1A-44BE-9DB2-0B09FF4417DB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6145p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "74AA3929-3F80-4D54-B13A-9B070D5C03BB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6150p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "054F77D6-FC66-4151-9005-DC7ECDB5C722" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6150p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8ED3F589-16D9-46A7-A539-C9862473EE0D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6155p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8DC40C14-3B2D-4E00-9E0F-86E6BDBF2D81" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6155p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0514D433-162C-4680-8912-721D19BE6201" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8145p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A71D74B0-0963-49FD-8E97-148C8993B263" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8145p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "910CBFA4-50F7-4C7A-B9B9-B88C8A919827" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8150p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "69C1B02F-8D2D-42E7-B70D-41F4D9844FD1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8150p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3FEACAA9-C061-4713-9A54-37D8BFC0B00B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8155p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C8648B38-2597-401A-8F53-D582FA911569" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8155p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A01CD59B-8F21-4CD6-8A1A-7B37547A8715" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8195p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "51BC0A66-493B-43BE-B51F-640BDF2FF32E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8195p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D8DA4D12-7ABF-4A04-B44E-E1D68C8E58AB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd_8_gen1_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "76910884-45D9-4EA2-BA30-44A8C7CC1339" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd_8_gen1_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "33D393A6-4586-4416-86EB-F9D86DC3DED8" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd865_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "72433485-B229-46A6-BCA4-394AA4EEA683" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd865_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "04D40EC4-BF31-4BFD-8D0A-8193F541AF02" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd870_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "577B18AC-9892-4373-AC0F-9FD477D64388" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd870:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EAF0EC2E-185F-40D4-AAE7-5F7ED76EC26F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sdx55m_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B726BE34-E18B-4A88-B8E6-778215FD419E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sdx55m:-:*:*:*:*:*:*:*", - "matchCriteriaId": "585B794A-0674-418B-B45B-42EA97C40B9F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sdxr2_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A27D26F2-3D91-40DE-8ABA-8CB03F02D0A2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sdxr2_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "41EE5CAD-014A-4623-A177-154A8D93E01F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sw5100_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA1BF9BB-AF11-46A7-A71C-F7D289E76E3F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sw5100:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7B8455D6-287D-4934-8E4D-F4127A9C0449" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sw5100p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DB599A9F-0305-4FE4-8623-0F86630FEDCB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sw5100p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EEB883BF-68B2-4C25-84DC-5DA953BFAA2F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9341_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CE852339-1CAE-4983-9757-8F00EDEF1141" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9341:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4D9E96B3-F1BB-46F8-B715-7DF90180F1E1" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1295D869-F4DD-4766-B4AA-3513752F43B4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9370:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B98784DC-3143-4D38-AD28-DBBDCCAB4272" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "70292B01-617F-44AD-AF77-1AFC1450523D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FA94C6D6-85DB-4031-AAF4-C399019AE16D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3660b_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FB37B5DB-2493-4082-B2BF-60385B7E027C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3660b:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6BCD2FE2-11F2-4B2A-9BD7-EB26718139DA" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3680b_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0755F669-6D7E-454A-95DA-D60FA0696FD9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3680b:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BE861CE7-B530-4698-A9BC-43A159647BF2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3950_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3FEF2DB6-00F5-4B07-953B-EF58B31267F1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3950:-:*:*:*:*:*:*:*", - "matchCriteriaId": "120E8F0F-EBEB-4565-9927-2D473F783EF7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9C6E9038-9B18-4958-BE1E-215901C9B4B2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3980:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B36D3274-F8D0-49C5-A6D5-95F5DC6D1950" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3988_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E4BFB25F-013B-48E3-99FF-3E8687F94423" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3988:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BF676C5B-838B-446C-A689-6A25AB8A87E2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn6850_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3293739B-53D5-48C1-BC3A-FAA74D6C7954" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn6850:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E650C510-037F-47DB-A486-EBF871C73278" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn6851_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DD031A8D-A48A-4363-8C00-C1FF5458D0FB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn6851:-:*:*:*:*:*:*:*", - "matchCriteriaId": "64F5D7CA-6F31-4842-AC66-EB975C19C83D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn6855_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "180EB150-C114-429D-941F-9B99CDA4F810" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn6855:-:*:*:*:*:*:*:*", - "matchCriteriaId": "93BA62AF-3555-463A-8B51-76F07BF0B87E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn6856_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "54C616C5-6480-4FE0-9A1C-08026CCB08D8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn6856:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7D8E02BA-3A7E-4B13-A8D7-20FD0FAE3187" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn7850_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "16EB11D8-27A3-4D04-B863-7FD4549D0BCD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn7850:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CF9B5B84-3C57-4D3D-AFF0-958A19DE09E8" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn7851_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2FFC44DC-DA90-45F5-ACC1-5262D3E3A796" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn7851:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EE9D9A56-2157-43F0-BB18-2B7249D7E021" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "15307882-7039-43E9-9BA3-035045988B99" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA85B322-E593-4499-829A-CC6D70BAE884" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E839A0B9-64C3-4C7A-82B7-D2AAF65928F8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7E870D82-DE3B-4199-A730-C8FB545BAA98" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "11B69595-E488-4590-A150-CE5BE08B5E13" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BF680174-5FA6-47D9-8EAB-CC2A37A7BD42" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F80BC68E-7476-4A40-9F48-53722FE9A5BF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6B36F4B2-BAA3-45AD-9967-0EB482C99708" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.qualcomm.com\/company\/product-security\/bulletins\/september-2023-bulletin", - "source": "product-security@qualcomm.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-28538", - "sourceIdentifier": "product-security@qualcomm.com", - "published": "2023-09-05T07:15:13.113", - "lastModified": "2024-04-12T17:17:00.820", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Memory corruption in WIN Product while invoking WinAcpi update driver in the UEFI region." - }, - { - "lang": "es", - "value": "Corrupción de la memoria en el producto WIN al invocar el controlador de actualización WinAcpi en la región UEFI.\n" - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - }, - { - "source": "product-security@qualcomm.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.4, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.5, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-787" - } - ] - }, - { - "source": "product-security@qualcomm.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-121" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:aqt1000:-:*:*:*:*:*:*:*", - "matchCriteriaId": "715A9F94-5F9E-45E5-B07B-699410C01478" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:aqt1000_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EC6FCE91-BF38-49ED-8FFB-429BAFEE7832" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:csra6620:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BFCF207D-B8C8-4860-89C7-673C821F0237" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:csra6620_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FA42F2EA-5D00-42B8-B020-C27675B72915" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:csra6640_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A8A35ECF-B12E-42DE-A74B-2C3BE03639A4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:csra6640:-:*:*:*:*:*:*:*", - "matchCriteriaId": "65B283D6-B2D2-49B6-98A8-08EDB54C1F15" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:fastconnect_6200_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CDE1CBDE-3D28-463C-B215-AA7DF373EF09" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:fastconnect_6200:-:*:*:*:*:*:*:*", - "matchCriteriaId": "66BD3B88-7CF9-482D-A2DD-67F6ACF4CC57" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:fastconnect_6800_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D89F035A-2388-48FC-AEBB-8429C6880F4A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:fastconnect_6800:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CA13EF4E-AAE6-45F4-9E41-78310E37CE81" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E670F500-9B71-4BBE-B5DA-221D35803C89" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:fastconnect_6900:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9ADEB5C5-B79A-4F45-B7D3-75945B38DB6C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B3053D68-C5D8-4D47-A4F0-9F3AF2289E1D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:fastconnect_7800:-:*:*:*:*:*:*:*", - "matchCriteriaId": "638DBC7F-456F-487D-BED2-2214DFF8BEE2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:flight_rb5_5g_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AD36089F-92DF-49EC-9C6F-4300E4903CB2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:flight_rb5_5g_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D19A754C-6900-4436-916D-F5361E0BC324" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:fsm10056_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F0EF47C0-45AA-4B1C-B9E8-A83E5D9938F9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:fsm10056:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A78E2A04-CD5D-4963-A45D-B111DD5E0B44" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6174a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4FF653D0-15CF-4A10-8D8E-BE56F4DAB890" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6174a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C31FA74C-6659-4457-BC32-257624F43C66" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6310_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "62DC4FBB-D9CB-43EB-829E-0A892306D0E2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6310:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5B0F8ED6-EAE7-44EA-A8C6-F5AD408261F0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6335_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "966CDA56-809F-4FF4-909D-0DD92F44CF67" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6335:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C90747B4-2CC0-4816-A994-58E00F5ADA05" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6391_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "83B53119-1B2F-4978-B7F5-33B84BE73B68" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6391:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6FEBC0C5-CAA1-475C-96C2-B8D24B2E4536" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6420_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7E16994A-6DBA-426C-ADD2-B1E8B49FEDBF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6420:-:*:*:*:*:*:*:*", - "matchCriteriaId": "47E674DE-55AB-44E5-8E00-C804FC9D4DC0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6421_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "503CEDEF-99D0-4432-88A0-295340743606" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6421:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CE9115A0-0D87-49BE-9A9B-091DBF8D9E6E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6426_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A344E78F-D15A-460E-8EF8-7C6FC39F2D5E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6426:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8FF5EC23-4884-4C2B-8E77-50B1E8E28A3D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6430:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0A963FDF-6FF4-4F48-834E-2A14D241716D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6430_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "95AFC483-1468-43FC-96FA-A56165C290E0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6431:-:*:*:*:*:*:*:*", - "matchCriteriaId": "34661A30-92C3-4F0D-ABD1-8DA8E928DFF9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6431_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "76FD6A24-B6F4-4C65-968F-AFF90A1A60B8" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6436_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "04F574BC-9AB2-4B83-A466-556ECEBBD3DF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6436:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A34D021D-C043-4EFD-9AB3-B2174528CBA3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6564_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "00FE294D-4BE0-4436-9273-507E760884EC" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6564:-:*:*:*:*:*:*:*", - "matchCriteriaId": "424CB795-58E5-43A4-A2EC-C563D93C5E72" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6564a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "886124F6-B397-4EB6-8E01-6012E468ABE9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6564a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "93ED74CE-6BF2-4983-8780-07D5336745B3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6564au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B59672A0-2FA6-46CC-B75A-C599B842AFB9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6564au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3847F4A5-90A5-4C84-B43F-0DDD81BD79CE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6574_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9B828AC8-4A01-4537-B2BD-8180C99F5C32" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6574:-:*:*:*:*:*:*:*", - "matchCriteriaId": "66C16E1E-9D4A-4F20-B697-833FDCCA86FB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6574a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "828CFB37-76A6-4927-9D00-AF9A1C432DD6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6574a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "11405993-5903-4716-B452-370281034B42" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6574au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D527E2B1-2A46-4FBA-9F7A-F5543677C8FB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6574au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8374DDB3-D484-4141-AE0C-42333D2721F6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6595_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "643EC76D-2836-48E6-81DA-78C4883C33CA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6595:-:*:*:*:*:*:*:*", - "matchCriteriaId": "477F6529-4CE1-44FC-B6EE-D24D44C71AE7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6595au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "288F637F-22F8-47CF-B67F-C798A730A1BD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6595au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D0996EA3-1C92-4933-BE34-9CF625E59FE7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6696_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0AE207DB-9770-40ED-961D-FDA75965826F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6696:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0E23922D-C37F-476F-A623-4C1458A9156F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcm2290_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5AB1F0FA-25F3-4304-A3BC-5264E55CC092" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcm2290:-:*:*:*:*:*:*:*", - "matchCriteriaId": "214A053F-D80C-4AD9-B4F1-83384095A3F3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcm4290_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3C7FFB96-53E7-41A2-BC99-7ACD853214A8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcm4290:-:*:*:*:*:*:*:*", - "matchCriteriaId": "74EBA77E-69A5-4145-9BEC-CD39BA132309" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcm4325_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F2D8044B-D4E5-4174-A0FB-478F8434EE8F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcm4325:-:*:*:*:*:*:*:*", - "matchCriteriaId": "163FE96E-DF5B-4B67-8EDE-44A5B9A8492D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcm6125_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AB226552-52D9-44F5-A170-35C44761A72B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcm6125:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FBB16DC4-CDC9-4936-9C6A-0ED8E1F6D056" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn7606_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F466A5BD-1912-4811-9A93-81555F101D46" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn7606:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0F92914E-16F6-4A25-9FEF-FB7CB3377132" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9011_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9306C34D-47E4-40CF-89F4-BA5263655D13" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9011:-:*:*:*:*:*:*:*", - "matchCriteriaId": "02BA009F-24E1-4953-BA95-2A5BC1CDBDBB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9012_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "61F34DD2-9DC0-49E5-BC85-1543EA199477" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9012:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1A06879F-6FE9-448A-8186-8347D76F872B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs2290_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "93CDB7BC-89F2-4482-B8E3-9DDBD918C851" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs2290:-:*:*:*:*:*:*:*", - "matchCriteriaId": "76E03AE9-2485-449B-BCFD-3E452BB01FC6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs410_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DC43BB27-0516-4750-A4C2-C45298441398" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs410:-:*:*:*:*:*:*:*", - "matchCriteriaId": "969585DE-93D6-4406-A632-D838ECD4D5AD" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs4290_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "06789CB9-E6FA-400D-90B6-C2DB6C8EF153" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs4290:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FFCB9F22-57F2-4327-95B9-B2342A02E45E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs610_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E634F59C-6817-4898-A141-082044E66836" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs610:-:*:*:*:*:*:*:*", - "matchCriteriaId": "29762819-EC90-499C-A8C6-1423DE3FE6B9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs6125_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4468EA5D-87B0-4FEC-A3DB-617651B0D169" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs6125:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6DA2C3E1-E285-4CAD-9FA3-813C8EC436F6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs8155_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "487E7EA3-CE9C-4DB9-97D9-A74406C8BC9B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs8155:-:*:*:*:*:*:*:*", - "matchCriteriaId": "644A4FF4-1494-480B-BDBA-22CC13C4E8EF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qrb5165m_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D9CC1C8B-F642-4068-B9E3-ECE027486E45" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qrb5165m:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A60F8378-B827-4557-B891-A8A02F8F2A25" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qrb5165n_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "97BB1EB7-D194-4FE2-B4F6-A7A52F344DDE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qrb5165n:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA2C90E7-0F3A-43BB-ABF7-63CEA7A85ADA" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qsm8250_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8C194363-7FDE-43C9-B6FE-2BD6B474816F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qsm8250:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B8CC9433-6B33-4B9C-8EC3-BBBB43897E5C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qualcomm_robotics_rb3_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3190C4FD-36BE-46F4-AAD9-028105D7A39B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qualcomm_robotics_rb3_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4CE5E237-2F85-4EB3-BB8C-BA11D8F25C5C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qualcomm_robotics_rb5_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "32DBC0A1-B059-4143-B34E-072E58E9A0E2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qualcomm_robotics_rb5_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4EDC9F7D-F6D8-4526-BAB6-22875B40715F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa4150p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0DC99C0C-8AE3-4918-B91D-2C26990FE931" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa4150p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A558A868-1B67-48D2-8A94-FDEA7126FAE7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa4155p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D8D28764-EF4F-4FB3-B936-B42397450EFD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa4155p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7964A762-467B-47D7-865F-30D48A0AE47C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6145p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C66671C1-AE1A-44BE-9DB2-0B09FF4417DB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6145p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "74AA3929-3F80-4D54-B13A-9B070D5C03BB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6150p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "054F77D6-FC66-4151-9005-DC7ECDB5C722" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6150p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8ED3F589-16D9-46A7-A539-C9862473EE0D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6155_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4C40544E-B040-491C-8DF3-50225E70B50C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6155:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A2DAC85C-CDC9-4784-A69A-147A2CE8A8B2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6155p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8DC40C14-3B2D-4E00-9E0F-86E6BDBF2D81" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6155p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0514D433-162C-4680-8912-721D19BE6201" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8145p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A71D74B0-0963-49FD-8E97-148C8993B263" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8145p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "910CBFA4-50F7-4C7A-B9B9-B88C8A919827" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8150p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "69C1B02F-8D2D-42E7-B70D-41F4D9844FD1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8150p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3FEACAA9-C061-4713-9A54-37D8BFC0B00B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8155_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F33EB594-B0D3-42F2-B1CA-B0E6C9D82C6B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8155:-:*:*:*:*:*:*:*", - "matchCriteriaId": "50EF47E5-2875-412F-815D-44804BB3A739" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8155p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C8648B38-2597-401A-8F53-D582FA911569" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8155p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A01CD59B-8F21-4CD6-8A1A-7B37547A8715" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8195p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "51BC0A66-493B-43BE-B51F-640BDF2FF32E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8195p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D8DA4D12-7ABF-4A04-B44E-E1D68C8E58AB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180x\\+sdx55_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C751ABFE-3B9B-472B-A10C-277270790D95" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180x\\+sdx55:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C819454D-D413-478A-B78D-CFF6994803A1" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd_675_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3F900C8F-9763-441A-B97E-E5394A68A08A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd_675:-:*:*:*:*:*:*:*", - "matchCriteriaId": "589C1001-E9F6-41A6-BCC8-A94A3C97F2E6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd_8_gen1_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "76910884-45D9-4EA2-BA30-44A8C7CC1339" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd_8_gen1_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "33D393A6-4586-4416-86EB-F9D86DC3DED8" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd_8cx_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A71D1A7C-537F-458B-BA56-A11F95E36EA9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd_8cx:-:*:*:*:*:*:*:*", - "matchCriteriaId": "716DEC4D-D854-44CD-8A14-AA5AFD96809E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd_8cx_gen2_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1AB0A573-CFAF-4DC3-9189-DD6289104F26" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd_8cx_gen2:-:*:*:*:*:*:*:*", - "matchCriteriaId": "43B95761-5932-4D49-9E64-9FA89C6064D2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd460_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "52036768-810C-40C2-9213-8397A4073703" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd460:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BE8AB22C-54EA-4D61-B6F9-7BC45820D29E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd480_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "770F9905-E0A9-43BD-819F-DCF577D02C4F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd480:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FFA522F2-6A5D-4B8D-8CA3-3394AEDC2E3A" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd662_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C7BE7001-5539-4C5E-A064-6E62023803AE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd662:-:*:*:*:*:*:*:*", - "matchCriteriaId": "06661DAC-5D22-433E-B5EC-486931E265B4" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd665_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A0A472AF-D0EE-4D75-9EFD-9F77FE30C8B2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd665:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E6AE7466-2094-4E1E-BF4C-D3C6A5F6223A" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd670_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5B8DA94C-23A0-4C99-9F05-144B9B5224B3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd670:-:*:*:*:*:*:*:*", - "matchCriteriaId": "39E10E22-E7CC-41D6-80F3-030083F45645" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd675_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1497D052-884E-496B-BEF8-6904A25125ED" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd675:-:*:*:*:*:*:*:*", - "matchCriteriaId": "589F4888-28F6-4ECA-860E-8054C2A8C419" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd678_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "37279B9A-6074-455A-80E2-80EFC0DD535B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd678:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DC637743-D088-48A2-A0F8-829776DD3065" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd680_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "831B1D9D-75E9-4D6E-9F9E-5D9BCA536075" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd680:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C941671F-CC92-407C-AD51-678479BE0E98" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd690_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A7EFE86D-A9B6-462C-BAD7-16E366A62344" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd690_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C1558857-DC78-4F88-9DB1-7474DD341D80" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd695_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "342B019D-CBE6-49C7-84F1-6E83C63F1891" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd695:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E1536231-1573-4385-9659-318C1B797E5B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd710_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E47636D0-81A4-4079-A2E6-42C707B5FF69" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd710:-:*:*:*:*:*:*:*", - "matchCriteriaId": "68596AB6-BE63-4945-BEA0-9E6CA07B8F96" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd712_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "256C29B5-1F7E-4737-ABE9-133744179843" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd712:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F825B3F8-EBAA-454E-87BD-0ACB84630023" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd720g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "21237024-F9FE-4CE4-A536-B6D4D5EF5404" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd720g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2900D4DA-9DEA-4FDE-9C66-DD7F7AB88B94" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd730_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EC4DA7EA-DB81-4C71-A875-2612D8D7D726" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd730:-:*:*:*:*:*:*:*", - "matchCriteriaId": "48F26F64-98D4-420A-8918-E5E56ABA1D47" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd750g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9D74F875-F042-4F2A-8556-1FA875E7BA55" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd750g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "38A29739-DC41-4DEB-8613-26DECA4B4013" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd765_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C27A1EE0-EACE-4516-8423-A404E007DEC6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd765:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CF1560D8-14F6-4FD8-B83A-2023BB792065" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd765g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "40CAEB7F-1E1A-43CC-8663-171108DA27D0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd765g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CDE196A0-AB55-4A5B-A1D6-630706310163" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd768g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7E170AD8-2723-42AA-9350-344874C4AC8A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd768g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "13D505D9-E00B-4934-AD85-E5EA2921FD50" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd7c_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5223B703-AA44-4B04-9ACC-1DD051383C7D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd7c:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A13D6267-1440-415A-A5FF-5A4156481F51" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd845_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DB222869-9CDB-43B1-8947-954C8C8520B8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd845:-:*:*:*:*:*:*:*", - "matchCriteriaId": "306DAB18-F737-47DE-A47D-C39F1B25D515" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd855_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "42B30014-95AB-4F24-A7A5-60A907502609" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd855:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F562ED3D-CBE3-4DCC-BFBB-DE0AD2425A9C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd865_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "72433485-B229-46A6-BCA4-394AA4EEA683" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd865_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "04D40EC4-BF31-4BFD-8D0A-8193F541AF02" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd870_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "577B18AC-9892-4373-AC0F-9FD477D64388" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd870:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EAF0EC2E-185F-40D4-AAE7-5F7ED76EC26F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sdx55_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E93FB34B-3674-404D-9687-E092E9A246AB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sdx55:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F3FF5A9A-A34A-499C-B6E0-D67B496C5454" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sg4150p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9279F02F-6C30-4891-8941-97003DE9C8C7" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sg4150p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FFA7BB42-305C-451F-92D8-0718DF68A012" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm4125_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E2B93301-AFE8-409B-A8C8-6754BE5A0C14" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm4125:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B185412C-177F-48E2-87F9-1269E0FB8E31" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm6250_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FACA2BF1-85D3-447F-A08D-B90330A22550" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm6250:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C2ABA18D-82C1-4366-B1D7-DED42DD3D5C5" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm6250p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E3FB2972-94B6-4716-BA96-4B452BA3990F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm6250p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "57F4F872-094E-4E27-BB89-D8251FAFB713" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm7250p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "76DB5472-DF51-4144-8A69-9B231CF782DA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm7250p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1D395018-251C-45AA-9EE8-A638CAB0B508" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:smart_audio_200_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CE9BAA26-7377-4D96-965C-1CD54FD487B1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:smart_audio_200_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "306C7C27-1363-4FF6-AC71-BB8DB908D058" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_850_mobile_compute_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "355080DC-FC83-45C1-AB1A-21533638C181" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_850_mobile_compute_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5167E425-3B5D-4F79-B6AF-599820BEB33E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_ar2_gen_1_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5C1AB7D4-FB11-4020-A4A0-8F40D98C07F1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_ar2_gen_1_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FB6053F0-5E34-458A-B084-078E4D4F4021" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_w5\\+_gen_1_wearable_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0C455E7D-D256-4240-BE72-2A93273D685A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_w5\\+_gen_1_wearable_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "423E21A1-8F52-46DA-9AC2-77159FEB6001" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_x50_5g_modem-rf_system_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "69D1567F-D669-4415-9A08-110221EFA6BA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_x50_5g_modem-rf_system:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EF808C56-AD46-4351-9A46-6A2B6AAAB5BB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_x55_5g_modem-rf_system_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AAFF2095-4257-40C9-8C48-B38C143159ED" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_x55_5g_modem-rf_system:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7FEA2F1D-7D07-4684-BDC1-24224A53A8BC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_xr1_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A1E1B7FD-39CD-42AB-A113-2AFB25B5F85B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_xr1_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C93EECE3-7A8A-4B58-A674-134040CE43FE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_xr2_5g_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1A129620-8241-4A47-AAC8-CC7E10A09C9C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_xr2_5g_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4CEDD78E-124C-4216-9B57-3B7B53463659" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_xr2\\+_gen_1_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BF9740EB-F82E-42EA-993E-A393B05CC6BB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_xr2\\+_gen_1_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "022A5532-03F7-4FB8-BA0D-4221178C9486" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_4_gen_1_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C57BEA9E-2DAD-47E5-9777-DF835C83FC89" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_4_gen_1:-:*:*:*:*:*:*:*", - "matchCriteriaId": "67E8D5A1-0C4F-4ADE-902E-1768F9C84EDA" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ssg2115p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A146E52D-4AFC-47B4-920F-DAC76077DF25" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ssg2115p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2BA4BA00-C8D1-4DAC-8030-CB5EEC7D4591" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ssg2125p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EA41907C-1CDE-42F3-B21D-5D53B2F06AF7" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ssg2125p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EDC270A7-205C-41EB-A2E5-2A381A16BFBB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sw5100_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA1BF9BB-AF11-46A7-A71C-F7D289E76E3F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sw5100:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7B8455D6-287D-4934-8E4D-F4127A9C0449" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sw5100p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DB599A9F-0305-4FE4-8623-0F86630FEDCB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sw5100p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EEB883BF-68B2-4C25-84DC-5DA953BFAA2F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sxr1120_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CF839E24-6542-4C5D-A1B7-FD3BA00683CB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sxr1120:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E9F12284-93E0-482D-9D35-EB38BA7D6C6D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sxr1230p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BE3236D6-0D01-4D05-B580-8888B99BAA5D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sxr1230p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7E1753FC-F3CD-4B50-886D-8E16D9301A84" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sxr2130_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9F9FA3B1-E4E4-4D9B-A99C-7BF958D4B993" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sxr2130:-:*:*:*:*:*:*:*", - "matchCriteriaId": "95762B01-2762-45BD-8388-5DB77EA6139C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sxr2230p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CD6444F6-A477-4B4C-8A09-C22C47CCE45B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sxr2230p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F3E20681-4FC4-46E2-AF77-BCF03BC8E77E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:vision_intelligence_300_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1708266E-EB99-475A-AB48-B2ACEE5657EC" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:vision_intelligence_300_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FEBBF98A-40C2-4386-85C5-5B1D445CC846" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:vision_intelligence_400_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6E685A5C-870C-41E9-91AA-7AA7535C4D85" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:vision_intelligence_400_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D8F52FE7-2C9C-4908-A578-2230ED6A1505" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9326_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3A2FAD34-B7C5-400A-8575-A12CDE65ACBE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9326:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5A39A2E5-6D8D-4F6E-98CB-96DB1975A4BC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9335_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "28717583-463A-468A-8073-ECF0F90585F6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9335:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4D1A7188-7D5D-4D46-AEAB-08BA84FFF539" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9340_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8BA28CC6-C8BB-4F50-BFE3-A59F664A4F54" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9340:-:*:*:*:*:*:*:*", - "matchCriteriaId": "94D2BDF1-764C-48BA-8944-3275E8768078" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9341_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CE852339-1CAE-4983-9757-8F00EDEF1141" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9341:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4D9E96B3-F1BB-46F8-B715-7DF90180F1E1" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1295D869-F4DD-4766-B4AA-3513752F43B4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9370:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B98784DC-3143-4D38-AD28-DBBDCCAB4272" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9371_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2503805B-B2A6-4AEE-8AB1-2B8A040702BD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9371:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D3AD370C-2ED0-43CF-83D9-50DC92A01CA5" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9375_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "34143ABA-7D09-429F-A65C-3A33438BF62C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9375:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9D56DFE3-5EF1-4B23-BBD5-0203FBF9CCEC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "70292B01-617F-44AD-AF77-1AFC1450523D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FA94C6D6-85DB-4031-AAF4-C399019AE16D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "92B17201-8185-47F1-9720-5AB4ECD11B22" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E1FA2EB9-416F-4D69-8786-386CC73978AE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3910_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9F0D7B24-D567-479A-B4F1-595FAA053418" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3910:-:*:*:*:*:*:*:*", - "matchCriteriaId": "33A8FAA1-F824-4561-9CCC-7F0DF12F740F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3950_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3FEF2DB6-00F5-4B07-953B-EF58B31267F1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3950:-:*:*:*:*:*:*:*", - "matchCriteriaId": "120E8F0F-EBEB-4565-9927-2D473F783EF7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9C6E9038-9B18-4958-BE1E-215901C9B4B2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3980:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B36D3274-F8D0-49C5-A6D5-95F5DC6D1950" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3988_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E4BFB25F-013B-48E3-99FF-3E8687F94423" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3988:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BF676C5B-838B-446C-A689-6A25AB8A87E2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3990_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2744A053-5BD9-45A9-A2FC-791BCA0CCD4C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3990:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D5F28E29-520F-469E-B048-62DE2EF07ADD" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "15307882-7039-43E9-9BA3-035045988B99" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA85B322-E593-4499-829A-CC6D70BAE884" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E839A0B9-64C3-4C7A-82B7-D2AAF65928F8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7E870D82-DE3B-4199-A730-C8FB545BAA98" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "11B69595-E488-4590-A150-CE5BE08B5E13" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BF680174-5FA6-47D9-8EAB-CC2A37A7BD42" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7ACAD26E-B79E-4659-91A5-D301281F7D36" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8832:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F0E46DA6-9494-4D92-A4AE-A272AF6ACCCC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F80BC68E-7476-4A40-9F48-53722FE9A5BF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6B36F4B2-BAA3-45AD-9967-0EB482C99708" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.qualcomm.com\/company\/product-security\/bulletins\/september-2023-bulletin", - "source": "product-security@qualcomm.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-28543", - "sourceIdentifier": "product-security@qualcomm.com", - "published": "2023-09-05T07:15:13.197", - "lastModified": "2024-04-12T17:17:02.233", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "A malformed DLC can trigger Memory Corruption in SNPE library due to out of bounds read, such as by loading an untrusted model (e.g. from a remote source)." - }, - { - "lang": "es", - "value": "Un DLC malformado puede desencadenar una corrupción de memoria en la librería SNPE debido a una lectura fuera de los límites, por ejemplo, al cargar un modelo que no es de confianza (por ejemplo, desde una fuente remota)." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL" - }, - "exploitabilityScore": 3.9, - "impactScore": 5.9 - }, - { - "source": "product-security@qualcomm.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:H\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "HIGH", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.1, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.2, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-125" - } - ] - }, - { - "source": "product-security@qualcomm.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-125" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd855:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F562ED3D-CBE3-4DCC-BFBB-DE0AD2425A9C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd855_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "42B30014-95AB-4F24-A7A5-60A907502609" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd845:-:*:*:*:*:*:*:*", - "matchCriteriaId": "306DAB18-F737-47DE-A47D-C39F1B25D515" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd845_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DB222869-9CDB-43B1-8947-954C8C8520B8" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs605:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D0D665C1-3EBA-42F2-BF56-55E6C365F7DF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs605_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B05FD66D-13A6-40E9-A64B-E428378F237E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs405:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B703667D-DE09-40AF-BA44-E0E56252A790" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs405_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "36F5A18B-8C9E-4A38-B994-E3E2696BB83D" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.qualcomm.com\/company\/product-security\/bulletins\/september-2023-bulletin", - "source": "product-security@qualcomm.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-28544", - "sourceIdentifier": "product-security@qualcomm.com", - "published": "2023-09-05T07:15:13.280", - "lastModified": "2024-04-12T17:17:02.397", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Memory corruption in WLAN while sending transmit command from HLOS to UTF handlers." - }, - { - "lang": "es", - "value": "Corrupción de memoria en WLAN al enviar comandos de transmisión desde HLOS a controladores UTF.\n" - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - }, - { - "source": "product-security@qualcomm.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-120" - } - ] - }, - { - "source": "product-security@qualcomm.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-120" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:aqt1000_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EC6FCE91-BF38-49ED-8FFB-429BAFEE7832" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:aqt1000:-:*:*:*:*:*:*:*", - "matchCriteriaId": "715A9F94-5F9E-45E5-B07B-699410C01478" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ar9380_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B032F871-3EC2-427D-A06F-681A58075925" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ar9380:-:*:*:*:*:*:*:*", - "matchCriteriaId": "73286FFB-C267-46B7-8FEF-C96534656AF9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:csr8811_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D4CAA848-413D-4C63-823B-BFCE95C7740C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:csr8811:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1AA32CC0-DE30-4B15-8EC6-1FAF14C5C4E2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:csra6620_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FA42F2EA-5D00-42B8-B020-C27675B72915" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:csra6620:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BFCF207D-B8C8-4860-89C7-673C821F0237" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:csra6640_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A8A35ECF-B12E-42DE-A74B-2C3BE03639A4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:csra6640:-:*:*:*:*:*:*:*", - "matchCriteriaId": "65B283D6-B2D2-49B6-98A8-08EDB54C1F15" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:fastconnect_6200_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CDE1CBDE-3D28-463C-B215-AA7DF373EF09" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:fastconnect_6200:-:*:*:*:*:*:*:*", - "matchCriteriaId": "66BD3B88-7CF9-482D-A2DD-67F6ACF4CC57" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:fastconnect_6700_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "82B82E87-F3F4-466F-A76B-C8809121FF6F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:fastconnect_6700:-:*:*:*:*:*:*:*", - "matchCriteriaId": "419A132E-E42C-4395-B74B-788A39DF1D13" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:fastconnect_6800_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D89F035A-2388-48FC-AEBB-8429C6880F4A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:fastconnect_6800:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CA13EF4E-AAE6-45F4-9E41-78310E37CE81" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E670F500-9B71-4BBE-B5DA-221D35803C89" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:fastconnect_6900:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9ADEB5C5-B79A-4F45-B7D3-75945B38DB6C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:immersive_home_214_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4C241123-63B1-4CA2-A3CB-BADA86EAAA2E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:immersive_home_214_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "66E4B95D-966A-4940-A403-9E8241F121C2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:immersive_home_216_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A0D491A9-6A1F-4B62-9A30-5A9F592BD5B5" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:immersive_home_216_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "68309F58-91D9-407E-9578-17EAF6836E07" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:immersive_home_316_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8DC770BF-4B23-4F43-A0B9-E5FE41536F5E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:immersive_home_316_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA6CA3E5-7A0F-4705-985E-0C25DE609494" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:immersive_home_318_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "497EC79B-0879-4FA2-A5B7-63EA54FC20A5" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:immersive_home_318_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "84B4531C-9D90-4A9B-8724-1428372319C8" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq4018:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1339CEEF-34C9-426E-864B-6C7B68E72CAA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq4018_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1D65E62B-95CA-4229-A61B-F4FB70466B6E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq4019:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA679375-BB14-4B24-8AD9-B2BFBACE2FDB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq4019_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "94CB547F-0078-47CD-B511-06DE96882D5A" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq4028_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3525CD2A-CE43-4B42-B8C2-9B19B2551214" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq4028:-:*:*:*:*:*:*:*", - "matchCriteriaId": "010DBDB1-F1A3-4805-BDD2-84CBFA0A0BE1" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq4029_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3D21F293-B9C7-46CB-8D83-BEE27E899BC3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq4029:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C4BA4D00-D7B2-4152-BD82-E6F572655AF3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq5010_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8543C671-054B-489F-ACFE-B7D7BEC1DEE6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq5010:-:*:*:*:*:*:*:*", - "matchCriteriaId": "15C5F8CB-3291-4E13-94F0-680FC85A9669" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq5028_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5AE3085F-59BE-46A0-9A96-65CFAB7DFEAE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq5028:-:*:*:*:*:*:*:*", - "matchCriteriaId": "825524E0-BB01-4CAD-9F65-95E096467D28" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq6000_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA7A5C46-48BF-42A9-A477-A660C6D7B437" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq6000:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EDB79382-19D6-4A67-9013-7099A9C58829" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq6010_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A5CF970F-17AE-4C59-89A5-5B41A41E1DE0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq6010:-:*:*:*:*:*:*:*", - "matchCriteriaId": "71C54A70-AAA8-4B5E-AC1B-471A5C7E79B0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq6018_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B04589FF-F299-4EF6-A57B-1AD145372DBB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq6018:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FDC1ADAD-DA77-47EF-8DB9-C36961C560C2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq6028_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "06126F30-D081-4A11-92FB-4074A451FAF9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq6028:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E2550040-CCC7-4B52-8D3E-7948B3E3C62B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8064_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7A1CC1C1-F2CA-4C43-B9E9-1288C3496C7B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8064:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AC82552A-9E7C-4A13-B7A5-43CEA218675C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8065_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9F37542D-35FD-4B15-8882-DD7543FF4E3D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8065:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1A7A9919-4B34-4960-ADC7-04A176579B80" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8068_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A3CB8796-7976-4077-BFF3-04DAEF5C8DDF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8068:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E848E5C5-F6C6-4FA1-93A6-C7737D69BB15" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8069_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C818E621-4286-485B-96E3-AB485F16BD8D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8069:-:*:*:*:*:*:*:*", - "matchCriteriaId": "87CFC07B-1F10-4AC8-85D8-5BE76FE35FB3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8070_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C670A4C5-1F17-4F1E-91DC-A33A9BA8878A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8070:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ACC9F136-90A7-486F-AF2A-EC60125E5AF8" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8070a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "711FC14F-4DED-4F90-9BA5-0036537E6DCF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8070a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "302F06C0-4835-4CD6-B745-BF7B704C3C86" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8071_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA6FF982-7B4C-40F8-8A79-49CD234930DF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8071:-:*:*:*:*:*:*:*", - "matchCriteriaId": "77052755-6A86-4ED7-B45C-32F884D27C64" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8071a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "623ED6A2-EE37-458E-BEFA-8BAD08256AE8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8071a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "53449B68-4C58-4AEB-82B7-72726ADE0E2C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8072_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "83357A1C-633B-4814-ABB5-A8AC2AC12990" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8072:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8C4A7555-7224-403A-9B7D-23D1622623B7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8072a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "93E5DB9B-F388-49F3-ABD5-CE773FC4B045" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8072a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0137E60A-1869-479C-9B4B-378E5FCCBA1D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8074_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2914BF98-E69C-4C8D-8B10-759642ADD7B4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8074:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2118C404-402F-463C-8160-3CC3B703DF30" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8074a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5C7691C2-C4F8-4F23-9B5F-5E8FE0E2293E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8074a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "02BF2E50-E2A4-44FF-9748-ED96C0C1AB5F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8076_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "966392A8-DD8E-4AA1-B407-5BF2D937139E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8076:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A211C022-8EDF-4B76-89D6-599812900446" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8076a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EF245F8E-C056-4BEF-982E-9616F8C65CD6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8076a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CE302EF9-165F-47F9-B0D6-BE1E3D8C6C65" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8078_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A24951FD-C4AB-4988-A1DD-019412430AC6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8078:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EFEC5D65-C1E3-40ED-9FE3-8DF888CA2654" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8078a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DF609C6C-CD50-423A-A75E-83C730296089" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8078a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B8B35C18-9A01-41E1-8CE9-D8FA7E4A25ED" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8173_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8890C528-C2A3-4148-A397-85B63FB920C4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8173:-:*:*:*:*:*:*:*", - "matchCriteriaId": "81494D75-1D4D-4DC5-AF67-F83FD562DBB9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8174_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6BB84228-3083-4048-8E83-E1F30B537223" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8174:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EB58F259-62BA-40B9-BD71-960F25D20BED" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca4024_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C359D1E7-6E0A-41B5-ABE5-B55598960700" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca4024:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B4DC3CE7-0C4A-458B-A42E-8F80C062DD5F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6310_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "62DC4FBB-D9CB-43EB-829E-0A892306D0E2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6310:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5B0F8ED6-EAE7-44EA-A8C6-F5AD408261F0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6320_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "886CF046-E1D9-4FD4-AC02-EAB61C3F70FD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6320:-:*:*:*:*:*:*:*", - "matchCriteriaId": "059486E9-3F99-4C65-A763-470564EDAF2C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6335_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "966CDA56-809F-4FF4-909D-0DD92F44CF67" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6335:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C90747B4-2CC0-4816-A994-58E00F5ADA05" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6391_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "83B53119-1B2F-4978-B7F5-33B84BE73B68" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6391:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6FEBC0C5-CAA1-475C-96C2-B8D24B2E4536" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6420_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7E16994A-6DBA-426C-ADD2-B1E8B49FEDBF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6420:-:*:*:*:*:*:*:*", - "matchCriteriaId": "47E674DE-55AB-44E5-8E00-C804FC9D4DC0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6428_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8B9382B5-AEB1-41E6-9F25-B0EDC95363C9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6428:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BDFC0DFF-F13A-4804-890C-99AFA0C56D62" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6430_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "95AFC483-1468-43FC-96FA-A56165C290E0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6430:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0A963FDF-6FF4-4F48-834E-2A14D241716D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6438_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F8D7658D-692D-4873-8D41-7682E9ECAEB3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6438:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DB8993C2-1E06-4ACF-B1E8-A62D89EBF4A0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6554a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0B1397F3-8CCF-4BBA-9F0F-A12E4F045754" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6554a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F5888224-567D-4C84-BE6D-17B636BF506C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6564a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "886124F6-B397-4EB6-8E01-6012E468ABE9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6564a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "93ED74CE-6BF2-4983-8780-07D5336745B3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6564au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B59672A0-2FA6-46CC-B75A-C599B842AFB9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6564au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3847F4A5-90A5-4C84-B43F-0DDD81BD79CE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6574_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9B828AC8-4A01-4537-B2BD-8180C99F5C32" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6574:-:*:*:*:*:*:*:*", - "matchCriteriaId": "66C16E1E-9D4A-4F20-B697-833FDCCA86FB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6574a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "828CFB37-76A6-4927-9D00-AF9A1C432DD6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6574a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "11405993-5903-4716-B452-370281034B42" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6574au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D527E2B1-2A46-4FBA-9F7A-F5543677C8FB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6574au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8374DDB3-D484-4141-AE0C-42333D2721F6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6584au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C3DDA896-576C-44B8-85B6-F71F473F776B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6584au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "51A87BDA-5B24-4212-BAB3-D2BBB2F4162E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6595_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "643EC76D-2836-48E6-81DA-78C4883C33CA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6595:-:*:*:*:*:*:*:*", - "matchCriteriaId": "477F6529-4CE1-44FC-B6EE-D24D44C71AE7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6595au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "288F637F-22F8-47CF-B67F-C798A730A1BD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6595au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D0996EA3-1C92-4933-BE34-9CF625E59FE7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6696_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0AE207DB-9770-40ED-961D-FDA75965826F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6696:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0E23922D-C37F-476F-A623-4C1458A9156F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca7500_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9D4F8296-D8D0-42C6-AAD2-24DA0DB403D4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca7500:-:*:*:*:*:*:*:*", - "matchCriteriaId": "14EC7373-E5F3-4D2B-B727-CAEE772B74BB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8075_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CC8A5A87-7D62-4EB7-962A-0F160DE3E889" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8075:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7B68D126-7F49-4FFA-8AF8-78120973D78E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8081_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1D1C53DC-D2F3-4C92-9725-9A85340AF026" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8081:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ED0585FF-E390-46E8-8701-70964A4057BB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9880_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7F81D132-B2DD-4D09-8561-21A2CFBCC9FA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9880:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F099A893-232B-48FB-81B3-F01AF2A19426" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9886_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "311229F9-4A32-462D-AE8D-E5E2B2C416CE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9886:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5A523C3F-FB62-4728-8173-4C117C28AC5A" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9888_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EF227702-EEFC-43CC-AC80-81EA6E4927E0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9888:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AE5DFEA5-EA29-40B6-83DB-883B276E8245" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9889_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "728CCD27-ED06-49FD-AECD-9B0856813EDF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9889:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1D181868-AE93-4116-B45F-81D94F537227" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9898_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "49882EDE-598D-40B2-8A65-D258241E669F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9898:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F1572D87-4EC2-4B95-826A-B03FDD4985AE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9980_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DCBC53AC-E040-40E0-B09B-4117E641C9D4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9980:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7AE49086-E95B-4852-8A09-16A83DD63EC9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9984_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "93BA2DC9-5B4F-4F8F-8B3D-8DA01043B9BD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9984:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8FA8880F-E513-4390-B839-C5D86E7A89EB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9985_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ED6C33CE-635A-415F-9F4E-70E2D86A06D3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9985:-:*:*:*:*:*:*:*", - "matchCriteriaId": "124FF4F3-0490-4CB8-8689-5F0FA6D9230F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9986_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "70DBC461-DFD7-419E-8241-B55913315D45" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9986:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4E9EC919-0F83-49F3-807B-CD4B27AAE741" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9987_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "77057B7D-E70A-4F74-A141-14B0DD798247" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9987:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E0B7DFC6-5D6A-4B73-B5F8-6C2073E0EBE0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9990_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "991D9592-D61E-4777-8B59-EB004F09998E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9990:-:*:*:*:*:*:*:*", - "matchCriteriaId": "37A829C8-5BA3-4B13-9033-30FCD5B78B70" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9992_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5D8FB66C-5616-4C3A-9CAE-7610519ACA1A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9992:-:*:*:*:*:*:*:*", - "matchCriteriaId": "408C8494-E7D8-4F99-9B04-7E84A31C799B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9994_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BD5B18AA-0699-4F21-9D3E-C45B071B4903" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9994:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DDC4C800-C9E3-4DB0-AE99-3F75D3660DEC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcm2290_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5AB1F0FA-25F3-4304-A3BC-5264E55CC092" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcm2290:-:*:*:*:*:*:*:*", - "matchCriteriaId": "214A053F-D80C-4AD9-B4F1-83384095A3F3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcm4290_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3C7FFB96-53E7-41A2-BC99-7ACD853214A8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcm4290:-:*:*:*:*:*:*:*", - "matchCriteriaId": "74EBA77E-69A5-4145-9BEC-CD39BA132309" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcm4325_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F2D8044B-D4E5-4174-A0FB-478F8434EE8F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcm4325:-:*:*:*:*:*:*:*", - "matchCriteriaId": "163FE96E-DF5B-4B67-8EDE-44A5B9A8492D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcm4490_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DA506489-4338-44DF-8F92-12E60AF0048C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcm4490:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A8718C37-A82A-4A08-A887-3F22B37601A9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcm6125_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AB226552-52D9-44F5-A170-35C44761A72B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcm6125:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FBB16DC4-CDC9-4936-9C6A-0ED8E1F6D056" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5022_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "478B79F0-D257-41B2-965B-3E251A584D45" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5022:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8B6D2C9D-1BF9-4D78-90FB-B7633DD87E67" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5024_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "63965F19-033E-4755-B9CA-EF409EC339A3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5024:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CCA0E68F-6D5F-4C20-AABC-26CA6867D3D6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5052_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "85740DB4-3B08-48A4-ACAF-7BBB2612009A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5052:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8A0BD404-5EBA-4988-91B6-ECE8FCF4F041" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5064_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0405CBFB-AD0E-45F8-ADDA-60D2BF7486C0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5064:-:*:*:*:*:*:*:*", - "matchCriteriaId": "08F4DD2E-C887-424C-B931-CBB9B402726E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5122_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "290BFC8A-0D76-4BCD-B059-2DAFD368A10C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5122:-:*:*:*:*:*:*:*", - "matchCriteriaId": "936A308A-92B9-468C-9BC6-8FD71C7C2315" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5124_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2A9F76FF-96D3-4BCE-918D-B3B0ADA3E8E0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5124:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2908A543-EFE4-477D-9CF3-76534B2E6CF6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5152_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0EAE1EBF-AD14-4C07-99B5-2547A5196B20" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5152:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D4829FF9-C0BA-4E40-A01A-3EF179462029" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5154_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0ED3ED74-C2D0-4A84-A2F8-392818E5CD20" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5154:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4F1CA219-959D-481A-8622-69F1825832FB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5164_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5F6EAD64-D133-42C4-92ED-90C49938C0F1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5164:-:*:*:*:*:*:*:*", - "matchCriteriaId": "93E7ED58-C5A7-4F78-8233-750780CCAB16" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5550_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A0A436BB-212C-4419-A0C7-03C0E04BD582" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5550:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3AF4B33B-223D-45F5-8168-3D2232E11663" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6023_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "63FF89C5-3BBF-4A13-8A3B-F490C2FA1A95" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6023:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6784EC5F-2C26-49C5-9A03-6FD2056C04EF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6024_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A49DBE04-E2EA-4DA1-B774-A878A71524AC" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6024:-:*:*:*:*:*:*:*", - "matchCriteriaId": "69E98386-3BB2-4E8C-AD00-E05123608439" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6122_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1A988BD3-71D8-4F2B-9EC2-8E385B114114" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6122:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1E7049A3-9F35-465F-9B2E-96788E54EC63" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6132_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A59FBBDC-0495-422C-B25A-FFDF94D33C34" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6132:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F6E55C06-45EE-4144-8CBC-4D41DDE4D899" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn7605_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9C9D1966-30F0-414D-BE75-0A14B12A1457" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn7605:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CD28C87D-1D28-4C84-BFE4-56EE3BF2C6B0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn7606_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F466A5BD-1912-4811-9A93-81555F101D46" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn7606:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0F92914E-16F6-4A25-9FEF-FB7CB3377132" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9000_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5BCCFF8B-4857-439D-BD4A-EB35672F474B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9000:-:*:*:*:*:*:*:*", - "matchCriteriaId": "86896D55-89F5-440B-9082-916E486B65D9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9012_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "61F34DD2-9DC0-49E5-BC85-1543EA199477" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9012:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1A06879F-6FE9-448A-8186-8347D76F872B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9022_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "36A10EB2-E7A2-461F-836E-FC38B9428C98" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9022:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A457C1D6-A026-4B5F-9CB1-FA795785A515" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9024_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A64CDA49-19BF-413F-A0E0-2B9729E45E25" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9024:-:*:*:*:*:*:*:*", - "matchCriteriaId": "345CCD64-C09E-407D-AAA2-311C4CCFE24F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9070_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2C10CAAC-FD93-4116-9F0C-E983B3693FAF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9070:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9FEC2402-BA39-49BB-A34C-FF32ED44A158" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9072_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "809FD84D-11C5-4EE3-B830-62CF5F6CB1BC" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9072:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DFD77A52-D53C-424F-9E17-160B710469C3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9074_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "65303C2D-C6BF-47CB-8146-E240CB8BBE42" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9074:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A6B03022-497A-4F42-BB4D-5624EA7DF1B9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9100_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B31EEE9E-CDEC-4E88-B950-3413205E483E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9100:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3E1E341A-7DDD-47E5-BB5F-0666482B41C0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs2290_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "93CDB7BC-89F2-4482-B8E3-9DDBD918C851" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs2290:-:*:*:*:*:*:*:*", - "matchCriteriaId": "76E03AE9-2485-449B-BCFD-3E452BB01FC6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs410_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DC43BB27-0516-4750-A4C2-C45298441398" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs410:-:*:*:*:*:*:*:*", - "matchCriteriaId": "969585DE-93D6-4406-A632-D838ECD4D5AD" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs4290_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "06789CB9-E6FA-400D-90B6-C2DB6C8EF153" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs4290:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FFCB9F22-57F2-4327-95B9-B2342A02E45E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs4490_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3336CDD7-9E7B-4FFB-A5CE-594B19B63A6C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs4490:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1197E229-1E27-4CA3-A386-B77FAE5DFE1A" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs610_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E634F59C-6817-4898-A141-082044E66836" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs610:-:*:*:*:*:*:*:*", - "matchCriteriaId": "29762819-EC90-499C-A8C6-1423DE3FE6B9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs6125_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4468EA5D-87B0-4FEC-A3DB-617651B0D169" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs6125:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6DA2C3E1-E285-4CAD-9FA3-813C8EC436F6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qualcomm_robotics_rb3_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3190C4FD-36BE-46F4-AAD9-028105D7A39B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qualcomm_robotics_rb3_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4CE5E237-2F85-4EB3-BB8C-BA11D8F25C5C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6150p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "054F77D6-FC66-4151-9005-DC7ECDB5C722" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6150p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8ED3F589-16D9-46A7-A539-C9862473EE0D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6155_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4C40544E-B040-491C-8DF3-50225E70B50C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6155:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A2DAC85C-CDC9-4784-A69A-147A2CE8A8B2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6155p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8DC40C14-3B2D-4E00-9E0F-86E6BDBF2D81" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6155p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0514D433-162C-4680-8912-721D19BE6201" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8145p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A71D74B0-0963-49FD-8E97-148C8993B263" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8145p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "910CBFA4-50F7-4C7A-B9B9-B88C8A919827" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8150p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "69C1B02F-8D2D-42E7-B70D-41F4D9844FD1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8150p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3FEACAA9-C061-4713-9A54-37D8BFC0B00B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8155_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F33EB594-B0D3-42F2-B1CA-B0E6C9D82C6B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8155:-:*:*:*:*:*:*:*", - "matchCriteriaId": "50EF47E5-2875-412F-815D-44804BB3A739" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8155p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C8648B38-2597-401A-8F53-D582FA911569" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8155p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A01CD59B-8F21-4CD6-8A1A-7B37547A8715" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8195p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "51BC0A66-493B-43BE-B51F-640BDF2FF32E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8195p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D8DA4D12-7ABF-4A04-B44E-E1D68C8E58AB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180x\\+sdx55_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C751ABFE-3B9B-472B-A10C-277270790D95" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180x\\+sdx55:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C819454D-D413-478A-B78D-CFF6994803A1" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd_455_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B3EF9964-D615-473E-A289-8A01D91D87AA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd_455:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9C177163-B6E6-42D8-8969-C2F9832C6701" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd_675_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3F900C8F-9763-441A-B97E-E5394A68A08A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd_675:-:*:*:*:*:*:*:*", - "matchCriteriaId": "589C1001-E9F6-41A6-BCC8-A94A3C97F2E6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd_8cx_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A71D1A7C-537F-458B-BA56-A11F95E36EA9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd_8cx:-:*:*:*:*:*:*:*", - "matchCriteriaId": "716DEC4D-D854-44CD-8A14-AA5AFD96809E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd460_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "52036768-810C-40C2-9213-8397A4073703" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd460:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BE8AB22C-54EA-4D61-B6F9-7BC45820D29E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd660_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3991C516-4FBE-43D8-835F-413FE45BF73E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd660:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D9CF5EBB-B25A-4A76-B522-951F108263CC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd662_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C7BE7001-5539-4C5E-A064-6E62023803AE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd662:-:*:*:*:*:*:*:*", - "matchCriteriaId": "06661DAC-5D22-433E-B5EC-486931E265B4" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd670_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5B8DA94C-23A0-4C99-9F05-144B9B5224B3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd670:-:*:*:*:*:*:*:*", - "matchCriteriaId": "39E10E22-E7CC-41D6-80F3-030083F45645" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd675_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1497D052-884E-496B-BEF8-6904A25125ED" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd675:-:*:*:*:*:*:*:*", - "matchCriteriaId": "589F4888-28F6-4ECA-860E-8054C2A8C419" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd730_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EC4DA7EA-DB81-4C71-A875-2612D8D7D726" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd730:-:*:*:*:*:*:*:*", - "matchCriteriaId": "48F26F64-98D4-420A-8918-E5E56ABA1D47" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd835_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9DA605FD-B801-43BB-B52D-879013F7F57E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd835:-:*:*:*:*:*:*:*", - "matchCriteriaId": "908BFD96-0423-4AFC-B8F3-105B2D5B4C73" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd855_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "42B30014-95AB-4F24-A7A5-60A907502609" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd855:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F562ED3D-CBE3-4DCC-BFBB-DE0AD2425A9C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sdx55_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E93FB34B-3674-404D-9687-E092E9A246AB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sdx55:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F3FF5A9A-A34A-499C-B6E0-D67B496C5454" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sg4150p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9279F02F-6C30-4891-8941-97003DE9C8C7" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sg4150p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FFA7BB42-305C-451F-92D8-0718DF68A012" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm4125_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E2B93301-AFE8-409B-A8C8-6754BE5A0C14" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm4125:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B185412C-177F-48E2-87F9-1269E0FB8E31" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm4450_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8F57DB5E-863C-4CA1-B7C0-DD8FCA50F835" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm4450:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6E3F3930-3C47-4A0D-ADC2-2641AE1CC02C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm6250_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FACA2BF1-85D3-447F-A08D-B90330A22550" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm6250:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C2ABA18D-82C1-4366-B1D7-DED42DD3D5C5" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm6250p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E3FB2972-94B6-4716-BA96-4B452BA3990F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm6250p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "57F4F872-094E-4E27-BB89-D8251FAFB713" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm7250p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "76DB5472-DF51-4144-8A69-9B231CF782DA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm7250p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1D395018-251C-45AA-9EE8-A638CAB0B508" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:smart_audio_400_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "57B0086F-5F2C-4F89-AC53-D8429D6506CD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:smart_audio_400_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FB8145C8-D978-4047-9203-602E854E7290" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_4_gen_1_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2CCBF666-CB4E-44E1-9676-6891EDC73578" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_4_gen_1_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C767AB6A-1A8C-406C-A600-96A816F44E2F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_460_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "390D7CAF-6C0B-4438-AA7D-AEEE127F4D3C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_460_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5BB1FC5E-CF6F-4E54-B78D-C01AFD034903" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_480_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CA3F11F3-C9F4-460D-BD77-1BFBCC1F0592" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_480_5g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "25673A10-D99C-4F67-BDA7-9C2E4A70EF9C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_480\\+_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "50906EF2-01F7-4E97-9F49-F892DF41CB29" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_480\\+_5g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B23A89FF-9C94-40C6-B9B7-3E8354777916" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_630_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "531A9325-790A-4D7E-BFF2-EB1808C719D7" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_630_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E1AACB4E-70A7-43ED-953D-911D2450C946" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_636_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2C558A35-E8E3-43CD-BAC5-C665875D3E60" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_636_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5F23BF59-9FB7-49D6-846D-52263747E69F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_660_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "873CD3BE-2098-4328-B350-A14453C44F1D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_660_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BE294B26-BBD0-455F-82B0-4605987B7DDC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_662_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "37DF4D73-3ACC-41B3-8CA4-20DAECE6BFB7" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_662_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FE08D23A-2D0D-4472-8847-27B955F55165" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_665_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D9151A7D-4A02-4EDD-830E-3408BBB2B0C3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_665_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "73D551AC-1008-444B-8A69-CF8CE60942FF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_670_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C9871C72-4B99-43E5-B389-EB26996B08DD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_670_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "586E725A-B3F6-4C4D-AE46-0D76A0C0D91E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_675_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ABF96A66-FECF-4D2F-94C5-7BFC746789E5" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_675_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "28638583-F98D-4B88-AF50-A10642D6A105" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_678_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E1B3C6D8-F06D-48DE-9127-0E574578E501" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_678_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A933F383-717C-4D7B-836A-76042F55488F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_680_4g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8D0ED00F-1345-43AD-83C6-E979890B84AB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_680_4g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "92C28019-B57D-4487-B551-F7B53395C6E5" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_685_4g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C174F07D-0E33-43FD-9BAD-6C6D8B51B6A6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_685_4g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "47311B68-A07F-448B-99D5-9C92C8127A81" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_690_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A930E317-7F22-4605-A85F-144921EEBA0C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_690_5g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BAF50FDA-47FA-491B-BEAE-76CC38C18F52" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_695_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A9A2DA11-5E4E-4E36-923C-A2D3CC2F2751" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_695_5g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BE7DFAD4-1D21-4A3A-9E8C-10F00AD7C403" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_710_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1FEAB1AE-53FE-4641-A2BB-4E1449A76E8C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_710_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3E92D896-80E5-47C6-A752-F19F1CB8005D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_712_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C9B4C948-7C2F-41E5-8111-9A17673E2787" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_712_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2504D653-29C7-4F1F-991C-AA50A4E5E092" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_720g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E6B6B409-33F8-49CA-9A09-3AA97DCBCE54" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_720g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1F34AF35-8A0B-4B90-8AE6-EC961B7FEC4B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_730_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BAE7612E-5C12-467E-95EC-90D0A984E086" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_730_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D76005A3-22FC-45C1-A01A-8640F030E6A9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_730g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E454506E-21BE-4BC9-91B9-21DC2AEA63E3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_730g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7D06996C-0832-4406-9581-1327345E95B9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_732g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A0E3DAEC-1C6C-41D4-867D-A246C51A7F08" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_732g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B4E25E7B-7391-479A-AE10-E593ADF7A5B1" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_750g_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A96C773B-B228-4A39-8CAE-AEA0EE6E5699" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_750g_5g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "898FE463-291B-4C89-BEC5-8B99EA18CF23" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_765_5g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "11ADEB65-9803-4036-AAB4-B85E430B626D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_765_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1C9940B4-672B-4D82-B904-80A3FC1DD4C2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_765g_5g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B8FD2424-599C-4137-9BB0-378F34B7AB3C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_765g_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DD14F17B-FDC3-4B1B-9901-E40B783E77C6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_768g_5g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BABB84B3-C5BC-4AE9-AB6E-BA4BAF9FBECB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_768g_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F6037264-BF88-4BCA-9F5F-B5D30587D9A8" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_7c_compute_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "75F10C87-25C4-40A5-9B7E-904C2258CB3C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_7c_compute_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "65B3644E-74B5-41BB-BA43-F3E588D152CE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_7c_gen_2_compute_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AF331899-4AA1-4D55-B494-4FA47BB97AE5" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_7c_gen_2_compute_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EC68355A-3202-4317-9767-26AFDD321789" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_835_mobile_pc_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5B4837E0-EFF7-4546-918C-03551E03F6BD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_835_mobile_pc_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "81FC1C9D-D494-4426-93FF-A774D68554D7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_845_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4E289B26-AF53-442A-9740-2F44D1F59DA5" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_845_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D56B0CD3-138D-4197-84D5-2887C8FA40D2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_850_mobile_compute_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "355080DC-FC83-45C1-AB1A-21533638C181" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_850_mobile_compute_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5167E425-3B5D-4F79-B6AF-599820BEB33E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_855_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "532F3191-56DD-41C2-8FCC-D1B20D0E5624" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_855_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2BF8CD16-C2A7-4C93-8693-0E74F3CD0809" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_855\\+860_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "83BB4E6C-2D33-49A1-909F-B7BD7B0CFCDE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_855\\+860_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F26F891B-8D25-47F3-BA02-FBB8A7160598" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_8c_compute_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DC63E59F-CB68-435C-B1A4-7DA5D722142F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_8c_compute_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "088D62A3-1FE5-42D6-9231-41DDE4DA37EF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_8c_compute_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DC63E59F-CB68-435C-B1A4-7DA5D722142F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_8c_compute_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "088D62A3-1FE5-42D6-9231-41DDE4DA37EF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_8cx_compute_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "36903AF3-4E2D-4990-B021-A1D980229077" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_8cx_compute_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "472928D4-90F4-402D-B1F2-0CE358326A10" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_8cx_compute_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "36903AF3-4E2D-4990-B021-A1D980229077" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_8cx_compute_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "472928D4-90F4-402D-B1F2-0CE358326A10" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_8cx_gen_2_5g_compute_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C7ACDB5B-A32C-43A1-9086-D081E9FFF9AA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_8cx_gen_2_5g_compute_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "583E50CC-2017-4092-A21E-7AAC53F53A25" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_8cx_gen_2_5g_compute_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C7ACDB5B-A32C-43A1-9086-D081E9FFF9AA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_8cx_gen_2_5g_compute_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "583E50CC-2017-4092-A21E-7AAC53F53A25" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_auto_5g_modem-rf_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "88AF39A5-F44E-4B14-AA6E-4F80D9EEB017" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_auto_5g_modem-rf:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2A25FE8F-555A-4D85-8A94-A808B62EAE86" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_w5\\+_gen_1_wearable_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0C455E7D-D256-4240-BE72-2A93273D685A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_w5\\+_gen_1_wearable_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "423E21A1-8F52-46DA-9AC2-77159FEB6001" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_x50_5g_modem-rf_system_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "69D1567F-D669-4415-9A08-110221EFA6BA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_x50_5g_modem-rf_system:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EF808C56-AD46-4351-9A46-6A2B6AAAB5BB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_x55_5g_modem-rf_system_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AAFF2095-4257-40C9-8C48-B38C143159ED" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_x55_5g_modem-rf_system:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7FEA2F1D-7D07-4684-BDC1-24224A53A8BC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_xr1_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A1E1B7FD-39CD-42AB-A113-2AFB25B5F85B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_xr1_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C93EECE3-7A8A-4B58-A674-134040CE43FE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sw5100_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA1BF9BB-AF11-46A7-A71C-F7D289E76E3F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sw5100:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7B8455D6-287D-4934-8E4D-F4127A9C0449" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sw5100p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DB599A9F-0305-4FE4-8623-0F86630FEDCB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sw5100p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EEB883BF-68B2-4C25-84DC-5DA953BFAA2F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sxr1120_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CF839E24-6542-4C5D-A1B7-FD3BA00683CB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sxr1120:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E9F12284-93E0-482D-9D35-EB38BA7D6C6D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:vision_intelligence_300_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1708266E-EB99-475A-AB48-B2ACEE5657EC" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:vision_intelligence_300_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FEBBF98A-40C2-4386-85C5-5B1D445CC846" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:vision_intelligence_400_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6E685A5C-870C-41E9-91AA-7AA7535C4D85" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:vision_intelligence_400_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D8F52FE7-2C9C-4908-A578-2230ED6A1505" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9326_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3A2FAD34-B7C5-400A-8575-A12CDE65ACBE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9326:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5A39A2E5-6D8D-4F6E-98CB-96DB1975A4BC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9335_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "28717583-463A-468A-8073-ECF0F90585F6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9335:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4D1A7188-7D5D-4D46-AEAB-08BA84FFF539" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9340_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8BA28CC6-C8BB-4F50-BFE3-A59F664A4F54" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9340:-:*:*:*:*:*:*:*", - "matchCriteriaId": "94D2BDF1-764C-48BA-8944-3275E8768078" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9341_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CE852339-1CAE-4983-9757-8F00EDEF1141" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9341:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4D9E96B3-F1BB-46F8-B715-7DF90180F1E1" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9360_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C4D6C6B2-36DC-4D0D-AFF8-2108A090A78D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9360:-:*:*:*:*:*:*:*", - "matchCriteriaId": "28FEB3B1-F641-436D-AC4F-3304C37167C4" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1295D869-F4DD-4766-B4AA-3513752F43B4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9370:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B98784DC-3143-4D38-AD28-DBBDCCAB4272" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9371_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2503805B-B2A6-4AEE-8AB1-2B8A040702BD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9371:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D3AD370C-2ED0-43CF-83D9-50DC92A01CA5" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9375_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "34143ABA-7D09-429F-A65C-3A33438BF62C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9375:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9D56DFE3-5EF1-4B23-BBD5-0203FBF9CCEC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "70292B01-617F-44AD-AF77-1AFC1450523D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FA94C6D6-85DB-4031-AAF4-C399019AE16D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "92B17201-8185-47F1-9720-5AB4ECD11B22" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E1FA2EB9-416F-4D69-8786-386CC73978AE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3910_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9F0D7B24-D567-479A-B4F1-595FAA053418" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3910:-:*:*:*:*:*:*:*", - "matchCriteriaId": "33A8FAA1-F824-4561-9CCC-7F0DF12F740F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3950_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3FEF2DB6-00F5-4B07-953B-EF58B31267F1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3950:-:*:*:*:*:*:*:*", - "matchCriteriaId": "120E8F0F-EBEB-4565-9927-2D473F783EF7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9C6E9038-9B18-4958-BE1E-215901C9B4B2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3980:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B36D3274-F8D0-49C5-A6D5-95F5DC6D1950" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3988_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E4BFB25F-013B-48E3-99FF-3E8687F94423" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3988:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BF676C5B-838B-446C-A689-6A25AB8A87E2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3990_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2744A053-5BD9-45A9-A2FC-791BCA0CCD4C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3990:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D5F28E29-520F-469E-B048-62DE2EF07ADD" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "15307882-7039-43E9-9BA3-035045988B99" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA85B322-E593-4499-829A-CC6D70BAE884" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E839A0B9-64C3-4C7A-82B7-D2AAF65928F8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7E870D82-DE3B-4199-A730-C8FB545BAA98" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "11B69595-E488-4590-A150-CE5BE08B5E13" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BF680174-5FA6-47D9-8EAB-CC2A37A7BD42" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7ACAD26E-B79E-4659-91A5-D301281F7D36" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8832:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F0E46DA6-9494-4D92-A4AE-A272AF6ACCCC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F80BC68E-7476-4A40-9F48-53722FE9A5BF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6B36F4B2-BAA3-45AD-9967-0EB482C99708" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.qualcomm.com\/company\/product-security\/bulletins\/september-2023-bulletin", - "source": "product-security@qualcomm.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-28548", - "sourceIdentifier": "product-security@qualcomm.com", - "published": "2023-09-05T07:15:13.360", - "lastModified": "2024-04-12T17:17:03.130", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Memory corruption in WLAN HAL while processing Tx\/Rx commands from QDART." - }, - { - "lang": "es", - "value": "Corrupción de memoria en WLAN HAL al procesar comandos Tx\/Rx desde QDART.\n" - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - }, - { - "source": "product-security@qualcomm.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-129" - } - ] - }, - { - "source": "product-security@qualcomm.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-129" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:aqt1000_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EC6FCE91-BF38-49ED-8FFB-429BAFEE7832" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:aqt1000:-:*:*:*:*:*:*:*", - "matchCriteriaId": "715A9F94-5F9E-45E5-B07B-699410C01478" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ar8035_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C88B9C86-2E8E-4DCE-A30C-02977CC00F00" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ar8035:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EE473A5A-5CFC-4F08-A173-30717F8BD0D7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ar9380_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B032F871-3EC2-427D-A06F-681A58075925" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ar9380:-:*:*:*:*:*:*:*", - "matchCriteriaId": "73286FFB-C267-46B7-8FEF-C96534656AF9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:csr8811_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D4CAA848-413D-4C63-823B-BFCE95C7740C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:csr8811:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1AA32CC0-DE30-4B15-8EC6-1FAF14C5C4E2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:csrb31024_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1EBF42F8-50BA-4172-A3A0-7FD1BA4B3ED3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:csrb31024:-:*:*:*:*:*:*:*", - "matchCriteriaId": "770F3924-BE27-4BDE-B922-680B3C9753EB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:fastconnect_6200_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CDE1CBDE-3D28-463C-B215-AA7DF373EF09" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:fastconnect_6200:-:*:*:*:*:*:*:*", - "matchCriteriaId": "66BD3B88-7CF9-482D-A2DD-67F6ACF4CC57" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:fastconnect_6700_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "82B82E87-F3F4-466F-A76B-C8809121FF6F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:fastconnect_6700:-:*:*:*:*:*:*:*", - "matchCriteriaId": "419A132E-E42C-4395-B74B-788A39DF1D13" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:fastconnect_6800_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D89F035A-2388-48FC-AEBB-8429C6880F4A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:fastconnect_6800:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CA13EF4E-AAE6-45F4-9E41-78310E37CE81" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E670F500-9B71-4BBE-B5DA-221D35803C89" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:fastconnect_6900:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9ADEB5C5-B79A-4F45-B7D3-75945B38DB6C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B3053D68-C5D8-4D47-A4F0-9F3AF2289E1D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:fastconnect_7800:-:*:*:*:*:*:*:*", - "matchCriteriaId": "638DBC7F-456F-487D-BED2-2214DFF8BEE2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:flight_rb5_5g_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AD36089F-92DF-49EC-9C6F-4300E4903CB2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:flight_rb5_5g_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D19A754C-6900-4436-916D-F5361E0BC324" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:immersive_home_214_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4C241123-63B1-4CA2-A3CB-BADA86EAAA2E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:immersive_home_214_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "66E4B95D-966A-4940-A403-9E8241F121C2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:immersive_home_216_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "68309F58-91D9-407E-9578-17EAF6836E07" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:immersive_home_216_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A0D491A9-6A1F-4B62-9A30-5A9F592BD5B5" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:immersive_home_316_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA6CA3E5-7A0F-4705-985E-0C25DE609494" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:immersive_home_316_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8DC770BF-4B23-4F43-A0B9-E5FE41536F5E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:immersive_home_318_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "84B4531C-9D90-4A9B-8724-1428372319C8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:immersive_home_318_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "497EC79B-0879-4FA2-A5B7-63EA54FC20A5" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq5010_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8543C671-054B-489F-ACFE-B7D7BEC1DEE6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq5010:-:*:*:*:*:*:*:*", - "matchCriteriaId": "15C5F8CB-3291-4E13-94F0-680FC85A9669" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq5028_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5AE3085F-59BE-46A0-9A96-65CFAB7DFEAE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq5028:-:*:*:*:*:*:*:*", - "matchCriteriaId": "825524E0-BB01-4CAD-9F65-95E096467D28" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq6000_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA7A5C46-48BF-42A9-A477-A660C6D7B437" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq6000:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EDB79382-19D6-4A67-9013-7099A9C58829" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq6010_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A5CF970F-17AE-4C59-89A5-5B41A41E1DE0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq6010:-:*:*:*:*:*:*:*", - "matchCriteriaId": "71C54A70-AAA8-4B5E-AC1B-471A5C7E79B0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq6018_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B04589FF-F299-4EF6-A57B-1AD145372DBB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq6018:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FDC1ADAD-DA77-47EF-8DB9-C36961C560C2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq6028_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "06126F30-D081-4A11-92FB-4074A451FAF9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq6028:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E2550040-CCC7-4B52-8D3E-7948B3E3C62B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8064_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7A1CC1C1-F2CA-4C43-B9E9-1288C3496C7B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8064:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AC82552A-9E7C-4A13-B7A5-43CEA218675C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8065_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9F37542D-35FD-4B15-8882-DD7543FF4E3D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8065:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1A7A9919-4B34-4960-ADC7-04A176579B80" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8068_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A3CB8796-7976-4077-BFF3-04DAEF5C8DDF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8068:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E848E5C5-F6C6-4FA1-93A6-C7737D69BB15" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8070_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C670A4C5-1F17-4F1E-91DC-A33A9BA8878A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8070:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ACC9F136-90A7-486F-AF2A-EC60125E5AF8" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8070a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "711FC14F-4DED-4F90-9BA5-0036537E6DCF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8070a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "302F06C0-4835-4CD6-B745-BF7B704C3C86" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8071a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "623ED6A2-EE37-458E-BEFA-8BAD08256AE8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8071a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "53449B68-4C58-4AEB-82B7-72726ADE0E2C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8072a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "93E5DB9B-F388-49F3-ABD5-CE773FC4B045" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8072a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0137E60A-1869-479C-9B4B-378E5FCCBA1D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8074a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5C7691C2-C4F8-4F23-9B5F-5E8FE0E2293E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8074a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "02BF2E50-E2A4-44FF-9748-ED96C0C1AB5F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8076_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "966392A8-DD8E-4AA1-B407-5BF2D937139E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8076:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A211C022-8EDF-4B76-89D6-599812900446" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8076a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EF245F8E-C056-4BEF-982E-9616F8C65CD6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8076a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CE302EF9-165F-47F9-B0D6-BE1E3D8C6C65" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8078_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A24951FD-C4AB-4988-A1DD-019412430AC6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8078:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EFEC5D65-C1E3-40ED-9FE3-8DF888CA2654" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8078a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DF609C6C-CD50-423A-A75E-83C730296089" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8078a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B8B35C18-9A01-41E1-8CE9-D8FA7E4A25ED" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8173_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8890C528-C2A3-4148-A397-85B63FB920C4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8173:-:*:*:*:*:*:*:*", - "matchCriteriaId": "81494D75-1D4D-4DC5-AF67-F83FD562DBB9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8174_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6BB84228-3083-4048-8E83-E1F30B537223" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8174:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EB58F259-62BA-40B9-BD71-960F25D20BED" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq9008_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "78A6F4F3-0CE3-4A02-B615-63E76C93ADC4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq9008:-:*:*:*:*:*:*:*", - "matchCriteriaId": "31D07608-80F7-44AA-BE91-1F97FC1CE313" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq9574_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0327D8C9-DD6B-4831-BBD4-2EE57A351493" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq9574:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0C866E83-23ED-495C-AA5A-0B01973674BF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:pmp8074_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F9B58B4E-86B7-4EB2-B78A-5E35FBA4A4FF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:pmp8074:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0EF03806-39CD-4B54-BA5C-D1C808E46621" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qam8295p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C2D9E281-B382-41AC-84CB-5B1063E5AC51" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qam8295p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "44EBEBD5-98C3-493B-A108-FD4DE6FFBE97" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca1062_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7B3F80BD-90EA-4207-BCB2-5E5CE80B599A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca1062:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AEB9196D-4EE0-4978-8A80-C21B5DC0CF21" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca1064_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CBC2C38C-5D5F-49CB-8DF5-35974D13B40B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca1064:-:*:*:*:*:*:*:*", - "matchCriteriaId": "365FE873-2311-44B8-B699-4B2F3459B0B2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca2062_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "54C350AB-526B-4681-9C37-DD508EFFB143" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca2062:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1ACBDBFC-796A-428E-9570-77E488FA1CB3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca2064_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E73670B4-1055-4C65-AD34-EB978ABB19A6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca2064:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C774D66F-60C9-46B8-BE1D-B8D61EE5E844" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca2065_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8C68AE99-4C8C-43AE-94AA-82632FD2BBE4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca2065:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E255A21F-EC50-436F-81D9-8B2AC56D9BCE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca2066_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6366F2ED-C6B7-4579-B304-C5B6DF951EB4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca2066:-:*:*:*:*:*:*:*", - "matchCriteriaId": "09B688AF-E1A4-496C-924C-D6B725CBBE26" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca4024_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C359D1E7-6E0A-41B5-ABE5-B55598960700" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca4024:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B4DC3CE7-0C4A-458B-A42E-8F80C062DD5F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6391_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "83B53119-1B2F-4978-B7F5-33B84BE73B68" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6391:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6FEBC0C5-CAA1-475C-96C2-B8D24B2E4536" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6420_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7E16994A-6DBA-426C-ADD2-B1E8B49FEDBF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6420:-:*:*:*:*:*:*:*", - "matchCriteriaId": "47E674DE-55AB-44E5-8E00-C804FC9D4DC0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6421_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "503CEDEF-99D0-4432-88A0-295340743606" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6421:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CE9115A0-0D87-49BE-9A9B-091DBF8D9E6E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6426_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A344E78F-D15A-460E-8EF8-7C6FC39F2D5E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6426:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8FF5EC23-4884-4C2B-8E77-50B1E8E28A3D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6430_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "95AFC483-1468-43FC-96FA-A56165C290E0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6430:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0A963FDF-6FF4-4F48-834E-2A14D241716D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6431_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "76FD6A24-B6F4-4C65-968F-AFF90A1A60B8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6431:-:*:*:*:*:*:*:*", - "matchCriteriaId": "34661A30-92C3-4F0D-ABD1-8DA8E928DFF9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6436_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "04F574BC-9AB2-4B83-A466-556ECEBBD3DF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6436:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A34D021D-C043-4EFD-9AB3-B2174528CBA3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6554a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0B1397F3-8CCF-4BBA-9F0F-A12E4F045754" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6554a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F5888224-567D-4C84-BE6D-17B636BF506C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6564au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B59672A0-2FA6-46CC-B75A-C599B842AFB9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6564au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3847F4A5-90A5-4C84-B43F-0DDD81BD79CE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6574_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9B828AC8-4A01-4537-B2BD-8180C99F5C32" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6574:-:*:*:*:*:*:*:*", - "matchCriteriaId": "66C16E1E-9D4A-4F20-B697-833FDCCA86FB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6574a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "828CFB37-76A6-4927-9D00-AF9A1C432DD6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6574a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "11405993-5903-4716-B452-370281034B42" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6574au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D527E2B1-2A46-4FBA-9F7A-F5543677C8FB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6574au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8374DDB3-D484-4141-AE0C-42333D2721F6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6584au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C3DDA896-576C-44B8-85B6-F71F473F776B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6584au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "51A87BDA-5B24-4212-BAB3-D2BBB2F4162E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6595_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "643EC76D-2836-48E6-81DA-78C4883C33CA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6595:-:*:*:*:*:*:*:*", - "matchCriteriaId": "477F6529-4CE1-44FC-B6EE-D24D44C71AE7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6595au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "288F637F-22F8-47CF-B67F-C798A730A1BD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6595au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D0996EA3-1C92-4933-BE34-9CF625E59FE7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6678aq_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D001127D-8160-42F0-B8B9-2FAA2976B530" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6678aq:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C9EB615F-FD4C-450B-AB25-E936FD9816C4" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6696_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0AE207DB-9770-40ED-961D-FDA75965826F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6696:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0E23922D-C37F-476F-A623-4C1458A9156F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6698aq_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5FA1F8F4-EAF2-4704-A8A6-19AD3CA1B577" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6698aq:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B3F7853D-09EE-476F-B48D-BB30AEB4A67D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8072_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1F4012FC-F0D9-41DE-BC2A-FBDD1B212540" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8072:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B16C4C53-F8BA-48D2-A7EE-90A06499722D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8075_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CC8A5A87-7D62-4EB7-962A-0F160DE3E889" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8075:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7B68D126-7F49-4FFA-8AF8-78120973D78E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8081_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1D1C53DC-D2F3-4C92-9725-9A85340AF026" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8081:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ED0585FF-E390-46E8-8701-70964A4057BB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8082_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EB1F2E8B-1ED2-473D-AFD8-F2590F6BD414" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8082:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FBDA9657-7D30-41FD-8112-F53E6C69D53A" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8084_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1B9045A8-BA53-43C4-B24D-5EF320DE7A4A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8084:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3D6E8939-AFA3-41AC-B811-BCC282A43106" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8085_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B87335A8-DC52-478E-B19F-0C4CC63132EA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8085:-:*:*:*:*:*:*:*", - "matchCriteriaId": "99C34523-FE2A-4DDC-9A8A-D9072F3D0FD3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8337_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2FA8F9DA-1386-4961-B9B2-484E4347852A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8337:-:*:*:*:*:*:*:*", - "matchCriteriaId": "117289C8-7484-4EAE-8F35-A25768F00EED" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8386_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "08E9E6CB-2216-4AF2-81C2-D482598298BE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8386:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4774FAA6-6141-4B08-819C-58D4D9A2B69F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9886_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "311229F9-4A32-462D-AE8D-E5E2B2C416CE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9886:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5A523C3F-FB62-4728-8173-4C117C28AC5A" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9888_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EF227702-EEFC-43CC-AC80-81EA6E4927E0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9888:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AE5DFEA5-EA29-40B6-83DB-883B276E8245" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9889_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "728CCD27-ED06-49FD-AECD-9B0856813EDF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9889:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1D181868-AE93-4116-B45F-81D94F537227" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9980_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DCBC53AC-E040-40E0-B09B-4117E641C9D4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9980:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7AE49086-E95B-4852-8A09-16A83DD63EC9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9984_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "93BA2DC9-5B4F-4F8F-8B3D-8DA01043B9BD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9984:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8FA8880F-E513-4390-B839-C5D86E7A89EB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9985_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ED6C33CE-635A-415F-9F4E-70E2D86A06D3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9985:-:*:*:*:*:*:*:*", - "matchCriteriaId": "124FF4F3-0490-4CB8-8689-5F0FA6D9230F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9986_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "70DBC461-DFD7-419E-8241-B55913315D45" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9986:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4E9EC919-0F83-49F3-807B-CD4B27AAE741" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9990_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "991D9592-D61E-4777-8B59-EB004F09998E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9990:-:*:*:*:*:*:*:*", - "matchCriteriaId": "37A829C8-5BA3-4B13-9033-30FCD5B78B70" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9992_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5D8FB66C-5616-4C3A-9CAE-7610519ACA1A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9992:-:*:*:*:*:*:*:*", - "matchCriteriaId": "408C8494-E7D8-4F99-9B04-7E84A31C799B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9994_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BD5B18AA-0699-4F21-9D3E-C45B071B4903" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9994:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DDC4C800-C9E3-4DB0-AE99-3F75D3660DEC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcm4490_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DA506489-4338-44DF-8F92-12E60AF0048C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcm4490:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A8718C37-A82A-4A08-A887-3F22B37601A9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcm6490_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ADD6D51E-5787-42A6-8A02-4EBBAFFF9C94" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcm6490:-:*:*:*:*:*:*:*", - "matchCriteriaId": "99AA0291-B822-4CAD-BA17-81B632FC3FEF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5021_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B0F7D48A-7D06-46C5-A093-FAA12666A666" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5021:-:*:*:*:*:*:*:*", - "matchCriteriaId": "58DF7FA9-72B4-454D-AED7-ED9531B118BC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5022_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "478B79F0-D257-41B2-965B-3E251A584D45" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5022:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8B6D2C9D-1BF9-4D78-90FB-B7633DD87E67" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5024_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "63965F19-033E-4755-B9CA-EF409EC339A3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5024:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CCA0E68F-6D5F-4C20-AABC-26CA6867D3D6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5052_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "85740DB4-3B08-48A4-ACAF-7BBB2612009A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5052:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8A0BD404-5EBA-4988-91B6-ECE8FCF4F041" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5054_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2D6190FE-17A6-48CE-AA34-5DCF01362E9F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5054:-:*:*:*:*:*:*:*", - "matchCriteriaId": "09AB1C26-7ED2-431E-8EA4-8ACB16857A01" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5122_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "290BFC8A-0D76-4BCD-B059-2DAFD368A10C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5122:-:*:*:*:*:*:*:*", - "matchCriteriaId": "936A308A-92B9-468C-9BC6-8FD71C7C2315" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5124_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2A9F76FF-96D3-4BCE-918D-B3B0ADA3E8E0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5124:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2908A543-EFE4-477D-9CF3-76534B2E6CF6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5152_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0EAE1EBF-AD14-4C07-99B5-2547A5196B20" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5152:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D4829FF9-C0BA-4E40-A01A-3EF179462029" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5154_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0ED3ED74-C2D0-4A84-A2F8-392818E5CD20" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5154:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4F1CA219-959D-481A-8622-69F1825832FB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5164_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5F6EAD64-D133-42C4-92ED-90C49938C0F1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5164:-:*:*:*:*:*:*:*", - "matchCriteriaId": "93E7ED58-C5A7-4F78-8233-750780CCAB16" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6023_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "63FF89C5-3BBF-4A13-8A3B-F490C2FA1A95" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6023:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6784EC5F-2C26-49C5-9A03-6FD2056C04EF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6024_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A49DBE04-E2EA-4DA1-B774-A878A71524AC" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6024:-:*:*:*:*:*:*:*", - "matchCriteriaId": "69E98386-3BB2-4E8C-AD00-E05123608439" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6100_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4730B8E7-C884-4AFA-ACB5-D0F39A993D18" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6100:-:*:*:*:*:*:*:*", - "matchCriteriaId": "98CB565F-FE4A-4B52-96CB-AA769E985230" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6102_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C37D96A3-0466-4FC4-9E56-35B55C3FA970" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6102:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9D55BAB4-2AC5-419C-B405-C1AA022DAA24" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6112_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6300827E-F6F0-490B-8043-38DD415E3161" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6112:-:*:*:*:*:*:*:*", - "matchCriteriaId": "58F6B4C5-2C26-4A13-BA10-5B70805AD8B6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6122_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1A988BD3-71D8-4F2B-9EC2-8E385B114114" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6122:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1E7049A3-9F35-465F-9B2E-96788E54EC63" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6132_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A59FBBDC-0495-422C-B25A-FFDF94D33C34" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6132:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F6E55C06-45EE-4144-8CBC-4D41DDE4D899" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9000_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5BCCFF8B-4857-439D-BD4A-EB35672F474B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9000:-:*:*:*:*:*:*:*", - "matchCriteriaId": "86896D55-89F5-440B-9082-916E486B65D9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9001_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E02C2FD8-3434-4407-99E3-EE1779C18117" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9001:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AC3468C1-CF50-4ED2-BD91-D1D140653CFC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9002_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6694BAC2-6E3B-4589-8BEA-6B5219267D19" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9002:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EF54E749-D512-45DE-841D-6199623C7099" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9003_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6128C715-8085-47A8-9EE3-F8C67FC1236B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9003:-:*:*:*:*:*:*:*", - "matchCriteriaId": "73B9F6F0-2F3A-4A4E-91A1-39EE598E22A5" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9011_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9306C34D-47E4-40CF-89F4-BA5263655D13" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9011:-:*:*:*:*:*:*:*", - "matchCriteriaId": "02BA009F-24E1-4953-BA95-2A5BC1CDBDBB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9012_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "61F34DD2-9DC0-49E5-BC85-1543EA199477" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9012:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1A06879F-6FE9-448A-8186-8347D76F872B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9022_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "36A10EB2-E7A2-461F-836E-FC38B9428C98" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9022:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A457C1D6-A026-4B5F-9CB1-FA795785A515" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9024_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A64CDA49-19BF-413F-A0E0-2B9729E45E25" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9024:-:*:*:*:*:*:*:*", - "matchCriteriaId": "345CCD64-C09E-407D-AAA2-311C4CCFE24F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9070_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2C10CAAC-FD93-4116-9F0C-E983B3693FAF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9070:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9FEC2402-BA39-49BB-A34C-FF32ED44A158" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9072_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "809FD84D-11C5-4EE3-B830-62CF5F6CB1BC" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9072:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DFD77A52-D53C-424F-9E17-160B710469C3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9074_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "65303C2D-C6BF-47CB-8146-E240CB8BBE42" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9074:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A6B03022-497A-4F42-BB4D-5624EA7DF1B9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9100_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B31EEE9E-CDEC-4E88-B950-3413205E483E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9100:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3E1E341A-7DDD-47E5-BB5F-0666482B41C0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9274_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9129A244-AB8C-4AA4-BFBB-37F84D66BD3E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9274:-:*:*:*:*:*:*:*", - "matchCriteriaId": "41F243A1-3C0B-4780-95BF-69A4E1A91F18" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs4490_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3336CDD7-9E7B-4FFB-A5CE-594B19B63A6C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs4490:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1197E229-1E27-4CA3-A386-B77FAE5DFE1A" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs6490_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "403AE561-6C9E-49F3-A5D6-C48DDD51D663" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs6490:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6FAC140F-FC5E-4C88-B777-7F5EBF49A695" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs8250_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1CDDD37F-4C3A-4955-9AFB-7774021A0198" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs8250:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2D13E375-0562-4263-8452-53E117F14E83" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qrb5165m_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D9CC1C8B-F642-4068-B9E3-ECE027486E45" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qrb5165m:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A60F8378-B827-4557-B891-A8A02F8F2A25" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qrb5165n_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "97BB1EB7-D194-4FE2-B4F6-A7A52F344DDE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qrb5165n:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA2C90E7-0F3A-43BB-ABF7-63CEA7A85ADA" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qsm8250_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8C194363-7FDE-43C9-B6FE-2BD6B474816F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qsm8250:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B8CC9433-6B33-4B9C-8EC3-BBBB43897E5C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qsm8350_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1894F6B9-31DA-44E8-AA28-064F73EBEE8D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qsm8350:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8AA23845-D9F5-4035-8A93-F475D865586F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qualcomm_robotics_rb5_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "32DBC0A1-B059-4143-B34E-072E58E9A0E2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qualcomm_robotics_rb5_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4EDC9F7D-F6D8-4526-BAB6-22875B40715F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa4150p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0DC99C0C-8AE3-4918-B91D-2C26990FE931" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa4150p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A558A868-1B67-48D2-8A94-FDEA7126FAE7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6145p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C66671C1-AE1A-44BE-9DB2-0B09FF4417DB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6145p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "74AA3929-3F80-4D54-B13A-9B070D5C03BB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6150p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "054F77D6-FC66-4151-9005-DC7ECDB5C722" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6150p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8ED3F589-16D9-46A7-A539-C9862473EE0D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6155_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4C40544E-B040-491C-8DF3-50225E70B50C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6155:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A2DAC85C-CDC9-4784-A69A-147A2CE8A8B2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6155p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8DC40C14-3B2D-4E00-9E0F-86E6BDBF2D81" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6155p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0514D433-162C-4680-8912-721D19BE6201" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8145p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A71D74B0-0963-49FD-8E97-148C8993B263" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8145p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "910CBFA4-50F7-4C7A-B9B9-B88C8A919827" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8150p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "69C1B02F-8D2D-42E7-B70D-41F4D9844FD1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8150p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3FEACAA9-C061-4713-9A54-37D8BFC0B00B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8155_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F33EB594-B0D3-42F2-B1CA-B0E6C9D82C6B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8155:-:*:*:*:*:*:*:*", - "matchCriteriaId": "50EF47E5-2875-412F-815D-44804BB3A739" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8155p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C8648B38-2597-401A-8F53-D582FA911569" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8155p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A01CD59B-8F21-4CD6-8A1A-7B37547A8715" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8195p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "51BC0A66-493B-43BE-B51F-640BDF2FF32E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8195p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D8DA4D12-7ABF-4A04-B44E-E1D68C8E58AB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8295p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2A19659B-A0C3-44B7-8D54-BA21729873A4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8295p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F978041A-CE28-4BDF-A7DB-F0360F1A5F14" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180x\\+sdx55_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C751ABFE-3B9B-472B-A10C-277270790D95" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180x\\+sdx55:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C819454D-D413-478A-B78D-CFF6994803A1" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd_8_gen1_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "76910884-45D9-4EA2-BA30-44A8C7CC1339" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd_8_gen1_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "33D393A6-4586-4416-86EB-F9D86DC3DED8" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd865_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "72433485-B229-46A6-BCA4-394AA4EEA683" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd865_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "04D40EC4-BF31-4BFD-8D0A-8193F541AF02" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd888_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "79219DA5-0D09-4CEF-AEFD-917F269AE7DF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd888:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4D30BACF-71C1-4A6D-8811-9AD708A98307" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sdx55_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E93FB34B-3674-404D-9687-E092E9A246AB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sdx55:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F3FF5A9A-A34A-499C-B6E0-D67B496C5454" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm7315_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A4508742-7D97-43D8-B8F5-041F4C588723" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm7315:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CF8C63E8-169F-4164-BD49-348ED894813F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm7325p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4BEC725F-19B1-4078-B13D-CE624BE23344" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm7325p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4EA43E38-A12D-49C3-B05C-A2AF07ED2710" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_778g_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "87ECCB82-B880-412D-A635-CA6F0B035F2B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_778g_5g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "424743C4-CE74-4A02-835A-023C9DA0CFAC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_778g\\+_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "14EA48BF-BD65-43B2-8DC1-D97F75AD6FE5" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_778g\\+_5g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B86E317F-12BF-42F6-879B-88A85F7E3F81" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_780g_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A4C68227-8928-41C4-A6B8-CD142C018AB6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_780g_5g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "38E60ED4-9FB7-481E-915B-B7576566E0BC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_782g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "194A4BD4-0DDF-49E5-AA89-40A5BFB71933" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_782g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "72FF9732-40D8-4C12-8259-BAA16FAB5A56" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_7c\\+_gen_3_compute_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C4A050CA-8514-400A-A6B3-F513CC93CA14" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_7c\\+_gen_3_compute:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BD850305-1E76-4952-A3FB-F6229CBF7FE9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_8_gen_1_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EB8FA32F-4690-4C5B-8968-474DA32FD0A4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_8_gen_1_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "59BD8BEA-725A-4158-84BE-4AFD476ED03D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_8\\+_gen_1_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "59CB6F2F-7C95-498B-9F9E-728930FD24A7" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_8\\+_gen_1_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "284E62AF-2E4D-4E82-AC9A-F27DA71735EF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_865_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6C9F4285-1F09-40CD-B1AA-84B406FD6A71" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_865_5g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8623DD44-DFDD-442D-9789-11A527A450A4" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_865\\+_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "22303AD4-779C-45A3-8F33-3864C45E4328" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_865\\+_5g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B8EC440D-D420-4477-8F14-427245B80631" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_870_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "41446A77-6EF3-4570-BAD2-4C761A2C4E7F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_870_5g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "448C401B-EF07-4385-A7B4-123D7808F64F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_888_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "22A78236-5965-4F65-9001-3FE7FF6D27E8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_888_5g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "414C5C1D-A5DA-47C7-B6C9-3564DD4DD911" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_888\\+_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "01CBD543-635C-4C57-87B7-55DD3BA3C1A2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_888\\+_5g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6A7272B6-AADB-4CCD-B041-66170C313C76" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_8c_compute_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DC63E59F-CB68-435C-B1A4-7DA5D722142F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_8c_compute_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "088D62A3-1FE5-42D6-9231-41DDE4DA37EF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_8c_compute_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DC63E59F-CB68-435C-B1A4-7DA5D722142F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_8c_compute_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "088D62A3-1FE5-42D6-9231-41DDE4DA37EF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_8cx_compute_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "36903AF3-4E2D-4990-B021-A1D980229077" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_8cx_compute_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "472928D4-90F4-402D-B1F2-0CE358326A10" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_8cx_compute_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "36903AF3-4E2D-4990-B021-A1D980229077" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_8cx_compute_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "472928D4-90F4-402D-B1F2-0CE358326A10" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_8cx_gen_2_5g_compute_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C7ACDB5B-A32C-43A1-9086-D081E9FFF9AA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_8cx_gen_2_5g_compute_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "583E50CC-2017-4092-A21E-7AAC53F53A25" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_8cx_gen_2_5g_compute_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C7ACDB5B-A32C-43A1-9086-D081E9FFF9AA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_8cx_gen_2_5g_compute_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "583E50CC-2017-4092-A21E-7AAC53F53A25" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_8cx_gen_3_compute_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7C155F86-467F-4B57-950E-12FAAB570B01" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_8cx_gen_3_compute_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "71E06B94-9463-49A6-B816-E8A82BEA8545" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_ar2_gen_1_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5C1AB7D4-FB11-4020-A4A0-8F40D98C07F1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_ar2_gen_1_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FB6053F0-5E34-458A-B084-078E4D4F4021" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_auto_5g_modem-rf_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "88AF39A5-F44E-4B14-AA6E-4F80D9EEB017" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_auto_5g_modem-rf:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2A25FE8F-555A-4D85-8A94-A808B62EAE86" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_x55_5g_modem-rf_system_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AAFF2095-4257-40C9-8C48-B38C143159ED" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_x55_5g_modem-rf_system:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7FEA2F1D-7D07-4684-BDC1-24224A53A8BC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_x65_5g_modem-rf_system_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F74BF53E-DFA1-4750-A638-FE7572B79D16" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_x65_5g_modem-rf_system:-:*:*:*:*:*:*:*", - "matchCriteriaId": "226D1ABD-E4AD-487E-88EB-4C66D51DB33D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_xr2_5g_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1A129620-8241-4A47-AAC8-CC7E10A09C9C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_xr2_5g_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4CEDD78E-124C-4216-9B57-3B7B53463659" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_xr2\\+_gen_1_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BF9740EB-F82E-42EA-993E-A393B05CC6BB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_xr2\\+_gen_1_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "022A5532-03F7-4FB8-BA0D-4221178C9486" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_auto_4g_modem_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3C8F12FE-0057-4A13-9A7F-D12C114ECEF9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_auto_4g_modem:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1271B0C7-2D91-4129-9B58-E6689DD68C39" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ssg2115p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A146E52D-4AFC-47B4-920F-DAC76077DF25" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ssg2115p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2BA4BA00-C8D1-4DAC-8030-CB5EEC7D4591" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ssg2125p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EA41907C-1CDE-42F3-B21D-5D53B2F06AF7" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ssg2125p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EDC270A7-205C-41EB-A2E5-2A381A16BFBB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sxr1230p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BE3236D6-0D01-4D05-B580-8888B99BAA5D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sxr1230p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7E1753FC-F3CD-4B50-886D-8E16D9301A84" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sxr2130_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9F9FA3B1-E4E4-4D9B-A99C-7BF958D4B993" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sxr2130:-:*:*:*:*:*:*:*", - "matchCriteriaId": "95762B01-2762-45BD-8388-5DB77EA6139C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sxr2230p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CD6444F6-A477-4B4C-8A09-C22C47CCE45B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sxr2230p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F3E20681-4FC4-46E2-AF77-BCF03BC8E77E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9340_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8BA28CC6-C8BB-4F50-BFE3-A59F664A4F54" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9340:-:*:*:*:*:*:*:*", - "matchCriteriaId": "94D2BDF1-764C-48BA-8944-3275E8768078" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9341_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CE852339-1CAE-4983-9757-8F00EDEF1141" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9341:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4D9E96B3-F1BB-46F8-B715-7DF90180F1E1" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9360_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C4D6C6B2-36DC-4D0D-AFF8-2108A090A78D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9360:-:*:*:*:*:*:*:*", - "matchCriteriaId": "28FEB3B1-F641-436D-AC4F-3304C37167C4" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1295D869-F4DD-4766-B4AA-3513752F43B4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9370:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B98784DC-3143-4D38-AD28-DBBDCCAB4272" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9375_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "34143ABA-7D09-429F-A65C-3A33438BF62C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9375:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9D56DFE3-5EF1-4B23-BBD5-0203FBF9CCEC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "70292B01-617F-44AD-AF77-1AFC1450523D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FA94C6D6-85DB-4031-AAF4-C399019AE16D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "92B17201-8185-47F1-9720-5AB4ECD11B22" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E1FA2EB9-416F-4D69-8786-386CC73978AE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3950_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3FEF2DB6-00F5-4B07-953B-EF58B31267F1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3950:-:*:*:*:*:*:*:*", - "matchCriteriaId": "120E8F0F-EBEB-4565-9927-2D473F783EF7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9C6E9038-9B18-4958-BE1E-215901C9B4B2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3980:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B36D3274-F8D0-49C5-A6D5-95F5DC6D1950" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn6740_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FB5DB2B8-25E1-4C0F-8AFB-7627FF9A04E1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn6740:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9BB21B3F-6D07-4B45-8A71-DC5490176296" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "15307882-7039-43E9-9BA3-035045988B99" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA85B322-E593-4499-829A-CC6D70BAE884" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E839A0B9-64C3-4C7A-82B7-D2AAF65928F8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7E870D82-DE3B-4199-A730-C8FB545BAA98" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "11B69595-E488-4590-A150-CE5BE08B5E13" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BF680174-5FA6-47D9-8EAB-CC2A37A7BD42" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7ACAD26E-B79E-4659-91A5-D301281F7D36" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8832:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F0E46DA6-9494-4D92-A4AE-A272AF6ACCCC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F80BC68E-7476-4A40-9F48-53722FE9A5BF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6B36F4B2-BAA3-45AD-9967-0EB482C99708" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.qualcomm.com\/company\/product-security\/bulletins\/september-2023-bulletin", - "source": "product-security@qualcomm.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-28549", - "sourceIdentifier": "product-security@qualcomm.com", - "published": "2023-09-05T07:15:13.437", - "lastModified": "2024-04-12T17:17:03.490", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Memory corruption in WLAN HAL while parsing Rx buffer in processing TLV payload." - }, - { - "lang": "es", - "value": "Corrupción de memoria en WLAN HAL al analizar el búfer Rx en el procesamiento del payload TLV." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - }, - { - "source": "product-security@qualcomm.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-119" - } - ] - }, - { - "source": "product-security@qualcomm.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-119" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:315_5g_iot_modem_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A85141A5-667F-41BB-B84D-908E73A86759" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:315_5g_iot_modem:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3AC9E0F8-6E27-4F6B-A667-786272632A24" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:aqt1000_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EC6FCE91-BF38-49ED-8FFB-429BAFEE7832" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:aqt1000:-:*:*:*:*:*:*:*", - "matchCriteriaId": "715A9F94-5F9E-45E5-B07B-699410C01478" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ar8035_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C88B9C86-2E8E-4DCE-A30C-02977CC00F00" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ar8035:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EE473A5A-5CFC-4F08-A173-30717F8BD0D7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ar9380_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B032F871-3EC2-427D-A06F-681A58075925" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ar9380:-:*:*:*:*:*:*:*", - "matchCriteriaId": "73286FFB-C267-46B7-8FEF-C96534656AF9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:csr8811_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D4CAA848-413D-4C63-823B-BFCE95C7740C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:csr8811:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1AA32CC0-DE30-4B15-8EC6-1FAF14C5C4E2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:csrb31024_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1EBF42F8-50BA-4172-A3A0-7FD1BA4B3ED3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:csrb31024:-:*:*:*:*:*:*:*", - "matchCriteriaId": "770F3924-BE27-4BDE-B922-680B3C9753EB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:fastconnect_6200_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CDE1CBDE-3D28-463C-B215-AA7DF373EF09" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:fastconnect_6200:-:*:*:*:*:*:*:*", - "matchCriteriaId": "66BD3B88-7CF9-482D-A2DD-67F6ACF4CC57" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:fastconnect_6700_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "82B82E87-F3F4-466F-A76B-C8809121FF6F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:fastconnect_6700:-:*:*:*:*:*:*:*", - "matchCriteriaId": "419A132E-E42C-4395-B74B-788A39DF1D13" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:fastconnect_6800_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D89F035A-2388-48FC-AEBB-8429C6880F4A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:fastconnect_6800:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CA13EF4E-AAE6-45F4-9E41-78310E37CE81" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E670F500-9B71-4BBE-B5DA-221D35803C89" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:fastconnect_6900:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9ADEB5C5-B79A-4F45-B7D3-75945B38DB6C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B3053D68-C5D8-4D47-A4F0-9F3AF2289E1D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:fastconnect_7800:-:*:*:*:*:*:*:*", - "matchCriteriaId": "638DBC7F-456F-487D-BED2-2214DFF8BEE2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:flight_rb5_5g_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AD36089F-92DF-49EC-9C6F-4300E4903CB2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:flight_rb5_5g_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D19A754C-6900-4436-916D-F5361E0BC324" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:immersive_home_214_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4C241123-63B1-4CA2-A3CB-BADA86EAAA2E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:immersive_home_214_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "66E4B95D-966A-4940-A403-9E8241F121C2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:immersive_home_216_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "68309F58-91D9-407E-9578-17EAF6836E07" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:immersive_home_216_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A0D491A9-6A1F-4B62-9A30-5A9F592BD5B5" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:immersive_home_316_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA6CA3E5-7A0F-4705-985E-0C25DE609494" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:immersive_home_316_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8DC770BF-4B23-4F43-A0B9-E5FE41536F5E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:immersive_home_318_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "84B4531C-9D90-4A9B-8724-1428372319C8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:immersive_home_318_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "497EC79B-0879-4FA2-A5B7-63EA54FC20A5" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq4018_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1D65E62B-95CA-4229-A61B-F4FB70466B6E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq4018:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1339CEEF-34C9-426E-864B-6C7B68E72CAA" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq4019_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "94CB547F-0078-47CD-B511-06DE96882D5A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq4019:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA679375-BB14-4B24-8AD9-B2BFBACE2FDB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq4028_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3525CD2A-CE43-4B42-B8C2-9B19B2551214" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq4028:-:*:*:*:*:*:*:*", - "matchCriteriaId": "010DBDB1-F1A3-4805-BDD2-84CBFA0A0BE1" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq4029_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3D21F293-B9C7-46CB-8D83-BEE27E899BC3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq4029:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C4BA4D00-D7B2-4152-BD82-E6F572655AF3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq5010_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8543C671-054B-489F-ACFE-B7D7BEC1DEE6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq5010:-:*:*:*:*:*:*:*", - "matchCriteriaId": "15C5F8CB-3291-4E13-94F0-680FC85A9669" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq5028_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5AE3085F-59BE-46A0-9A96-65CFAB7DFEAE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq5028:-:*:*:*:*:*:*:*", - "matchCriteriaId": "825524E0-BB01-4CAD-9F65-95E096467D28" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq6000_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA7A5C46-48BF-42A9-A477-A660C6D7B437" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq6000:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EDB79382-19D6-4A67-9013-7099A9C58829" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq6010_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A5CF970F-17AE-4C59-89A5-5B41A41E1DE0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq6010:-:*:*:*:*:*:*:*", - "matchCriteriaId": "71C54A70-AAA8-4B5E-AC1B-471A5C7E79B0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq6018_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B04589FF-F299-4EF6-A57B-1AD145372DBB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq6018:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FDC1ADAD-DA77-47EF-8DB9-C36961C560C2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq6028_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "06126F30-D081-4A11-92FB-4074A451FAF9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq6028:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E2550040-CCC7-4B52-8D3E-7948B3E3C62B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8064_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7A1CC1C1-F2CA-4C43-B9E9-1288C3496C7B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8064:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AC82552A-9E7C-4A13-B7A5-43CEA218675C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8065_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9F37542D-35FD-4B15-8882-DD7543FF4E3D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8065:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1A7A9919-4B34-4960-ADC7-04A176579B80" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8068_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A3CB8796-7976-4077-BFF3-04DAEF5C8DDF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8068:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E848E5C5-F6C6-4FA1-93A6-C7737D69BB15" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8070_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C670A4C5-1F17-4F1E-91DC-A33A9BA8878A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8070:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ACC9F136-90A7-486F-AF2A-EC60125E5AF8" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8070a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "711FC14F-4DED-4F90-9BA5-0036537E6DCF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8070a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "302F06C0-4835-4CD6-B745-BF7B704C3C86" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8071_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA6FF982-7B4C-40F8-8A79-49CD234930DF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8071:-:*:*:*:*:*:*:*", - "matchCriteriaId": "77052755-6A86-4ED7-B45C-32F884D27C64" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8071a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "623ED6A2-EE37-458E-BEFA-8BAD08256AE8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8071a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "53449B68-4C58-4AEB-82B7-72726ADE0E2C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8072_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "83357A1C-633B-4814-ABB5-A8AC2AC12990" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8072:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8C4A7555-7224-403A-9B7D-23D1622623B7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8072a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "93E5DB9B-F388-49F3-ABD5-CE773FC4B045" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8072a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0137E60A-1869-479C-9B4B-378E5FCCBA1D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8074_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2914BF98-E69C-4C8D-8B10-759642ADD7B4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8074:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2118C404-402F-463C-8160-3CC3B703DF30" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8074a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5C7691C2-C4F8-4F23-9B5F-5E8FE0E2293E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8074a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "02BF2E50-E2A4-44FF-9748-ED96C0C1AB5F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8076_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "966392A8-DD8E-4AA1-B407-5BF2D937139E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8076:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A211C022-8EDF-4B76-89D6-599812900446" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8076a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EF245F8E-C056-4BEF-982E-9616F8C65CD6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8076a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CE302EF9-165F-47F9-B0D6-BE1E3D8C6C65" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8078_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A24951FD-C4AB-4988-A1DD-019412430AC6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8078:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EFEC5D65-C1E3-40ED-9FE3-8DF888CA2654" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8078a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DF609C6C-CD50-423A-A75E-83C730296089" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8078a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B8B35C18-9A01-41E1-8CE9-D8FA7E4A25ED" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8173_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8890C528-C2A3-4148-A397-85B63FB920C4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8173:-:*:*:*:*:*:*:*", - "matchCriteriaId": "81494D75-1D4D-4DC5-AF67-F83FD562DBB9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8174_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6BB84228-3083-4048-8E83-E1F30B537223" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8174:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EB58F259-62BA-40B9-BD71-960F25D20BED" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq9008_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "78A6F4F3-0CE3-4A02-B615-63E76C93ADC4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq9008:-:*:*:*:*:*:*:*", - "matchCriteriaId": "31D07608-80F7-44AA-BE91-1F97FC1CE313" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq9574_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0327D8C9-DD6B-4831-BBD4-2EE57A351493" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq9574:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0C866E83-23ED-495C-AA5A-0B01973674BF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:pmp8074_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F9B58B4E-86B7-4EB2-B78A-5E35FBA4A4FF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:pmp8074:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0EF03806-39CD-4B54-BA5C-D1C808E46621" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qam8295p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C2D9E281-B382-41AC-84CB-5B1063E5AC51" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qam8295p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "44EBEBD5-98C3-493B-A108-FD4DE6FFBE97" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca1062_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7B3F80BD-90EA-4207-BCB2-5E5CE80B599A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca1062:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AEB9196D-4EE0-4978-8A80-C21B5DC0CF21" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca1064_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CBC2C38C-5D5F-49CB-8DF5-35974D13B40B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca1064:-:*:*:*:*:*:*:*", - "matchCriteriaId": "365FE873-2311-44B8-B699-4B2F3459B0B2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca2062_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "54C350AB-526B-4681-9C37-DD508EFFB143" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca2062:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1ACBDBFC-796A-428E-9570-77E488FA1CB3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca2064_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E73670B4-1055-4C65-AD34-EB978ABB19A6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca2064:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C774D66F-60C9-46B8-BE1D-B8D61EE5E844" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca2065_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8C68AE99-4C8C-43AE-94AA-82632FD2BBE4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca2065:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E255A21F-EC50-436F-81D9-8B2AC56D9BCE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca2066_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6366F2ED-C6B7-4579-B304-C5B6DF951EB4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca2066:-:*:*:*:*:*:*:*", - "matchCriteriaId": "09B688AF-E1A4-496C-924C-D6B725CBBE26" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca4024_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C359D1E7-6E0A-41B5-ABE5-B55598960700" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca4024:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B4DC3CE7-0C4A-458B-A42E-8F80C062DD5F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6310_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "62DC4FBB-D9CB-43EB-829E-0A892306D0E2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6310:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5B0F8ED6-EAE7-44EA-A8C6-F5AD408261F0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6320_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "886CF046-E1D9-4FD4-AC02-EAB61C3F70FD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6320:-:*:*:*:*:*:*:*", - "matchCriteriaId": "059486E9-3F99-4C65-A763-470564EDAF2C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6391_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "83B53119-1B2F-4978-B7F5-33B84BE73B68" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6391:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6FEBC0C5-CAA1-475C-96C2-B8D24B2E4536" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6420_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7E16994A-6DBA-426C-ADD2-B1E8B49FEDBF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6420:-:*:*:*:*:*:*:*", - "matchCriteriaId": "47E674DE-55AB-44E5-8E00-C804FC9D4DC0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6421_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "503CEDEF-99D0-4432-88A0-295340743606" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6421:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CE9115A0-0D87-49BE-9A9B-091DBF8D9E6E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6426_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A344E78F-D15A-460E-8EF8-7C6FC39F2D5E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6426:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8FF5EC23-4884-4C2B-8E77-50B1E8E28A3D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6428_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8B9382B5-AEB1-41E6-9F25-B0EDC95363C9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6428:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BDFC0DFF-F13A-4804-890C-99AFA0C56D62" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6430_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "95AFC483-1468-43FC-96FA-A56165C290E0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6430:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0A963FDF-6FF4-4F48-834E-2A14D241716D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6431_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "76FD6A24-B6F4-4C65-968F-AFF90A1A60B8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6431:-:*:*:*:*:*:*:*", - "matchCriteriaId": "34661A30-92C3-4F0D-ABD1-8DA8E928DFF9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6436_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "04F574BC-9AB2-4B83-A466-556ECEBBD3DF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6436:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A34D021D-C043-4EFD-9AB3-B2174528CBA3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6438_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F8D7658D-692D-4873-8D41-7682E9ECAEB3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6438:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DB8993C2-1E06-4ACF-B1E8-A62D89EBF4A0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6554a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0B1397F3-8CCF-4BBA-9F0F-A12E4F045754" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6554a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F5888224-567D-4C84-BE6D-17B636BF506C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6564a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "886124F6-B397-4EB6-8E01-6012E468ABE9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6564a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "93ED74CE-6BF2-4983-8780-07D5336745B3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6564au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B59672A0-2FA6-46CC-B75A-C599B842AFB9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6564au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3847F4A5-90A5-4C84-B43F-0DDD81BD79CE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6574_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9B828AC8-4A01-4537-B2BD-8180C99F5C32" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6574:-:*:*:*:*:*:*:*", - "matchCriteriaId": "66C16E1E-9D4A-4F20-B697-833FDCCA86FB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6574a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "828CFB37-76A6-4927-9D00-AF9A1C432DD6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6574a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "11405993-5903-4716-B452-370281034B42" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6574au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D527E2B1-2A46-4FBA-9F7A-F5543677C8FB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6574au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8374DDB3-D484-4141-AE0C-42333D2721F6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6584au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C3DDA896-576C-44B8-85B6-F71F473F776B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6584au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "51A87BDA-5B24-4212-BAB3-D2BBB2F4162E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6595_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "643EC76D-2836-48E6-81DA-78C4883C33CA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6595:-:*:*:*:*:*:*:*", - "matchCriteriaId": "477F6529-4CE1-44FC-B6EE-D24D44C71AE7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6595au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "288F637F-22F8-47CF-B67F-C798A730A1BD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6595au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D0996EA3-1C92-4933-BE34-9CF625E59FE7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6678aq_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D001127D-8160-42F0-B8B9-2FAA2976B530" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6678aq:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C9EB615F-FD4C-450B-AB25-E936FD9816C4" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6696_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0AE207DB-9770-40ED-961D-FDA75965826F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6696:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0E23922D-C37F-476F-A623-4C1458A9156F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6698aq_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5FA1F8F4-EAF2-4704-A8A6-19AD3CA1B577" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6698aq:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B3F7853D-09EE-476F-B48D-BB30AEB4A67D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca7500_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9D4F8296-D8D0-42C6-AAD2-24DA0DB403D4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca7500:-:*:*:*:*:*:*:*", - "matchCriteriaId": "14EC7373-E5F3-4D2B-B727-CAEE772B74BB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8072_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1F4012FC-F0D9-41DE-BC2A-FBDD1B212540" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8072:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B16C4C53-F8BA-48D2-A7EE-90A06499722D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8075_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CC8A5A87-7D62-4EB7-962A-0F160DE3E889" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8075:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7B68D126-7F49-4FFA-8AF8-78120973D78E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8081_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1D1C53DC-D2F3-4C92-9725-9A85340AF026" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8081:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ED0585FF-E390-46E8-8701-70964A4057BB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8082_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EB1F2E8B-1ED2-473D-AFD8-F2590F6BD414" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8082:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FBDA9657-7D30-41FD-8112-F53E6C69D53A" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8084_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1B9045A8-BA53-43C4-B24D-5EF320DE7A4A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8084:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3D6E8939-AFA3-41AC-B811-BCC282A43106" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8085_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B87335A8-DC52-478E-B19F-0C4CC63132EA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8085:-:*:*:*:*:*:*:*", - "matchCriteriaId": "99C34523-FE2A-4DDC-9A8A-D9072F3D0FD3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8337_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2FA8F9DA-1386-4961-B9B2-484E4347852A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8337:-:*:*:*:*:*:*:*", - "matchCriteriaId": "117289C8-7484-4EAE-8F35-A25768F00EED" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8386_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "08E9E6CB-2216-4AF2-81C2-D482598298BE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8386:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4774FAA6-6141-4B08-819C-58D4D9A2B69F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9880_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7F81D132-B2DD-4D09-8561-21A2CFBCC9FA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9880:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F099A893-232B-48FB-81B3-F01AF2A19426" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9886_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "311229F9-4A32-462D-AE8D-E5E2B2C416CE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9886:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5A523C3F-FB62-4728-8173-4C117C28AC5A" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9888_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EF227702-EEFC-43CC-AC80-81EA6E4927E0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9888:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AE5DFEA5-EA29-40B6-83DB-883B276E8245" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9889_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "728CCD27-ED06-49FD-AECD-9B0856813EDF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9889:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1D181868-AE93-4116-B45F-81D94F537227" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9898_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "49882EDE-598D-40B2-8A65-D258241E669F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9898:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F1572D87-4EC2-4B95-826A-B03FDD4985AE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9980_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DCBC53AC-E040-40E0-B09B-4117E641C9D4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9980:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7AE49086-E95B-4852-8A09-16A83DD63EC9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9984_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "93BA2DC9-5B4F-4F8F-8B3D-8DA01043B9BD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9984:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8FA8880F-E513-4390-B839-C5D86E7A89EB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9985_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ED6C33CE-635A-415F-9F4E-70E2D86A06D3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9985:-:*:*:*:*:*:*:*", - "matchCriteriaId": "124FF4F3-0490-4CB8-8689-5F0FA6D9230F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9986_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "70DBC461-DFD7-419E-8241-B55913315D45" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9986:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4E9EC919-0F83-49F3-807B-CD4B27AAE741" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9990_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "991D9592-D61E-4777-8B59-EB004F09998E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9990:-:*:*:*:*:*:*:*", - "matchCriteriaId": "37A829C8-5BA3-4B13-9033-30FCD5B78B70" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9992_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5D8FB66C-5616-4C3A-9CAE-7610519ACA1A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9992:-:*:*:*:*:*:*:*", - "matchCriteriaId": "408C8494-E7D8-4F99-9B04-7E84A31C799B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9994_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BD5B18AA-0699-4F21-9D3E-C45B071B4903" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9994:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DDC4C800-C9E3-4DB0-AE99-3F75D3660DEC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcm4490_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DA506489-4338-44DF-8F92-12E60AF0048C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcm4490:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A8718C37-A82A-4A08-A887-3F22B37601A9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcm6490_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ADD6D51E-5787-42A6-8A02-4EBBAFFF9C94" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcm6490:-:*:*:*:*:*:*:*", - "matchCriteriaId": "99AA0291-B822-4CAD-BA17-81B632FC3FEF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5021_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B0F7D48A-7D06-46C5-A093-FAA12666A666" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5021:-:*:*:*:*:*:*:*", - "matchCriteriaId": "58DF7FA9-72B4-454D-AED7-ED9531B118BC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5022_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "478B79F0-D257-41B2-965B-3E251A584D45" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5022:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8B6D2C9D-1BF9-4D78-90FB-B7633DD87E67" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5024_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "63965F19-033E-4755-B9CA-EF409EC339A3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5024:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CCA0E68F-6D5F-4C20-AABC-26CA6867D3D6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5052_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "85740DB4-3B08-48A4-ACAF-7BBB2612009A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5052:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8A0BD404-5EBA-4988-91B6-ECE8FCF4F041" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5054_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2D6190FE-17A6-48CE-AA34-5DCF01362E9F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5054:-:*:*:*:*:*:*:*", - "matchCriteriaId": "09AB1C26-7ED2-431E-8EA4-8ACB16857A01" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5064_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0405CBFB-AD0E-45F8-ADDA-60D2BF7486C0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5064:-:*:*:*:*:*:*:*", - "matchCriteriaId": "08F4DD2E-C887-424C-B931-CBB9B402726E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5122_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "290BFC8A-0D76-4BCD-B059-2DAFD368A10C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5122:-:*:*:*:*:*:*:*", - "matchCriteriaId": "936A308A-92B9-468C-9BC6-8FD71C7C2315" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5124_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2A9F76FF-96D3-4BCE-918D-B3B0ADA3E8E0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5124:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2908A543-EFE4-477D-9CF3-76534B2E6CF6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5152_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0EAE1EBF-AD14-4C07-99B5-2547A5196B20" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5152:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D4829FF9-C0BA-4E40-A01A-3EF179462029" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5154_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0ED3ED74-C2D0-4A84-A2F8-392818E5CD20" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5154:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4F1CA219-959D-481A-8622-69F1825832FB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5164_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5F6EAD64-D133-42C4-92ED-90C49938C0F1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5164:-:*:*:*:*:*:*:*", - "matchCriteriaId": "93E7ED58-C5A7-4F78-8233-750780CCAB16" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5550_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A0A436BB-212C-4419-A0C7-03C0E04BD582" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5550:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3AF4B33B-223D-45F5-8168-3D2232E11663" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6023_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "63FF89C5-3BBF-4A13-8A3B-F490C2FA1A95" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6023:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6784EC5F-2C26-49C5-9A03-6FD2056C04EF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6024_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A49DBE04-E2EA-4DA1-B774-A878A71524AC" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6024:-:*:*:*:*:*:*:*", - "matchCriteriaId": "69E98386-3BB2-4E8C-AD00-E05123608439" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6100_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4730B8E7-C884-4AFA-ACB5-D0F39A993D18" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6100:-:*:*:*:*:*:*:*", - "matchCriteriaId": "98CB565F-FE4A-4B52-96CB-AA769E985230" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6102_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C37D96A3-0466-4FC4-9E56-35B55C3FA970" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6102:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9D55BAB4-2AC5-419C-B405-C1AA022DAA24" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6112_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6300827E-F6F0-490B-8043-38DD415E3161" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6112:-:*:*:*:*:*:*:*", - "matchCriteriaId": "58F6B4C5-2C26-4A13-BA10-5B70805AD8B6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6122_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1A988BD3-71D8-4F2B-9EC2-8E385B114114" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6122:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1E7049A3-9F35-465F-9B2E-96788E54EC63" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6132_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A59FBBDC-0495-422C-B25A-FFDF94D33C34" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6132:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F6E55C06-45EE-4144-8CBC-4D41DDE4D899" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9000_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5BCCFF8B-4857-439D-BD4A-EB35672F474B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9000:-:*:*:*:*:*:*:*", - "matchCriteriaId": "86896D55-89F5-440B-9082-916E486B65D9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9001_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E02C2FD8-3434-4407-99E3-EE1779C18117" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9001:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AC3468C1-CF50-4ED2-BD91-D1D140653CFC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9002_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6694BAC2-6E3B-4589-8BEA-6B5219267D19" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9002:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EF54E749-D512-45DE-841D-6199623C7099" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9003_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6128C715-8085-47A8-9EE3-F8C67FC1236B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9003:-:*:*:*:*:*:*:*", - "matchCriteriaId": "73B9F6F0-2F3A-4A4E-91A1-39EE598E22A5" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9011_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9306C34D-47E4-40CF-89F4-BA5263655D13" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9011:-:*:*:*:*:*:*:*", - "matchCriteriaId": "02BA009F-24E1-4953-BA95-2A5BC1CDBDBB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9012_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "61F34DD2-9DC0-49E5-BC85-1543EA199477" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9012:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1A06879F-6FE9-448A-8186-8347D76F872B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9022_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "36A10EB2-E7A2-461F-836E-FC38B9428C98" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9022:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A457C1D6-A026-4B5F-9CB1-FA795785A515" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9024_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A64CDA49-19BF-413F-A0E0-2B9729E45E25" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9024:-:*:*:*:*:*:*:*", - "matchCriteriaId": "345CCD64-C09E-407D-AAA2-311C4CCFE24F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9070_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2C10CAAC-FD93-4116-9F0C-E983B3693FAF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9070:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9FEC2402-BA39-49BB-A34C-FF32ED44A158" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9072_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "809FD84D-11C5-4EE3-B830-62CF5F6CB1BC" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9072:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DFD77A52-D53C-424F-9E17-160B710469C3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9074_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "65303C2D-C6BF-47CB-8146-E240CB8BBE42" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9074:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A6B03022-497A-4F42-BB4D-5624EA7DF1B9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9100_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B31EEE9E-CDEC-4E88-B950-3413205E483E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9100:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3E1E341A-7DDD-47E5-BB5F-0666482B41C0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9274_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9129A244-AB8C-4AA4-BFBB-37F84D66BD3E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9274:-:*:*:*:*:*:*:*", - "matchCriteriaId": "41F243A1-3C0B-4780-95BF-69A4E1A91F18" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs4490_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3336CDD7-9E7B-4FFB-A5CE-594B19B63A6C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs4490:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1197E229-1E27-4CA3-A386-B77FAE5DFE1A" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs6490_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "403AE561-6C9E-49F3-A5D6-C48DDD51D663" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs6490:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6FAC140F-FC5E-4C88-B777-7F5EBF49A695" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs8250_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1CDDD37F-4C3A-4955-9AFB-7774021A0198" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs8250:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2D13E375-0562-4263-8452-53E117F14E83" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qrb5165m_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D9CC1C8B-F642-4068-B9E3-ECE027486E45" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qrb5165m:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A60F8378-B827-4557-B891-A8A02F8F2A25" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qrb5165n_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "97BB1EB7-D194-4FE2-B4F6-A7A52F344DDE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qrb5165n:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA2C90E7-0F3A-43BB-ABF7-63CEA7A85ADA" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qsm8250_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8C194363-7FDE-43C9-B6FE-2BD6B474816F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qsm8250:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B8CC9433-6B33-4B9C-8EC3-BBBB43897E5C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qsm8350_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1894F6B9-31DA-44E8-AA28-064F73EBEE8D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qsm8350:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8AA23845-D9F5-4035-8A93-F475D865586F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qualcomm_robotics_rb5_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "32DBC0A1-B059-4143-B34E-072E58E9A0E2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qualcomm_robotics_rb5_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4EDC9F7D-F6D8-4526-BAB6-22875B40715F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa4150p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0DC99C0C-8AE3-4918-B91D-2C26990FE931" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa4150p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A558A868-1B67-48D2-8A94-FDEA7126FAE7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6145p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C66671C1-AE1A-44BE-9DB2-0B09FF4417DB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6145p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "74AA3929-3F80-4D54-B13A-9B070D5C03BB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6150p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "054F77D6-FC66-4151-9005-DC7ECDB5C722" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6150p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8ED3F589-16D9-46A7-A539-C9862473EE0D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6155_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4C40544E-B040-491C-8DF3-50225E70B50C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6155:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A2DAC85C-CDC9-4784-A69A-147A2CE8A8B2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6155p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8DC40C14-3B2D-4E00-9E0F-86E6BDBF2D81" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6155p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0514D433-162C-4680-8912-721D19BE6201" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8145p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A71D74B0-0963-49FD-8E97-148C8993B263" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8145p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "910CBFA4-50F7-4C7A-B9B9-B88C8A919827" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8150p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "69C1B02F-8D2D-42E7-B70D-41F4D9844FD1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8150p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3FEACAA9-C061-4713-9A54-37D8BFC0B00B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8155_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F33EB594-B0D3-42F2-B1CA-B0E6C9D82C6B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8155:-:*:*:*:*:*:*:*", - "matchCriteriaId": "50EF47E5-2875-412F-815D-44804BB3A739" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8155p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C8648B38-2597-401A-8F53-D582FA911569" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8155p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A01CD59B-8F21-4CD6-8A1A-7B37547A8715" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8195p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "51BC0A66-493B-43BE-B51F-640BDF2FF32E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8195p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D8DA4D12-7ABF-4A04-B44E-E1D68C8E58AB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8295p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2A19659B-A0C3-44B7-8D54-BA21729873A4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8295p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F978041A-CE28-4BDF-A7DB-F0360F1A5F14" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180x\\+sdx55_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C751ABFE-3B9B-472B-A10C-277270790D95" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180x\\+sdx55:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C819454D-D413-478A-B78D-CFF6994803A1" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd_455_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B3EF9964-D615-473E-A289-8A01D91D87AA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd_455:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9C177163-B6E6-42D8-8969-C2F9832C6701" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd_8_gen1_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "76910884-45D9-4EA2-BA30-44A8C7CC1339" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd_8_gen1_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "33D393A6-4586-4416-86EB-F9D86DC3DED8" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd660_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3991C516-4FBE-43D8-835F-413FE45BF73E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd660:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D9CF5EBB-B25A-4A76-B522-951F108263CC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd835_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9DA605FD-B801-43BB-B52D-879013F7F57E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd835:-:*:*:*:*:*:*:*", - "matchCriteriaId": "908BFD96-0423-4AFC-B8F3-105B2D5B4C73" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd865_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "72433485-B229-46A6-BCA4-394AA4EEA683" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd865_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "04D40EC4-BF31-4BFD-8D0A-8193F541AF02" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd888_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "79219DA5-0D09-4CEF-AEFD-917F269AE7DF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd888:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4D30BACF-71C1-4A6D-8811-9AD708A98307" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sdx55_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E93FB34B-3674-404D-9687-E092E9A246AB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sdx55:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F3FF5A9A-A34A-499C-B6E0-D67B496C5454" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm4450_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8F57DB5E-863C-4CA1-B7C0-DD8FCA50F835" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm4450:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6E3F3930-3C47-4A0D-ADC2-2641AE1CC02C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm7250p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "76DB5472-DF51-4144-8A69-9B231CF782DA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm7250p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1D395018-251C-45AA-9EE8-A638CAB0B508" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm7315_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A4508742-7D97-43D8-B8F5-041F4C588723" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm7315:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CF8C63E8-169F-4164-BD49-348ED894813F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm7325p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4BEC725F-19B1-4078-B13D-CE624BE23344" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm7325p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4EA43E38-A12D-49C3-B05C-A2AF07ED2710" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_4_gen_1_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2CCBF666-CB4E-44E1-9676-6891EDC73578" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_4_gen_1_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C767AB6A-1A8C-406C-A600-96A816F44E2F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_480_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CA3F11F3-C9F4-460D-BD77-1BFBCC1F0592" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_480_5g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "25673A10-D99C-4F67-BDA7-9C2E4A70EF9C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_480\\+_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "50906EF2-01F7-4E97-9F49-F892DF41CB29" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_480\\+_5g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B23A89FF-9C94-40C6-B9B7-3E8354777916" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_630_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "531A9325-790A-4D7E-BFF2-EB1808C719D7" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_630_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E1AACB4E-70A7-43ED-953D-911D2450C946" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_636_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2C558A35-E8E3-43CD-BAC5-C665875D3E60" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_636_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5F23BF59-9FB7-49D6-846D-52263747E69F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_660_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "873CD3BE-2098-4328-B350-A14453C44F1D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_660_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BE294B26-BBD0-455F-82B0-4605987B7DDC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_690_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A930E317-7F22-4605-A85F-144921EEBA0C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_690_5g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BAF50FDA-47FA-491B-BEAE-76CC38C18F52" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_695_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A9A2DA11-5E4E-4E36-923C-A2D3CC2F2751" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_695_5g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BE7DFAD4-1D21-4A3A-9E8C-10F00AD7C403" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_750g_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A96C773B-B228-4A39-8CAE-AEA0EE6E5699" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_750g_5g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "898FE463-291B-4C89-BEC5-8B99EA18CF23" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_765_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1C9940B4-672B-4D82-B904-80A3FC1DD4C2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_765_5g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "11ADEB65-9803-4036-AAB4-B85E430B626D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_765g_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DD14F17B-FDC3-4B1B-9901-E40B783E77C6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_765g_5g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B8FD2424-599C-4137-9BB0-378F34B7AB3C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_768g_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F6037264-BF88-4BCA-9F5F-B5D30587D9A8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_768g_5g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BABB84B3-C5BC-4AE9-AB6E-BA4BAF9FBECB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_778g_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "87ECCB82-B880-412D-A635-CA6F0B035F2B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_778g_5g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "424743C4-CE74-4A02-835A-023C9DA0CFAC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_778g\\+_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "14EA48BF-BD65-43B2-8DC1-D97F75AD6FE5" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_778g\\+_5g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B86E317F-12BF-42F6-879B-88A85F7E3F81" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_780g_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A4C68227-8928-41C4-A6B8-CD142C018AB6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_780g_5g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "38E60ED4-9FB7-481E-915B-B7576566E0BC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_782g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "194A4BD4-0DDF-49E5-AA89-40A5BFB71933" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_782g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "72FF9732-40D8-4C12-8259-BAA16FAB5A56" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_7c\\+_gen_3_compute_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C4A050CA-8514-400A-A6B3-F513CC93CA14" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_7c\\+_gen_3_compute:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BD850305-1E76-4952-A3FB-F6229CBF7FE9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_8_gen_1_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EB8FA32F-4690-4C5B-8968-474DA32FD0A4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_8_gen_1_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "59BD8BEA-725A-4158-84BE-4AFD476ED03D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_8\\+_gen_1_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "59CB6F2F-7C95-498B-9F9E-728930FD24A7" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_8\\+_gen_1_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "284E62AF-2E4D-4E82-AC9A-F27DA71735EF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_835_mobile_pc_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "81FC1C9D-D494-4426-93FF-A774D68554D7" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_835_mobile_pc_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5B4837E0-EFF7-4546-918C-03551E03F6BD" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_865_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6C9F4285-1F09-40CD-B1AA-84B406FD6A71" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_865_5g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8623DD44-DFDD-442D-9789-11A527A450A4" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_865\\+_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "22303AD4-779C-45A3-8F33-3864C45E4328" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_865\\+_5g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B8EC440D-D420-4477-8F14-427245B80631" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_870_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "41446A77-6EF3-4570-BAD2-4C761A2C4E7F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_870_5g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "448C401B-EF07-4385-A7B4-123D7808F64F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_888_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "22A78236-5965-4F65-9001-3FE7FF6D27E8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_888_5g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "414C5C1D-A5DA-47C7-B6C9-3564DD4DD911" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_888\\+_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "01CBD543-635C-4C57-87B7-55DD3BA3C1A2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_888\\+_5g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6A7272B6-AADB-4CCD-B041-66170C313C76" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_8c_compute_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DC63E59F-CB68-435C-B1A4-7DA5D722142F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_8c_compute_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "088D62A3-1FE5-42D6-9231-41DDE4DA37EF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_8c_compute_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DC63E59F-CB68-435C-B1A4-7DA5D722142F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_8c_compute_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "088D62A3-1FE5-42D6-9231-41DDE4DA37EF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_8cx_compute_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "36903AF3-4E2D-4990-B021-A1D980229077" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_8cx_compute_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "472928D4-90F4-402D-B1F2-0CE358326A10" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_8cx_compute_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "36903AF3-4E2D-4990-B021-A1D980229077" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_8cx_compute_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "472928D4-90F4-402D-B1F2-0CE358326A10" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_8cx_gen_2_5g_compute_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C7ACDB5B-A32C-43A1-9086-D081E9FFF9AA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_8cx_gen_2_5g_compute_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "583E50CC-2017-4092-A21E-7AAC53F53A25" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_8cx_gen_2_5g_compute_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C7ACDB5B-A32C-43A1-9086-D081E9FFF9AA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_8cx_gen_2_5g_compute_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "583E50CC-2017-4092-A21E-7AAC53F53A25" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_8cx_gen_3_compute_platform__firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "699FC4D5-9B49-4EF7-86A1-ABCBA5576345" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_8cx_gen_3_compute_platform_:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B5C111E3-7167-4D92-A2DC-738C2ECE1814" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_ar2_gen_1_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5C1AB7D4-FB11-4020-A4A0-8F40D98C07F1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_ar2_gen_1_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FB6053F0-5E34-458A-B084-078E4D4F4021" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_auto_5g_modem-rf_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "88AF39A5-F44E-4B14-AA6E-4F80D9EEB017" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_auto_5g_modem-rf:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2A25FE8F-555A-4D85-8A94-A808B62EAE86" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_w5\\+_gen_1_wearable_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0C455E7D-D256-4240-BE72-2A93273D685A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_w5\\+_gen_1_wearable_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "423E21A1-8F52-46DA-9AC2-77159FEB6001" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_x55_5g_modem-rf_system_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AAFF2095-4257-40C9-8C48-B38C143159ED" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_x55_5g_modem-rf_system:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7FEA2F1D-7D07-4684-BDC1-24224A53A8BC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_x65_5g_modem-rf_system_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F74BF53E-DFA1-4750-A638-FE7572B79D16" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_x65_5g_modem-rf_system:-:*:*:*:*:*:*:*", - "matchCriteriaId": "226D1ABD-E4AD-487E-88EB-4C66D51DB33D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_xr2_5g_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1A129620-8241-4A47-AAC8-CC7E10A09C9C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_xr2_5g_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4CEDD78E-124C-4216-9B57-3B7B53463659" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_xr2\\+_gen_1_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BF9740EB-F82E-42EA-993E-A393B05CC6BB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_xr2\\+_gen_1_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "022A5532-03F7-4FB8-BA0D-4221178C9486" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_auto_4g_modem_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3C8F12FE-0057-4A13-9A7F-D12C114ECEF9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_auto_4g_modem:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1271B0C7-2D91-4129-9B58-E6689DD68C39" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ssg2115p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A146E52D-4AFC-47B4-920F-DAC76077DF25" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ssg2115p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2BA4BA00-C8D1-4DAC-8030-CB5EEC7D4591" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ssg2125p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EA41907C-1CDE-42F3-B21D-5D53B2F06AF7" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ssg2125p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EDC270A7-205C-41EB-A2E5-2A381A16BFBB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sw5100_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA1BF9BB-AF11-46A7-A71C-F7D289E76E3F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sw5100:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7B8455D6-287D-4934-8E4D-F4127A9C0449" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sw5100p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DB599A9F-0305-4FE4-8623-0F86630FEDCB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sw5100p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EEB883BF-68B2-4C25-84DC-5DA953BFAA2F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sxr1230p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BE3236D6-0D01-4D05-B580-8888B99BAA5D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sxr1230p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7E1753FC-F3CD-4B50-886D-8E16D9301A84" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sxr2130_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9F9FA3B1-E4E4-4D9B-A99C-7BF958D4B993" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sxr2130:-:*:*:*:*:*:*:*", - "matchCriteriaId": "95762B01-2762-45BD-8388-5DB77EA6139C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sxr2230p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CD6444F6-A477-4B4C-8A09-C22C47CCE45B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sxr2230p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F3E20681-4FC4-46E2-AF77-BCF03BC8E77E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9335_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "28717583-463A-468A-8073-ECF0F90585F6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9335:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4D1A7188-7D5D-4D46-AEAB-08BA84FFF539" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9340_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8BA28CC6-C8BB-4F50-BFE3-A59F664A4F54" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9340:-:*:*:*:*:*:*:*", - "matchCriteriaId": "94D2BDF1-764C-48BA-8944-3275E8768078" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9341_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CE852339-1CAE-4983-9757-8F00EDEF1141" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9341:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4D9E96B3-F1BB-46F8-B715-7DF90180F1E1" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9360_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C4D6C6B2-36DC-4D0D-AFF8-2108A090A78D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9360:-:*:*:*:*:*:*:*", - "matchCriteriaId": "28FEB3B1-F641-436D-AC4F-3304C37167C4" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1295D869-F4DD-4766-B4AA-3513752F43B4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9370:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B98784DC-3143-4D38-AD28-DBBDCCAB4272" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9375_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "34143ABA-7D09-429F-A65C-3A33438BF62C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9375:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9D56DFE3-5EF1-4B23-BBD5-0203FBF9CCEC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "70292B01-617F-44AD-AF77-1AFC1450523D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FA94C6D6-85DB-4031-AAF4-C399019AE16D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "92B17201-8185-47F1-9720-5AB4ECD11B22" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E1FA2EB9-416F-4D69-8786-386CC73978AE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3950_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3FEF2DB6-00F5-4B07-953B-EF58B31267F1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3950:-:*:*:*:*:*:*:*", - "matchCriteriaId": "120E8F0F-EBEB-4565-9927-2D473F783EF7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9C6E9038-9B18-4958-BE1E-215901C9B4B2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3980:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B36D3274-F8D0-49C5-A6D5-95F5DC6D1950" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3988_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E4BFB25F-013B-48E3-99FF-3E8687F94423" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3988:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BF676C5B-838B-446C-A689-6A25AB8A87E2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3990_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2744A053-5BD9-45A9-A2FC-791BCA0CCD4C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3990:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D5F28E29-520F-469E-B048-62DE2EF07ADD" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn6740_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FB5DB2B8-25E1-4C0F-8AFB-7627FF9A04E1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn6740:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9BB21B3F-6D07-4B45-8A71-DC5490176296" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "15307882-7039-43E9-9BA3-035045988B99" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA85B322-E593-4499-829A-CC6D70BAE884" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E839A0B9-64C3-4C7A-82B7-D2AAF65928F8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7E870D82-DE3B-4199-A730-C8FB545BAA98" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "11B69595-E488-4590-A150-CE5BE08B5E13" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BF680174-5FA6-47D9-8EAB-CC2A37A7BD42" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7ACAD26E-B79E-4659-91A5-D301281F7D36" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8832:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F0E46DA6-9494-4D92-A4AE-A272AF6ACCCC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F80BC68E-7476-4A40-9F48-53722FE9A5BF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6B36F4B2-BAA3-45AD-9967-0EB482C99708" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.qualcomm.com\/company\/product-security\/bulletins\/september-2023-bulletin", - "source": "product-security@qualcomm.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-28557", - "sourceIdentifier": "product-security@qualcomm.com", - "published": "2023-09-05T07:15:13.517", - "lastModified": "2024-04-12T17:17:05.403", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Memory corruption in WLAN HAL while processing command parameters from untrusted WMI payload." - }, - { - "lang": "es", - "value": "Corrupción de memoria en WLAN HAL al procesar parámetros de comando de un payload WMI que no es de confianza." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - }, - { - "source": "product-security@qualcomm.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-129" - } - ] - }, - { - "source": "product-security@qualcomm.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-129" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:315_5g_iot_modem_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A85141A5-667F-41BB-B84D-908E73A86759" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:315_5g_iot_modem:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3AC9E0F8-6E27-4F6B-A667-786272632A24" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:aqt1000_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EC6FCE91-BF38-49ED-8FFB-429BAFEE7832" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:aqt1000:-:*:*:*:*:*:*:*", - "matchCriteriaId": "715A9F94-5F9E-45E5-B07B-699410C01478" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ar8031_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FCE1ADA9-8042-4CDE-A2B9-E96665CB41BE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ar8031:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BB1DE046-DD70-4ACA-9DF4-59939DAC1889" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ar8035_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C88B9C86-2E8E-4DCE-A30C-02977CC00F00" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ar8035:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EE473A5A-5CFC-4F08-A173-30717F8BD0D7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ar9380_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B032F871-3EC2-427D-A06F-681A58075925" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ar9380:-:*:*:*:*:*:*:*", - "matchCriteriaId": "73286FFB-C267-46B7-8FEF-C96534656AF9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:csr8811_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D4CAA848-413D-4C63-823B-BFCE95C7740C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:csr8811:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1AA32CC0-DE30-4B15-8EC6-1FAF14C5C4E2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:csra6620_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FA42F2EA-5D00-42B8-B020-C27675B72915" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:csra6620:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BFCF207D-B8C8-4860-89C7-673C821F0237" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:csra6640_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A8A35ECF-B12E-42DE-A74B-2C3BE03639A4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:csra6640:-:*:*:*:*:*:*:*", - "matchCriteriaId": "65B283D6-B2D2-49B6-98A8-08EDB54C1F15" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:csrb31024_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1EBF42F8-50BA-4172-A3A0-7FD1BA4B3ED3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:csrb31024:-:*:*:*:*:*:*:*", - "matchCriteriaId": "770F3924-BE27-4BDE-B922-680B3C9753EB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:fastconnect_6200_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CDE1CBDE-3D28-463C-B215-AA7DF373EF09" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:fastconnect_6200:-:*:*:*:*:*:*:*", - "matchCriteriaId": "66BD3B88-7CF9-482D-A2DD-67F6ACF4CC57" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:fastconnect_6700_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "82B82E87-F3F4-466F-A76B-C8809121FF6F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:fastconnect_6700:-:*:*:*:*:*:*:*", - "matchCriteriaId": "419A132E-E42C-4395-B74B-788A39DF1D13" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:fastconnect_6800_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D89F035A-2388-48FC-AEBB-8429C6880F4A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:fastconnect_6800:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CA13EF4E-AAE6-45F4-9E41-78310E37CE81" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E670F500-9B71-4BBE-B5DA-221D35803C89" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:fastconnect_6900:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9ADEB5C5-B79A-4F45-B7D3-75945B38DB6C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B3053D68-C5D8-4D47-A4F0-9F3AF2289E1D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:fastconnect_7800:-:*:*:*:*:*:*:*", - "matchCriteriaId": "638DBC7F-456F-487D-BED2-2214DFF8BEE2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:flight_rb5_5g_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AD36089F-92DF-49EC-9C6F-4300E4903CB2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:flight_rb5_5g_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D19A754C-6900-4436-916D-F5361E0BC324" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:immersive_home_214_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4C241123-63B1-4CA2-A3CB-BADA86EAAA2E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:immersive_home_214_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "66E4B95D-966A-4940-A403-9E8241F121C2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:immersive_home_216_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "68309F58-91D9-407E-9578-17EAF6836E07" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:immersive_home_216_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A0D491A9-6A1F-4B62-9A30-5A9F592BD5B5" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:immersive_home_316_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA6CA3E5-7A0F-4705-985E-0C25DE609494" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:immersive_home_316_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8DC770BF-4B23-4F43-A0B9-E5FE41536F5E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:immersive_home_318_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "84B4531C-9D90-4A9B-8724-1428372319C8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:immersive_home_318_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "497EC79B-0879-4FA2-A5B7-63EA54FC20A5" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq4018_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1D65E62B-95CA-4229-A61B-F4FB70466B6E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq4018:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1339CEEF-34C9-426E-864B-6C7B68E72CAA" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq4028_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3525CD2A-CE43-4B42-B8C2-9B19B2551214" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq4028:-:*:*:*:*:*:*:*", - "matchCriteriaId": "010DBDB1-F1A3-4805-BDD2-84CBFA0A0BE1" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq4029_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3D21F293-B9C7-46CB-8D83-BEE27E899BC3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq4029:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C4BA4D00-D7B2-4152-BD82-E6F572655AF3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq5010_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8543C671-054B-489F-ACFE-B7D7BEC1DEE6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq5010:-:*:*:*:*:*:*:*", - "matchCriteriaId": "15C5F8CB-3291-4E13-94F0-680FC85A9669" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq5028_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5AE3085F-59BE-46A0-9A96-65CFAB7DFEAE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq5028:-:*:*:*:*:*:*:*", - "matchCriteriaId": "825524E0-BB01-4CAD-9F65-95E096467D28" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq6000_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA7A5C46-48BF-42A9-A477-A660C6D7B437" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq6000:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EDB79382-19D6-4A67-9013-7099A9C58829" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq6010_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A5CF970F-17AE-4C59-89A5-5B41A41E1DE0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq6010:-:*:*:*:*:*:*:*", - "matchCriteriaId": "71C54A70-AAA8-4B5E-AC1B-471A5C7E79B0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq6018_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B04589FF-F299-4EF6-A57B-1AD145372DBB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq6018:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FDC1ADAD-DA77-47EF-8DB9-C36961C560C2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq6028_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "06126F30-D081-4A11-92FB-4074A451FAF9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq6028:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E2550040-CCC7-4B52-8D3E-7948B3E3C62B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8064_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7A1CC1C1-F2CA-4C43-B9E9-1288C3496C7B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8064:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AC82552A-9E7C-4A13-B7A5-43CEA218675C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8065_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9F37542D-35FD-4B15-8882-DD7543FF4E3D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8065:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1A7A9919-4B34-4960-ADC7-04A176579B80" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8068_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A3CB8796-7976-4077-BFF3-04DAEF5C8DDF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8068:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E848E5C5-F6C6-4FA1-93A6-C7737D69BB15" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8069_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C818E621-4286-485B-96E3-AB485F16BD8D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8069:-:*:*:*:*:*:*:*", - "matchCriteriaId": "87CFC07B-1F10-4AC8-85D8-5BE76FE35FB3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8070_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C670A4C5-1F17-4F1E-91DC-A33A9BA8878A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8070:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ACC9F136-90A7-486F-AF2A-EC60125E5AF8" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8070a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "711FC14F-4DED-4F90-9BA5-0036537E6DCF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8070a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "302F06C0-4835-4CD6-B745-BF7B704C3C86" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8071a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "623ED6A2-EE37-458E-BEFA-8BAD08256AE8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8071a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "53449B68-4C58-4AEB-82B7-72726ADE0E2C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8072a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "93E5DB9B-F388-49F3-ABD5-CE773FC4B045" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8072a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0137E60A-1869-479C-9B4B-378E5FCCBA1D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8074_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2914BF98-E69C-4C8D-8B10-759642ADD7B4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8074:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2118C404-402F-463C-8160-3CC3B703DF30" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8074a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5C7691C2-C4F8-4F23-9B5F-5E8FE0E2293E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8074a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "02BF2E50-E2A4-44FF-9748-ED96C0C1AB5F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8076_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "966392A8-DD8E-4AA1-B407-5BF2D937139E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8076:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A211C022-8EDF-4B76-89D6-599812900446" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8076a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EF245F8E-C056-4BEF-982E-9616F8C65CD6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8076a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CE302EF9-165F-47F9-B0D6-BE1E3D8C6C65" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8078_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A24951FD-C4AB-4988-A1DD-019412430AC6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8078:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EFEC5D65-C1E3-40ED-9FE3-8DF888CA2654" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8078a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DF609C6C-CD50-423A-A75E-83C730296089" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8078a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B8B35C18-9A01-41E1-8CE9-D8FA7E4A25ED" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8173_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8890C528-C2A3-4148-A397-85B63FB920C4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8173:-:*:*:*:*:*:*:*", - "matchCriteriaId": "81494D75-1D4D-4DC5-AF67-F83FD562DBB9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8174_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6BB84228-3083-4048-8E83-E1F30B537223" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8174:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EB58F259-62BA-40B9-BD71-960F25D20BED" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq9008_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "78A6F4F3-0CE3-4A02-B615-63E76C93ADC4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq9008:-:*:*:*:*:*:*:*", - "matchCriteriaId": "31D07608-80F7-44AA-BE91-1F97FC1CE313" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq9574_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0327D8C9-DD6B-4831-BBD4-2EE57A351493" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq9574:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0C866E83-23ED-495C-AA5A-0B01973674BF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:pmp8074_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F9B58B4E-86B7-4EB2-B78A-5E35FBA4A4FF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:pmp8074:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0EF03806-39CD-4B54-BA5C-D1C808E46621" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qam8295p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C2D9E281-B382-41AC-84CB-5B1063E5AC51" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qam8295p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "44EBEBD5-98C3-493B-A108-FD4DE6FFBE97" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca1062_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7B3F80BD-90EA-4207-BCB2-5E5CE80B599A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca1062:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AEB9196D-4EE0-4978-8A80-C21B5DC0CF21" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca1064_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CBC2C38C-5D5F-49CB-8DF5-35974D13B40B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca1064:-:*:*:*:*:*:*:*", - "matchCriteriaId": "365FE873-2311-44B8-B699-4B2F3459B0B2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca2062_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "54C350AB-526B-4681-9C37-DD508EFFB143" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca2062:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1ACBDBFC-796A-428E-9570-77E488FA1CB3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca2064:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C774D66F-60C9-46B8-BE1D-B8D61EE5E844" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca2064_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E73670B4-1055-4C65-AD34-EB978ABB19A6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca2065:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E255A21F-EC50-436F-81D9-8B2AC56D9BCE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca2065_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8C68AE99-4C8C-43AE-94AA-82632FD2BBE4" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca2066:-:*:*:*:*:*:*:*", - "matchCriteriaId": "09B688AF-E1A4-496C-924C-D6B725CBBE26" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca2066_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6366F2ED-C6B7-4579-B304-C5B6DF951EB4" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca4024:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B4DC3CE7-0C4A-458B-A42E-8F80C062DD5F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca4024_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C359D1E7-6E0A-41B5-ABE5-B55598960700" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6310:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5B0F8ED6-EAE7-44EA-A8C6-F5AD408261F0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6310_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "62DC4FBB-D9CB-43EB-829E-0A892306D0E2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6320_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "886CF046-E1D9-4FD4-AC02-EAB61C3F70FD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6320:-:*:*:*:*:*:*:*", - "matchCriteriaId": "059486E9-3F99-4C65-A763-470564EDAF2C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6335_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "966CDA56-809F-4FF4-909D-0DD92F44CF67" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6335:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C90747B4-2CC0-4816-A994-58E00F5ADA05" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6391_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "83B53119-1B2F-4978-B7F5-33B84BE73B68" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6391:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6FEBC0C5-CAA1-475C-96C2-B8D24B2E4536" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6420_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7E16994A-6DBA-426C-ADD2-B1E8B49FEDBF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6420:-:*:*:*:*:*:*:*", - "matchCriteriaId": "47E674DE-55AB-44E5-8E00-C804FC9D4DC0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6421_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "503CEDEF-99D0-4432-88A0-295340743606" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6421:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CE9115A0-0D87-49BE-9A9B-091DBF8D9E6E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6426_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A344E78F-D15A-460E-8EF8-7C6FC39F2D5E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6426:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8FF5EC23-4884-4C2B-8E77-50B1E8E28A3D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6428_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8B9382B5-AEB1-41E6-9F25-B0EDC95363C9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6428:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BDFC0DFF-F13A-4804-890C-99AFA0C56D62" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6430_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "95AFC483-1468-43FC-96FA-A56165C290E0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6430:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0A963FDF-6FF4-4F48-834E-2A14D241716D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6431_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "76FD6A24-B6F4-4C65-968F-AFF90A1A60B8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6431:-:*:*:*:*:*:*:*", - "matchCriteriaId": "34661A30-92C3-4F0D-ABD1-8DA8E928DFF9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6436_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "04F574BC-9AB2-4B83-A466-556ECEBBD3DF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6436:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A34D021D-C043-4EFD-9AB3-B2174528CBA3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6438_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F8D7658D-692D-4873-8D41-7682E9ECAEB3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6438:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DB8993C2-1E06-4ACF-B1E8-A62D89EBF4A0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6554a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0B1397F3-8CCF-4BBA-9F0F-A12E4F045754" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6554a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F5888224-567D-4C84-BE6D-17B636BF506C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6564a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "886124F6-B397-4EB6-8E01-6012E468ABE9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6564a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "93ED74CE-6BF2-4983-8780-07D5336745B3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6564au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B59672A0-2FA6-46CC-B75A-C599B842AFB9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6564au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3847F4A5-90A5-4C84-B43F-0DDD81BD79CE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6574_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9B828AC8-4A01-4537-B2BD-8180C99F5C32" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6574:-:*:*:*:*:*:*:*", - "matchCriteriaId": "66C16E1E-9D4A-4F20-B697-833FDCCA86FB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6574a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "828CFB37-76A6-4927-9D00-AF9A1C432DD6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6574a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "11405993-5903-4716-B452-370281034B42" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6574au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D527E2B1-2A46-4FBA-9F7A-F5543677C8FB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6574au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8374DDB3-D484-4141-AE0C-42333D2721F6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6584au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C3DDA896-576C-44B8-85B6-F71F473F776B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6584au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "51A87BDA-5B24-4212-BAB3-D2BBB2F4162E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6595_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "643EC76D-2836-48E6-81DA-78C4883C33CA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6595:-:*:*:*:*:*:*:*", - "matchCriteriaId": "477F6529-4CE1-44FC-B6EE-D24D44C71AE7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6595au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "288F637F-22F8-47CF-B67F-C798A730A1BD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6595au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D0996EA3-1C92-4933-BE34-9CF625E59FE7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6678aq_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D001127D-8160-42F0-B8B9-2FAA2976B530" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6678aq:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C9EB615F-FD4C-450B-AB25-E936FD9816C4" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6696_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0AE207DB-9770-40ED-961D-FDA75965826F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6696:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0E23922D-C37F-476F-A623-4C1458A9156F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6698aq_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5FA1F8F4-EAF2-4704-A8A6-19AD3CA1B577" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6698aq:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B3F7853D-09EE-476F-B48D-BB30AEB4A67D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8072_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1F4012FC-F0D9-41DE-BC2A-FBDD1B212540" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8072:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B16C4C53-F8BA-48D2-A7EE-90A06499722D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8075_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CC8A5A87-7D62-4EB7-962A-0F160DE3E889" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8075:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7B68D126-7F49-4FFA-8AF8-78120973D78E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8081_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1D1C53DC-D2F3-4C92-9725-9A85340AF026" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8081:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ED0585FF-E390-46E8-8701-70964A4057BB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8082_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EB1F2E8B-1ED2-473D-AFD8-F2590F6BD414" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8082:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FBDA9657-7D30-41FD-8112-F53E6C69D53A" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8084_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1B9045A8-BA53-43C4-B24D-5EF320DE7A4A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8084:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3D6E8939-AFA3-41AC-B811-BCC282A43106" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8085_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B87335A8-DC52-478E-B19F-0C4CC63132EA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8085:-:*:*:*:*:*:*:*", - "matchCriteriaId": "99C34523-FE2A-4DDC-9A8A-D9072F3D0FD3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8337_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2FA8F9DA-1386-4961-B9B2-484E4347852A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8337:-:*:*:*:*:*:*:*", - "matchCriteriaId": "117289C8-7484-4EAE-8F35-A25768F00EED" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8386_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "08E9E6CB-2216-4AF2-81C2-D482598298BE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8386:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4774FAA6-6141-4B08-819C-58D4D9A2B69F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9886_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "311229F9-4A32-462D-AE8D-E5E2B2C416CE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9886:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5A523C3F-FB62-4728-8173-4C117C28AC5A" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9888_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EF227702-EEFC-43CC-AC80-81EA6E4927E0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9888:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AE5DFEA5-EA29-40B6-83DB-883B276E8245" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9889_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "728CCD27-ED06-49FD-AECD-9B0856813EDF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9889:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1D181868-AE93-4116-B45F-81D94F537227" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9898_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "49882EDE-598D-40B2-8A65-D258241E669F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9898:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F1572D87-4EC2-4B95-826A-B03FDD4985AE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9980_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DCBC53AC-E040-40E0-B09B-4117E641C9D4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9980:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7AE49086-E95B-4852-8A09-16A83DD63EC9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9984_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "93BA2DC9-5B4F-4F8F-8B3D-8DA01043B9BD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9984:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8FA8880F-E513-4390-B839-C5D86E7A89EB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9985_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ED6C33CE-635A-415F-9F4E-70E2D86A06D3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9985:-:*:*:*:*:*:*:*", - "matchCriteriaId": "124FF4F3-0490-4CB8-8689-5F0FA6D9230F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9986_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "70DBC461-DFD7-419E-8241-B55913315D45" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9986:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4E9EC919-0F83-49F3-807B-CD4B27AAE741" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9990_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "991D9592-D61E-4777-8B59-EB004F09998E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9990:-:*:*:*:*:*:*:*", - "matchCriteriaId": "37A829C8-5BA3-4B13-9033-30FCD5B78B70" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9992_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5D8FB66C-5616-4C3A-9CAE-7610519ACA1A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9992:-:*:*:*:*:*:*:*", - "matchCriteriaId": "408C8494-E7D8-4F99-9B04-7E84A31C799B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9994_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BD5B18AA-0699-4F21-9D3E-C45B071B4903" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9994:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DDC4C800-C9E3-4DB0-AE99-3F75D3660DEC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcm2290_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5AB1F0FA-25F3-4304-A3BC-5264E55CC092" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcm2290:-:*:*:*:*:*:*:*", - "matchCriteriaId": "214A053F-D80C-4AD9-B4F1-83384095A3F3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcm4290_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3C7FFB96-53E7-41A2-BC99-7ACD853214A8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcm4290:-:*:*:*:*:*:*:*", - "matchCriteriaId": "74EBA77E-69A5-4145-9BEC-CD39BA132309" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcm4325_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F2D8044B-D4E5-4174-A0FB-478F8434EE8F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcm4325:-:*:*:*:*:*:*:*", - "matchCriteriaId": "163FE96E-DF5B-4B67-8EDE-44A5B9A8492D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcm4490_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DA506489-4338-44DF-8F92-12E60AF0048C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcm4490:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A8718C37-A82A-4A08-A887-3F22B37601A9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcm6125_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AB226552-52D9-44F5-A170-35C44761A72B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcm6125:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FBB16DC4-CDC9-4936-9C6A-0ED8E1F6D056" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcm6490_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ADD6D51E-5787-42A6-8A02-4EBBAFFF9C94" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcm6490:-:*:*:*:*:*:*:*", - "matchCriteriaId": "99AA0291-B822-4CAD-BA17-81B632FC3FEF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5021_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B0F7D48A-7D06-46C5-A093-FAA12666A666" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5021:-:*:*:*:*:*:*:*", - "matchCriteriaId": "58DF7FA9-72B4-454D-AED7-ED9531B118BC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5022_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "478B79F0-D257-41B2-965B-3E251A584D45" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5022:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8B6D2C9D-1BF9-4D78-90FB-B7633DD87E67" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5024:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CCA0E68F-6D5F-4C20-AABC-26CA6867D3D6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5024_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "63965F19-033E-4755-B9CA-EF409EC339A3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5052:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8A0BD404-5EBA-4988-91B6-ECE8FCF4F041" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5052_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "85740DB4-3B08-48A4-ACAF-7BBB2612009A" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5054:-:*:*:*:*:*:*:*", - "matchCriteriaId": "09AB1C26-7ED2-431E-8EA4-8ACB16857A01" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5054_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2D6190FE-17A6-48CE-AA34-5DCF01362E9F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5122:-:*:*:*:*:*:*:*", - "matchCriteriaId": "936A308A-92B9-468C-9BC6-8FD71C7C2315" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5122_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "290BFC8A-0D76-4BCD-B059-2DAFD368A10C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5124:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2908A543-EFE4-477D-9CF3-76534B2E6CF6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5124_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2A9F76FF-96D3-4BCE-918D-B3B0ADA3E8E0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5152:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D4829FF9-C0BA-4E40-A01A-3EF179462029" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5152_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0EAE1EBF-AD14-4C07-99B5-2547A5196B20" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5154:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4F1CA219-959D-481A-8622-69F1825832FB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5154_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0ED3ED74-C2D0-4A84-A2F8-392818E5CD20" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5164_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5F6EAD64-D133-42C4-92ED-90C49938C0F1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5164:-:*:*:*:*:*:*:*", - "matchCriteriaId": "93E7ED58-C5A7-4F78-8233-750780CCAB16" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6023_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "63FF89C5-3BBF-4A13-8A3B-F490C2FA1A95" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6023:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6784EC5F-2C26-49C5-9A03-6FD2056C04EF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6024_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A49DBE04-E2EA-4DA1-B774-A878A71524AC" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6024:-:*:*:*:*:*:*:*", - "matchCriteriaId": "69E98386-3BB2-4E8C-AD00-E05123608439" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6100_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4730B8E7-C884-4AFA-ACB5-D0F39A993D18" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6100:-:*:*:*:*:*:*:*", - "matchCriteriaId": "98CB565F-FE4A-4B52-96CB-AA769E985230" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6102_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C37D96A3-0466-4FC4-9E56-35B55C3FA970" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6102:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9D55BAB4-2AC5-419C-B405-C1AA022DAA24" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6112_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6300827E-F6F0-490B-8043-38DD415E3161" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6112:-:*:*:*:*:*:*:*", - "matchCriteriaId": "58F6B4C5-2C26-4A13-BA10-5B70805AD8B6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6122_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1A988BD3-71D8-4F2B-9EC2-8E385B114114" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6122:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1E7049A3-9F35-465F-9B2E-96788E54EC63" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6132_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A59FBBDC-0495-422C-B25A-FFDF94D33C34" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6132:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F6E55C06-45EE-4144-8CBC-4D41DDE4D899" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn7605_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9C9D1966-30F0-414D-BE75-0A14B12A1457" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn7605:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CD28C87D-1D28-4C84-BFE4-56EE3BF2C6B0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn7606_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F466A5BD-1912-4811-9A93-81555F101D46" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn7606:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0F92914E-16F6-4A25-9FEF-FB7CB3377132" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9000_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5BCCFF8B-4857-439D-BD4A-EB35672F474B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9000:-:*:*:*:*:*:*:*", - "matchCriteriaId": "86896D55-89F5-440B-9082-916E486B65D9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9001_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E02C2FD8-3434-4407-99E3-EE1779C18117" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9001:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AC3468C1-CF50-4ED2-BD91-D1D140653CFC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9002_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6694BAC2-6E3B-4589-8BEA-6B5219267D19" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9002:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EF54E749-D512-45DE-841D-6199623C7099" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9003_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6128C715-8085-47A8-9EE3-F8C67FC1236B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9003:-:*:*:*:*:*:*:*", - "matchCriteriaId": "73B9F6F0-2F3A-4A4E-91A1-39EE598E22A5" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9011_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9306C34D-47E4-40CF-89F4-BA5263655D13" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9011:-:*:*:*:*:*:*:*", - "matchCriteriaId": "02BA009F-24E1-4953-BA95-2A5BC1CDBDBB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9012_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "61F34DD2-9DC0-49E5-BC85-1543EA199477" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9012:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1A06879F-6FE9-448A-8186-8347D76F872B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9022_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "36A10EB2-E7A2-461F-836E-FC38B9428C98" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9022:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A457C1D6-A026-4B5F-9CB1-FA795785A515" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9024_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A64CDA49-19BF-413F-A0E0-2B9729E45E25" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9024:-:*:*:*:*:*:*:*", - "matchCriteriaId": "345CCD64-C09E-407D-AAA2-311C4CCFE24F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9070_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2C10CAAC-FD93-4116-9F0C-E983B3693FAF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9070:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9FEC2402-BA39-49BB-A34C-FF32ED44A158" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9072_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "809FD84D-11C5-4EE3-B830-62CF5F6CB1BC" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9072:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DFD77A52-D53C-424F-9E17-160B710469C3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9074_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "65303C2D-C6BF-47CB-8146-E240CB8BBE42" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9074:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A6B03022-497A-4F42-BB4D-5624EA7DF1B9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9100_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B31EEE9E-CDEC-4E88-B950-3413205E483E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9100:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3E1E341A-7DDD-47E5-BB5F-0666482B41C0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9274_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9129A244-AB8C-4AA4-BFBB-37F84D66BD3E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9274:-:*:*:*:*:*:*:*", - "matchCriteriaId": "41F243A1-3C0B-4780-95BF-69A4E1A91F18" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs2290_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "93CDB7BC-89F2-4482-B8E3-9DDBD918C851" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs2290:-:*:*:*:*:*:*:*", - "matchCriteriaId": "76E03AE9-2485-449B-BCFD-3E452BB01FC6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs410_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DC43BB27-0516-4750-A4C2-C45298441398" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs410:-:*:*:*:*:*:*:*", - "matchCriteriaId": "969585DE-93D6-4406-A632-D838ECD4D5AD" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs4290_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "06789CB9-E6FA-400D-90B6-C2DB6C8EF153" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs4290:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FFCB9F22-57F2-4327-95B9-B2342A02E45E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs4490_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3336CDD7-9E7B-4FFB-A5CE-594B19B63A6C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs4490:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1197E229-1E27-4CA3-A386-B77FAE5DFE1A" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs610_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E634F59C-6817-4898-A141-082044E66836" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs610:-:*:*:*:*:*:*:*", - "matchCriteriaId": "29762819-EC90-499C-A8C6-1423DE3FE6B9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs6125_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4468EA5D-87B0-4FEC-A3DB-617651B0D169" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs6125:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6DA2C3E1-E285-4CAD-9FA3-813C8EC436F6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs6490_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "403AE561-6C9E-49F3-A5D6-C48DDD51D663" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs6490:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6FAC140F-FC5E-4C88-B777-7F5EBF49A695" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs8250_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1CDDD37F-4C3A-4955-9AFB-7774021A0198" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs8250:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2D13E375-0562-4263-8452-53E117F14E83" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qrb5165m_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D9CC1C8B-F642-4068-B9E3-ECE027486E45" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qrb5165m:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A60F8378-B827-4557-B891-A8A02F8F2A25" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qrb5165n_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "97BB1EB7-D194-4FE2-B4F6-A7A52F344DDE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qrb5165n:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA2C90E7-0F3A-43BB-ABF7-63CEA7A85ADA" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qsm8250_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8C194363-7FDE-43C9-B6FE-2BD6B474816F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qsm8250:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B8CC9433-6B33-4B9C-8EC3-BBBB43897E5C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qsm8350_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1894F6B9-31DA-44E8-AA28-064F73EBEE8D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qsm8350:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8AA23845-D9F5-4035-8A93-F475D865586F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qualcomm_robotics_rb3_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3190C4FD-36BE-46F4-AAD9-028105D7A39B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qualcomm_robotics_rb3_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4CE5E237-2F85-4EB3-BB8C-BA11D8F25C5C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qualcomm_robotics_rb5_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "32DBC0A1-B059-4143-B34E-072E58E9A0E2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qualcomm_robotics_rb5_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4EDC9F7D-F6D8-4526-BAB6-22875B40715F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa4150p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0DC99C0C-8AE3-4918-B91D-2C26990FE931" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa4150p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A558A868-1B67-48D2-8A94-FDEA7126FAE7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6145p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C66671C1-AE1A-44BE-9DB2-0B09FF4417DB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6145p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "74AA3929-3F80-4D54-B13A-9B070D5C03BB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6150p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "054F77D6-FC66-4151-9005-DC7ECDB5C722" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6150p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8ED3F589-16D9-46A7-A539-C9862473EE0D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6155_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4C40544E-B040-491C-8DF3-50225E70B50C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6155:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A2DAC85C-CDC9-4784-A69A-147A2CE8A8B2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6155p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8DC40C14-3B2D-4E00-9E0F-86E6BDBF2D81" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6155p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0514D433-162C-4680-8912-721D19BE6201" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8145p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A71D74B0-0963-49FD-8E97-148C8993B263" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8145p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "910CBFA4-50F7-4C7A-B9B9-B88C8A919827" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8150p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "69C1B02F-8D2D-42E7-B70D-41F4D9844FD1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8150p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3FEACAA9-C061-4713-9A54-37D8BFC0B00B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8155_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F33EB594-B0D3-42F2-B1CA-B0E6C9D82C6B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8155:-:*:*:*:*:*:*:*", - "matchCriteriaId": "50EF47E5-2875-412F-815D-44804BB3A739" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8155p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C8648B38-2597-401A-8F53-D582FA911569" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8155p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A01CD59B-8F21-4CD6-8A1A-7B37547A8715" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8195p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "51BC0A66-493B-43BE-B51F-640BDF2FF32E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8195p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D8DA4D12-7ABF-4A04-B44E-E1D68C8E58AB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8295p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2A19659B-A0C3-44B7-8D54-BA21729873A4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8295p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F978041A-CE28-4BDF-A7DB-F0360F1A5F14" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180x\\+sdx55_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C751ABFE-3B9B-472B-A10C-277270790D95" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180x\\+sdx55:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C819454D-D413-478A-B78D-CFF6994803A1" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd_455_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B3EF9964-D615-473E-A289-8A01D91D87AA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd_455:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9C177163-B6E6-42D8-8969-C2F9832C6701" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd_675_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3F900C8F-9763-441A-B97E-E5394A68A08A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd_675:-:*:*:*:*:*:*:*", - "matchCriteriaId": "589C1001-E9F6-41A6-BCC8-A94A3C97F2E6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd_8_gen1_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "76910884-45D9-4EA2-BA30-44A8C7CC1339" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd_8_gen1_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "33D393A6-4586-4416-86EB-F9D86DC3DED8" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd_8cx_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A71D1A7C-537F-458B-BA56-A11F95E36EA9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd_8cx:-:*:*:*:*:*:*:*", - "matchCriteriaId": "716DEC4D-D854-44CD-8A14-AA5AFD96809E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd460_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "52036768-810C-40C2-9213-8397A4073703" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd460:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BE8AB22C-54EA-4D61-B6F9-7BC45820D29E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd660_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3991C516-4FBE-43D8-835F-413FE45BF73E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd660:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D9CF5EBB-B25A-4A76-B522-951F108263CC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd662_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C7BE7001-5539-4C5E-A064-6E62023803AE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd662:-:*:*:*:*:*:*:*", - "matchCriteriaId": "06661DAC-5D22-433E-B5EC-486931E265B4" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd670_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5B8DA94C-23A0-4C99-9F05-144B9B5224B3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd670:-:*:*:*:*:*:*:*", - "matchCriteriaId": "39E10E22-E7CC-41D6-80F3-030083F45645" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd675_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1497D052-884E-496B-BEF8-6904A25125ED" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd675:-:*:*:*:*:*:*:*", - "matchCriteriaId": "589F4888-28F6-4ECA-860E-8054C2A8C419" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd730_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EC4DA7EA-DB81-4C71-A875-2612D8D7D726" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd730:-:*:*:*:*:*:*:*", - "matchCriteriaId": "48F26F64-98D4-420A-8918-E5E56ABA1D47" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd835_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9DA605FD-B801-43BB-B52D-879013F7F57E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd835:-:*:*:*:*:*:*:*", - "matchCriteriaId": "908BFD96-0423-4AFC-B8F3-105B2D5B4C73" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd855_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "42B30014-95AB-4F24-A7A5-60A907502609" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd855:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F562ED3D-CBE3-4DCC-BFBB-DE0AD2425A9C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd865_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "72433485-B229-46A6-BCA4-394AA4EEA683" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd865_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "04D40EC4-BF31-4BFD-8D0A-8193F541AF02" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd888_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "79219DA5-0D09-4CEF-AEFD-917F269AE7DF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd888:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4D30BACF-71C1-4A6D-8811-9AD708A98307" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sdx55_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E93FB34B-3674-404D-9687-E092E9A246AB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sdx55:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F3FF5A9A-A34A-499C-B6E0-D67B496C5454" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sg4150p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9279F02F-6C30-4891-8941-97003DE9C8C7" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sg4150p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FFA7BB42-305C-451F-92D8-0718DF68A012" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm4125_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E2B93301-AFE8-409B-A8C8-6754BE5A0C14" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm4125:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B185412C-177F-48E2-87F9-1269E0FB8E31" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm4450_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8F57DB5E-863C-4CA1-B7C0-DD8FCA50F835" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm4450:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6E3F3930-3C47-4A0D-ADC2-2641AE1CC02C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm6250_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FACA2BF1-85D3-447F-A08D-B90330A22550" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm6250:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C2ABA18D-82C1-4366-B1D7-DED42DD3D5C5" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm6250p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E3FB2972-94B6-4716-BA96-4B452BA3990F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm6250p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "57F4F872-094E-4E27-BB89-D8251FAFB713" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm7250p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "76DB5472-DF51-4144-8A69-9B231CF782DA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm7250p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1D395018-251C-45AA-9EE8-A638CAB0B508" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm7315_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A4508742-7D97-43D8-B8F5-041F4C588723" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm7315:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CF8C63E8-169F-4164-BD49-348ED894813F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm7325p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4BEC725F-19B1-4078-B13D-CE624BE23344" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm7325p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4EA43E38-A12D-49C3-B05C-A2AF07ED2710" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:smart_audio_400_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "57B0086F-5F2C-4F89-AC53-D8429D6506CD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:smart_audio_400_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FB8145C8-D978-4047-9203-602E854E7290" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_4_gen_1_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2CCBF666-CB4E-44E1-9676-6891EDC73578" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_4_gen_1_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C767AB6A-1A8C-406C-A600-96A816F44E2F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_460_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "390D7CAF-6C0B-4438-AA7D-AEEE127F4D3C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_460_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5BB1FC5E-CF6F-4E54-B78D-C01AFD034903" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_480_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CA3F11F3-C9F4-460D-BD77-1BFBCC1F0592" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_480_5g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "25673A10-D99C-4F67-BDA7-9C2E4A70EF9C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_480\\+_5g_mobile_platform_:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F4200EEB-629B-45C0-95AB-EB764BD76422" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_480\\+_5g_mobile_platform__firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "85850040-DFF4-41D0-A949-CF8B139FEEF8" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_630_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E1AACB4E-70A7-43ED-953D-911D2450C946" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_630_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "531A9325-790A-4D7E-BFF2-EB1808C719D7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_636_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5F23BF59-9FB7-49D6-846D-52263747E69F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_636_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2C558A35-E8E3-43CD-BAC5-C665875D3E60" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_660_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "873CD3BE-2098-4328-B350-A14453C44F1D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_660_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BE294B26-BBD0-455F-82B0-4605987B7DDC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_662_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "37DF4D73-3ACC-41B3-8CA4-20DAECE6BFB7" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_662_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FE08D23A-2D0D-4472-8847-27B955F55165" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_665_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D9151A7D-4A02-4EDD-830E-3408BBB2B0C3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_665_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "73D551AC-1008-444B-8A69-CF8CE60942FF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_670_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C9871C72-4B99-43E5-B389-EB26996B08DD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_670_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "586E725A-B3F6-4C4D-AE46-0D76A0C0D91E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_675_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ABF96A66-FECF-4D2F-94C5-7BFC746789E5" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_675_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "28638583-F98D-4B88-AF50-A10642D6A105" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_678_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E1B3C6D8-F06D-48DE-9127-0E574578E501" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_678_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A933F383-717C-4D7B-836A-76042F55488F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_680_4g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8D0ED00F-1345-43AD-83C6-E979890B84AB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_680_4g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "92C28019-B57D-4487-B551-F7B53395C6E5" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_685_4g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C174F07D-0E33-43FD-9BAD-6C6D8B51B6A6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_685_4g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "47311B68-A07F-448B-99D5-9C92C8127A81" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_690_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A930E317-7F22-4605-A85F-144921EEBA0C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_690_5g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BAF50FDA-47FA-491B-BEAE-76CC38C18F52" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_695_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A9A2DA11-5E4E-4E36-923C-A2D3CC2F2751" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_695_5g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BE7DFAD4-1D21-4A3A-9E8C-10F00AD7C403" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_710_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1FEAB1AE-53FE-4641-A2BB-4E1449A76E8C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_710_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3E92D896-80E5-47C6-A752-F19F1CB8005D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_712_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C9B4C948-7C2F-41E5-8111-9A17673E2787" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_712_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2504D653-29C7-4F1F-991C-AA50A4E5E092" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_720g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E6B6B409-33F8-49CA-9A09-3AA97DCBCE54" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_720g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1F34AF35-8A0B-4B90-8AE6-EC961B7FEC4B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_730_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BAE7612E-5C12-467E-95EC-90D0A984E086" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_730_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D76005A3-22FC-45C1-A01A-8640F030E6A9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_730g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E454506E-21BE-4BC9-91B9-21DC2AEA63E3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_730g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7D06996C-0832-4406-9581-1327345E95B9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_732g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A0E3DAEC-1C6C-41D4-867D-A246C51A7F08" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_732g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B4E25E7B-7391-479A-AE10-E593ADF7A5B1" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_750g_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A96C773B-B228-4A39-8CAE-AEA0EE6E5699" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_750g_5g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "898FE463-291B-4C89-BEC5-8B99EA18CF23" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_765_5g_mobile_platform__firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3ACEFE5A-EBC4-4C72-9E72-78D708B7300C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_765_5g_mobile_platform_:-:*:*:*:*:*:*:*", - "matchCriteriaId": "92FD49D6-405A-401E-AC9A-E762D789C713" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_765g_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DD14F17B-FDC3-4B1B-9901-E40B783E77C6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_765g_5g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B8FD2424-599C-4137-9BB0-378F34B7AB3C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_768g_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F6037264-BF88-4BCA-9F5F-B5D30587D9A8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_768g_5g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BABB84B3-C5BC-4AE9-AB6E-BA4BAF9FBECB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_778g_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "87ECCB82-B880-412D-A635-CA6F0B035F2B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_778g_5g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "424743C4-CE74-4A02-835A-023C9DA0CFAC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_778g\\+_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "14EA48BF-BD65-43B2-8DC1-D97F75AD6FE5" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_778g\\+_5g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B86E317F-12BF-42F6-879B-88A85F7E3F81" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_780g_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A4C68227-8928-41C4-A6B8-CD142C018AB6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_780g_5g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "38E60ED4-9FB7-481E-915B-B7576566E0BC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_782g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "194A4BD4-0DDF-49E5-AA89-40A5BFB71933" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_782g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "72FF9732-40D8-4C12-8259-BAA16FAB5A56" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_7c_compute_platform__firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "999A89D8-25E0-4212-85DE-4B7E1D00504C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_7c_compute_platform_:-:*:*:*:*:*:*:*", - "matchCriteriaId": "16647562-32F9-49BD-B444-D0ACB32F7225" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_7c_gen_2_compute_platform__firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E7BFED78-5E0E-4F01-9586-264FB52052C4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_7c_gen_2_compute_platform_:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F9C78411-3D39-44DF-82AC-823772A1C1D8" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_7c\\+_gen_3_compute_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C4A050CA-8514-400A-A6B3-F513CC93CA14" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_7c\\+_gen_3_compute:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BD850305-1E76-4952-A3FB-F6229CBF7FE9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_8_gen_1_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EB8FA32F-4690-4C5B-8968-474DA32FD0A4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_8_gen_1_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "59BD8BEA-725A-4158-84BE-4AFD476ED03D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_8\\+_gen_1_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "59CB6F2F-7C95-498B-9F9E-728930FD24A7" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_8\\+_gen_1_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "284E62AF-2E4D-4E82-AC9A-F27DA71735EF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_835_mobile_pc_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "81FC1C9D-D494-4426-93FF-A774D68554D7" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_835_mobile_pc_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5B4837E0-EFF7-4546-918C-03551E03F6BD" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_845_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D56B0CD3-138D-4197-84D5-2887C8FA40D2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_845_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4E289B26-AF53-442A-9740-2F44D1F59DA5" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_850_mobile_compute_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "355080DC-FC83-45C1-AB1A-21533638C181" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_850_mobile_compute_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5167E425-3B5D-4F79-B6AF-599820BEB33E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_855_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2BF8CD16-C2A7-4C93-8693-0E74F3CD0809" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_855_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "532F3191-56DD-41C2-8FCC-D1B20D0E5624" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_855\\+860_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F26F891B-8D25-47F3-BA02-FBB8A7160598" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_855\\+860_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "83BB4E6C-2D33-49A1-909F-B7BD7B0CFCDE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_860_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D1B7E8DA-A04A-4509-A847-5EEC760B2D92" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_860_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DE7F357C-96A5-41EE-BECE-401A05683D84" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_865_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6C9F4285-1F09-40CD-B1AA-84B406FD6A71" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_865_5g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8623DD44-DFDD-442D-9789-11A527A450A4" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_865\\+_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "22303AD4-779C-45A3-8F33-3864C45E4328" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_865\\+_5g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B8EC440D-D420-4477-8F14-427245B80631" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_870_5g_mobile_platform__firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3F7EC4FC-94F6-4C4E-A6F4-46B0B3967A86" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_870_5g_mobile_platform_:-:*:*:*:*:*:*:*", - "matchCriteriaId": "39DDB101-5A91-41F7-83B0-01BBEC35694D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_888_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "22A78236-5965-4F65-9001-3FE7FF6D27E8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_888_5g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "414C5C1D-A5DA-47C7-B6C9-3564DD4DD911" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_888\\+_5g_mobile_platform__firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1C389394-72C4-4647-B97A-A7B2DADF57FD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_888\\+_5g_mobile_platform_:-:*:*:*:*:*:*:*", - "matchCriteriaId": "945B1D8C-1B53-4BC0-8048-43C7C365B22F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_8c_compute_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DC63E59F-CB68-435C-B1A4-7DA5D722142F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_8c_compute_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "088D62A3-1FE5-42D6-9231-41DDE4DA37EF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_8c_compute_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DC63E59F-CB68-435C-B1A4-7DA5D722142F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_8c_compute_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "088D62A3-1FE5-42D6-9231-41DDE4DA37EF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_8cx_compute_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "36903AF3-4E2D-4990-B021-A1D980229077" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_8cx_compute_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "472928D4-90F4-402D-B1F2-0CE358326A10" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_8cx_compute_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "36903AF3-4E2D-4990-B021-A1D980229077" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_8cx_compute_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "472928D4-90F4-402D-B1F2-0CE358326A10" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_8cx_gen_2_5g_compute_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "583E50CC-2017-4092-A21E-7AAC53F53A25" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_8cx_gen_2_5g_compute_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C7ACDB5B-A32C-43A1-9086-D081E9FFF9AA" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_8cx_gen_2_5g_compute_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "583E50CC-2017-4092-A21E-7AAC53F53A25" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_8cx_gen_2_5g_compute_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C7ACDB5B-A32C-43A1-9086-D081E9FFF9AA" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_8cx_gen_3_compute_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "71E06B94-9463-49A6-B816-E8A82BEA8545" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_8cx_gen_3_compute_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7C155F86-467F-4B57-950E-12FAAB570B01" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_ar2_gen_1_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FB6053F0-5E34-458A-B084-078E4D4F4021" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_ar2_gen_1_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5C1AB7D4-FB11-4020-A4A0-8F40D98C07F1" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_auto_5g_modem-rf:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2A25FE8F-555A-4D85-8A94-A808B62EAE86" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_auto_5g_modem-rf_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "88AF39A5-F44E-4B14-AA6E-4F80D9EEB017" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_w5\\+_gen_1_wearable_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "423E21A1-8F52-46DA-9AC2-77159FEB6001" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_w5\\+_gen_1_wearable_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0C455E7D-D256-4240-BE72-2A93273D685A" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_x50_5g_modem-rf_system:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EF808C56-AD46-4351-9A46-6A2B6AAAB5BB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_x50_5g_modem-rf_system_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "69D1567F-D669-4415-9A08-110221EFA6BA" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_x55_5g_modem-rf_system_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AAFF2095-4257-40C9-8C48-B38C143159ED" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_x55_5g_modem-rf_system:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7FEA2F1D-7D07-4684-BDC1-24224A53A8BC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_x65_5g_modem-rf_system_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F74BF53E-DFA1-4750-A638-FE7572B79D16" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_x65_5g_modem-rf_system:-:*:*:*:*:*:*:*", - "matchCriteriaId": "226D1ABD-E4AD-487E-88EB-4C66D51DB33D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_xr1_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A1E1B7FD-39CD-42AB-A113-2AFB25B5F85B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_xr1_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C93EECE3-7A8A-4B58-A674-134040CE43FE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_xr2_5g_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1A129620-8241-4A47-AAC8-CC7E10A09C9C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_xr2_5g_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4CEDD78E-124C-4216-9B57-3B7B53463659" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_xr2\\+_gen_1_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BF9740EB-F82E-42EA-993E-A393B05CC6BB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_xr2\\+_gen_1_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "022A5532-03F7-4FB8-BA0D-4221178C9486" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_auto_4g_modem_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3C8F12FE-0057-4A13-9A7F-D12C114ECEF9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_auto_4g_modem:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1271B0C7-2D91-4129-9B58-E6689DD68C39" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ssg2115p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A146E52D-4AFC-47B4-920F-DAC76077DF25" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ssg2115p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2BA4BA00-C8D1-4DAC-8030-CB5EEC7D4591" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ssg2125p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EA41907C-1CDE-42F3-B21D-5D53B2F06AF7" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ssg2125p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EDC270A7-205C-41EB-A2E5-2A381A16BFBB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sw5100_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA1BF9BB-AF11-46A7-A71C-F7D289E76E3F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sw5100:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7B8455D6-287D-4934-8E4D-F4127A9C0449" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sw5100p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DB599A9F-0305-4FE4-8623-0F86630FEDCB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sw5100p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EEB883BF-68B2-4C25-84DC-5DA953BFAA2F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sxr1120_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CF839E24-6542-4C5D-A1B7-FD3BA00683CB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sxr1120:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E9F12284-93E0-482D-9D35-EB38BA7D6C6D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sxr1230p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BE3236D6-0D01-4D05-B580-8888B99BAA5D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sxr1230p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7E1753FC-F3CD-4B50-886D-8E16D9301A84" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sxr2130_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9F9FA3B1-E4E4-4D9B-A99C-7BF958D4B993" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sxr2130:-:*:*:*:*:*:*:*", - "matchCriteriaId": "95762B01-2762-45BD-8388-5DB77EA6139C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sxr2230p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CD6444F6-A477-4B4C-8A09-C22C47CCE45B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sxr2230p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F3E20681-4FC4-46E2-AF77-BCF03BC8E77E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:vision_intelligence_300_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1708266E-EB99-475A-AB48-B2ACEE5657EC" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:vision_intelligence_300_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FEBBF98A-40C2-4386-85C5-5B1D445CC846" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:vision_intelligence_400_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6E685A5C-870C-41E9-91AA-7AA7535C4D85" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:vision_intelligence_400_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D8F52FE7-2C9C-4908-A578-2230ED6A1505" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9326_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3A2FAD34-B7C5-400A-8575-A12CDE65ACBE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9326:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5A39A2E5-6D8D-4F6E-98CB-96DB1975A4BC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9335_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "28717583-463A-468A-8073-ECF0F90585F6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9335:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4D1A7188-7D5D-4D46-AEAB-08BA84FFF539" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9340_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8BA28CC6-C8BB-4F50-BFE3-A59F664A4F54" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9340:-:*:*:*:*:*:*:*", - "matchCriteriaId": "94D2BDF1-764C-48BA-8944-3275E8768078" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9341_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CE852339-1CAE-4983-9757-8F00EDEF1141" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9341:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4D9E96B3-F1BB-46F8-B715-7DF90180F1E1" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9360_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C4D6C6B2-36DC-4D0D-AFF8-2108A090A78D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9360:-:*:*:*:*:*:*:*", - "matchCriteriaId": "28FEB3B1-F641-436D-AC4F-3304C37167C4" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1295D869-F4DD-4766-B4AA-3513752F43B4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9370:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B98784DC-3143-4D38-AD28-DBBDCCAB4272" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9371_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2503805B-B2A6-4AEE-8AB1-2B8A040702BD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9371:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D3AD370C-2ED0-43CF-83D9-50DC92A01CA5" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9375_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "34143ABA-7D09-429F-A65C-3A33438BF62C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9375:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9D56DFE3-5EF1-4B23-BBD5-0203FBF9CCEC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "70292B01-617F-44AD-AF77-1AFC1450523D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FA94C6D6-85DB-4031-AAF4-C399019AE16D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "92B17201-8185-47F1-9720-5AB4ECD11B22" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E1FA2EB9-416F-4D69-8786-386CC73978AE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3910_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9F0D7B24-D567-479A-B4F1-595FAA053418" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3910:-:*:*:*:*:*:*:*", - "matchCriteriaId": "33A8FAA1-F824-4561-9CCC-7F0DF12F740F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3950_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3FEF2DB6-00F5-4B07-953B-EF58B31267F1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3950:-:*:*:*:*:*:*:*", - "matchCriteriaId": "120E8F0F-EBEB-4565-9927-2D473F783EF7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9C6E9038-9B18-4958-BE1E-215901C9B4B2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3980:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B36D3274-F8D0-49C5-A6D5-95F5DC6D1950" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3988_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E4BFB25F-013B-48E3-99FF-3E8687F94423" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3988:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BF676C5B-838B-446C-A689-6A25AB8A87E2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3990_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2744A053-5BD9-45A9-A2FC-791BCA0CCD4C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3990:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D5F28E29-520F-469E-B048-62DE2EF07ADD" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3999_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DF49BC31-A332-4B9A-A826-F63116D7029F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3999:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6DD3C245-D5F8-4145-8CDF-F635D2C8F088" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn6740_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FB5DB2B8-25E1-4C0F-8AFB-7627FF9A04E1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn6740:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9BB21B3F-6D07-4B45-8A71-DC5490176296" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "15307882-7039-43E9-9BA3-035045988B99" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA85B322-E593-4499-829A-CC6D70BAE884" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E839A0B9-64C3-4C7A-82B7-D2AAF65928F8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7E870D82-DE3B-4199-A730-C8FB545BAA98" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "11B69595-E488-4590-A150-CE5BE08B5E13" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BF680174-5FA6-47D9-8EAB-CC2A37A7BD42" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7ACAD26E-B79E-4659-91A5-D301281F7D36" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8832:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F0E46DA6-9494-4D92-A4AE-A272AF6ACCCC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F80BC68E-7476-4A40-9F48-53722FE9A5BF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6B36F4B2-BAA3-45AD-9967-0EB482C99708" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.qualcomm.com\/company\/product-security\/bulletins\/september-2023-bulletin", - "source": "product-security@qualcomm.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-28558", - "sourceIdentifier": "product-security@qualcomm.com", - "published": "2023-09-05T07:15:13.603", - "lastModified": "2024-04-12T17:17:05.803", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Memory corruption in WLAN handler while processing PhyID in Tx status handler." - }, - { - "lang": "es", - "value": "Corrupción de la memoria en el WLAN handler cuando se procesa PhyID en Tx status handler." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - }, - { - "source": "product-security@qualcomm.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-787" - } - ] - }, - { - "source": "product-security@qualcomm.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-129" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:315_5g_iot_modem:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3AC9E0F8-6E27-4F6B-A667-786272632A24" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:315_5g_iot_modem_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A85141A5-667F-41BB-B84D-908E73A86759" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:aqt1000:-:*:*:*:*:*:*:*", - "matchCriteriaId": "715A9F94-5F9E-45E5-B07B-699410C01478" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:aqt1000_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EC6FCE91-BF38-49ED-8FFB-429BAFEE7832" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ar8031:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BB1DE046-DD70-4ACA-9DF4-59939DAC1889" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ar8031_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FCE1ADA9-8042-4CDE-A2B9-E96665CB41BE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ar8035_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C88B9C86-2E8E-4DCE-A30C-02977CC00F00" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ar8035:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EE473A5A-5CFC-4F08-A173-30717F8BD0D7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ar9380_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B032F871-3EC2-427D-A06F-681A58075925" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ar9380:-:*:*:*:*:*:*:*", - "matchCriteriaId": "73286FFB-C267-46B7-8FEF-C96534656AF9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:csr8811_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D4CAA848-413D-4C63-823B-BFCE95C7740C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:csr8811:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1AA32CC0-DE30-4B15-8EC6-1FAF14C5C4E2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:csra6620_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FA42F2EA-5D00-42B8-B020-C27675B72915" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:csra6620:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BFCF207D-B8C8-4860-89C7-673C821F0237" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:csra6640_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A8A35ECF-B12E-42DE-A74B-2C3BE03639A4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:csra6640:-:*:*:*:*:*:*:*", - "matchCriteriaId": "65B283D6-B2D2-49B6-98A8-08EDB54C1F15" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:csrb31024_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1EBF42F8-50BA-4172-A3A0-7FD1BA4B3ED3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:csrb31024:-:*:*:*:*:*:*:*", - "matchCriteriaId": "770F3924-BE27-4BDE-B922-680B3C9753EB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:fastconnect_6200_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CDE1CBDE-3D28-463C-B215-AA7DF373EF09" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:fastconnect_6200:-:*:*:*:*:*:*:*", - "matchCriteriaId": "66BD3B88-7CF9-482D-A2DD-67F6ACF4CC57" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:fastconnect_6700_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "82B82E87-F3F4-466F-A76B-C8809121FF6F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:fastconnect_6700:-:*:*:*:*:*:*:*", - "matchCriteriaId": "419A132E-E42C-4395-B74B-788A39DF1D13" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:fastconnect_6800_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D89F035A-2388-48FC-AEBB-8429C6880F4A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:fastconnect_6800:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CA13EF4E-AAE6-45F4-9E41-78310E37CE81" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E670F500-9B71-4BBE-B5DA-221D35803C89" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:fastconnect_6900:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9ADEB5C5-B79A-4F45-B7D3-75945B38DB6C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B3053D68-C5D8-4D47-A4F0-9F3AF2289E1D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:fastconnect_7800:-:*:*:*:*:*:*:*", - "matchCriteriaId": "638DBC7F-456F-487D-BED2-2214DFF8BEE2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq4018:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1339CEEF-34C9-426E-864B-6C7B68E72CAA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq4018_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1D65E62B-95CA-4229-A61B-F4FB70466B6E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq4028:-:*:*:*:*:*:*:*", - "matchCriteriaId": "010DBDB1-F1A3-4805-BDD2-84CBFA0A0BE1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq4028_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3525CD2A-CE43-4B42-B8C2-9B19B2551214" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq4029:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C4BA4D00-D7B2-4152-BD82-E6F572655AF3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq4029_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3D21F293-B9C7-46CB-8D83-BEE27E899BC3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8064:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AC82552A-9E7C-4A13-B7A5-43CEA218675C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8064_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7A1CC1C1-F2CA-4C43-B9E9-1288C3496C7B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8069:-:*:*:*:*:*:*:*", - "matchCriteriaId": "87CFC07B-1F10-4AC8-85D8-5BE76FE35FB3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8069_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C818E621-4286-485B-96E3-AB485F16BD8D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8074:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2118C404-402F-463C-8160-3CC3B703DF30" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8074_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2914BF98-E69C-4C8D-8B10-759642ADD7B4" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qam8295p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "44EBEBD5-98C3-493B-A108-FD4DE6FFBE97" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qam8295p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C2D9E281-B382-41AC-84CB-5B1063E5AC51" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca1062:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AEB9196D-4EE0-4978-8A80-C21B5DC0CF21" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca1062_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7B3F80BD-90EA-4207-BCB2-5E5CE80B599A" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca1064:-:*:*:*:*:*:*:*", - "matchCriteriaId": "365FE873-2311-44B8-B699-4B2F3459B0B2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca1064_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CBC2C38C-5D5F-49CB-8DF5-35974D13B40B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca2062_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "54C350AB-526B-4681-9C37-DD508EFFB143" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca2062:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1ACBDBFC-796A-428E-9570-77E488FA1CB3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca2064_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E73670B4-1055-4C65-AD34-EB978ABB19A6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca2064:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C774D66F-60C9-46B8-BE1D-B8D61EE5E844" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca2065_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8C68AE99-4C8C-43AE-94AA-82632FD2BBE4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca2065:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E255A21F-EC50-436F-81D9-8B2AC56D9BCE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca2066_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6366F2ED-C6B7-4579-B304-C5B6DF951EB4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca2066:-:*:*:*:*:*:*:*", - "matchCriteriaId": "09B688AF-E1A4-496C-924C-D6B725CBBE26" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6310_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "62DC4FBB-D9CB-43EB-829E-0A892306D0E2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6310:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5B0F8ED6-EAE7-44EA-A8C6-F5AD408261F0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6320_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "886CF046-E1D9-4FD4-AC02-EAB61C3F70FD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6320:-:*:*:*:*:*:*:*", - "matchCriteriaId": "059486E9-3F99-4C65-A763-470564EDAF2C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6335_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "966CDA56-809F-4FF4-909D-0DD92F44CF67" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6335:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C90747B4-2CC0-4816-A994-58E00F5ADA05" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6391_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "83B53119-1B2F-4978-B7F5-33B84BE73B68" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6391:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6FEBC0C5-CAA1-475C-96C2-B8D24B2E4536" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6420_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7E16994A-6DBA-426C-ADD2-B1E8B49FEDBF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6420:-:*:*:*:*:*:*:*", - "matchCriteriaId": "47E674DE-55AB-44E5-8E00-C804FC9D4DC0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6421_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "503CEDEF-99D0-4432-88A0-295340743606" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6421:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CE9115A0-0D87-49BE-9A9B-091DBF8D9E6E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6426_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A344E78F-D15A-460E-8EF8-7C6FC39F2D5E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6426:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8FF5EC23-4884-4C2B-8E77-50B1E8E28A3D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6428_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8B9382B5-AEB1-41E6-9F25-B0EDC95363C9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6428:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BDFC0DFF-F13A-4804-890C-99AFA0C56D62" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6430_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "95AFC483-1468-43FC-96FA-A56165C290E0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6430:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0A963FDF-6FF4-4F48-834E-2A14D241716D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6431_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "76FD6A24-B6F4-4C65-968F-AFF90A1A60B8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6431:-:*:*:*:*:*:*:*", - "matchCriteriaId": "34661A30-92C3-4F0D-ABD1-8DA8E928DFF9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6436_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "04F574BC-9AB2-4B83-A466-556ECEBBD3DF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6436:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A34D021D-C043-4EFD-9AB3-B2174528CBA3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6438_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F8D7658D-692D-4873-8D41-7682E9ECAEB3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6438:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DB8993C2-1E06-4ACF-B1E8-A62D89EBF4A0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6554a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0B1397F3-8CCF-4BBA-9F0F-A12E4F045754" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6554a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F5888224-567D-4C84-BE6D-17B636BF506C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6564a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "886124F6-B397-4EB6-8E01-6012E468ABE9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6564a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "93ED74CE-6BF2-4983-8780-07D5336745B3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6564au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B59672A0-2FA6-46CC-B75A-C599B842AFB9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6564au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3847F4A5-90A5-4C84-B43F-0DDD81BD79CE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6574_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9B828AC8-4A01-4537-B2BD-8180C99F5C32" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6574:-:*:*:*:*:*:*:*", - "matchCriteriaId": "66C16E1E-9D4A-4F20-B697-833FDCCA86FB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6574a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "828CFB37-76A6-4927-9D00-AF9A1C432DD6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6574a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "11405993-5903-4716-B452-370281034B42" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6574au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D527E2B1-2A46-4FBA-9F7A-F5543677C8FB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6574au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8374DDB3-D484-4141-AE0C-42333D2721F6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6584au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C3DDA896-576C-44B8-85B6-F71F473F776B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6584au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "51A87BDA-5B24-4212-BAB3-D2BBB2F4162E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6595_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "643EC76D-2836-48E6-81DA-78C4883C33CA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6595:-:*:*:*:*:*:*:*", - "matchCriteriaId": "477F6529-4CE1-44FC-B6EE-D24D44C71AE7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6595au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "288F637F-22F8-47CF-B67F-C798A730A1BD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6595au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D0996EA3-1C92-4933-BE34-9CF625E59FE7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6678aq_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D001127D-8160-42F0-B8B9-2FAA2976B530" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6678aq:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C9EB615F-FD4C-450B-AB25-E936FD9816C4" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6696_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0AE207DB-9770-40ED-961D-FDA75965826F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6696:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0E23922D-C37F-476F-A623-4C1458A9156F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6698aq_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5FA1F8F4-EAF2-4704-A8A6-19AD3CA1B577" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6698aq:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B3F7853D-09EE-476F-B48D-BB30AEB4A67D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8081:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ED0585FF-E390-46E8-8701-70964A4057BB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8081_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1D1C53DC-D2F3-4C92-9725-9A85340AF026" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8337_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2FA8F9DA-1386-4961-B9B2-484E4347852A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8337:-:*:*:*:*:*:*:*", - "matchCriteriaId": "117289C8-7484-4EAE-8F35-A25768F00EED" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9888_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EF227702-EEFC-43CC-AC80-81EA6E4927E0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9888:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AE5DFEA5-EA29-40B6-83DB-883B276E8245" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9889_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "728CCD27-ED06-49FD-AECD-9B0856813EDF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9889:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1D181868-AE93-4116-B45F-81D94F537227" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9898_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "49882EDE-598D-40B2-8A65-D258241E669F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9898:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F1572D87-4EC2-4B95-826A-B03FDD4985AE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9980_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DCBC53AC-E040-40E0-B09B-4117E641C9D4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9980:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7AE49086-E95B-4852-8A09-16A83DD63EC9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9984_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "93BA2DC9-5B4F-4F8F-8B3D-8DA01043B9BD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9984:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8FA8880F-E513-4390-B839-C5D86E7A89EB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9990_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "991D9592-D61E-4777-8B59-EB004F09998E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9990:-:*:*:*:*:*:*:*", - "matchCriteriaId": "37A829C8-5BA3-4B13-9033-30FCD5B78B70" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9992_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5D8FB66C-5616-4C3A-9CAE-7610519ACA1A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9992:-:*:*:*:*:*:*:*", - "matchCriteriaId": "408C8494-E7D8-4F99-9B04-7E84A31C799B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9994_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BD5B18AA-0699-4F21-9D3E-C45B071B4903" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9994:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DDC4C800-C9E3-4DB0-AE99-3F75D3660DEC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcm4325_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F2D8044B-D4E5-4174-A0FB-478F8434EE8F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcm4325:-:*:*:*:*:*:*:*", - "matchCriteriaId": "163FE96E-DF5B-4B67-8EDE-44A5B9A8492D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcm4490_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DA506489-4338-44DF-8F92-12E60AF0048C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcm4490:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A8718C37-A82A-4A08-A887-3F22B37601A9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcm6125_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AB226552-52D9-44F5-A170-35C44761A72B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcm6125:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FBB16DC4-CDC9-4936-9C6A-0ED8E1F6D056" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcm6490_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ADD6D51E-5787-42A6-8A02-4EBBAFFF9C94" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcm6490:-:*:*:*:*:*:*:*", - "matchCriteriaId": "99AA0291-B822-4CAD-BA17-81B632FC3FEF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6024_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A49DBE04-E2EA-4DA1-B774-A878A71524AC" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6024:-:*:*:*:*:*:*:*", - "matchCriteriaId": "69E98386-3BB2-4E8C-AD00-E05123608439" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn7605_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9C9D1966-30F0-414D-BE75-0A14B12A1457" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn7605:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CD28C87D-1D28-4C84-BFE4-56EE3BF2C6B0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn7606_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F466A5BD-1912-4811-9A93-81555F101D46" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn7606:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0F92914E-16F6-4A25-9FEF-FB7CB3377132" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9024_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A64CDA49-19BF-413F-A0E0-2B9729E45E25" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9024:-:*:*:*:*:*:*:*", - "matchCriteriaId": "345CCD64-C09E-407D-AAA2-311C4CCFE24F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9074_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "65303C2D-C6BF-47CB-8146-E240CB8BBE42" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9074:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A6B03022-497A-4F42-BB4D-5624EA7DF1B9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs410_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DC43BB27-0516-4750-A4C2-C45298441398" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs410:-:*:*:*:*:*:*:*", - "matchCriteriaId": "969585DE-93D6-4406-A632-D838ECD4D5AD" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs4490_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3336CDD7-9E7B-4FFB-A5CE-594B19B63A6C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs4490:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1197E229-1E27-4CA3-A386-B77FAE5DFE1A" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs610_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E634F59C-6817-4898-A141-082044E66836" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs610:-:*:*:*:*:*:*:*", - "matchCriteriaId": "29762819-EC90-499C-A8C6-1423DE3FE6B9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs6125_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4468EA5D-87B0-4FEC-A3DB-617651B0D169" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs6125:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6DA2C3E1-E285-4CAD-9FA3-813C8EC436F6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs6490_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "403AE561-6C9E-49F3-A5D6-C48DDD51D663" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs6490:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6FAC140F-FC5E-4C88-B777-7F5EBF49A695" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qsm8250_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8C194363-7FDE-43C9-B6FE-2BD6B474816F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qsm8250:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B8CC9433-6B33-4B9C-8EC3-BBBB43897E5C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qsm8350_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1894F6B9-31DA-44E8-AA28-064F73EBEE8D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qsm8350:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8AA23845-D9F5-4035-8A93-F475D865586F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qualcomm_robotics_rb3_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3190C4FD-36BE-46F4-AAD9-028105D7A39B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qualcomm_robotics_rb3_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4CE5E237-2F85-4EB3-BB8C-BA11D8F25C5C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa4150p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0DC99C0C-8AE3-4918-B91D-2C26990FE931" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa4150p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A558A868-1B67-48D2-8A94-FDEA7126FAE7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6145p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C66671C1-AE1A-44BE-9DB2-0B09FF4417DB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6145p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "74AA3929-3F80-4D54-B13A-9B070D5C03BB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6150p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "054F77D6-FC66-4151-9005-DC7ECDB5C722" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6150p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8ED3F589-16D9-46A7-A539-C9862473EE0D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6155_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4C40544E-B040-491C-8DF3-50225E70B50C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6155:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A2DAC85C-CDC9-4784-A69A-147A2CE8A8B2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6155p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8DC40C14-3B2D-4E00-9E0F-86E6BDBF2D81" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6155p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0514D433-162C-4680-8912-721D19BE6201" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8145p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A71D74B0-0963-49FD-8E97-148C8993B263" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8145p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "910CBFA4-50F7-4C7A-B9B9-B88C8A919827" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8150p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "69C1B02F-8D2D-42E7-B70D-41F4D9844FD1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8150p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3FEACAA9-C061-4713-9A54-37D8BFC0B00B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8155_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F33EB594-B0D3-42F2-B1CA-B0E6C9D82C6B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8155:-:*:*:*:*:*:*:*", - "matchCriteriaId": "50EF47E5-2875-412F-815D-44804BB3A739" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8155p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C8648B38-2597-401A-8F53-D582FA911569" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8155p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A01CD59B-8F21-4CD6-8A1A-7B37547A8715" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8195p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "51BC0A66-493B-43BE-B51F-640BDF2FF32E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8195p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D8DA4D12-7ABF-4A04-B44E-E1D68C8E58AB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8295p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2A19659B-A0C3-44B7-8D54-BA21729873A4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8295p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F978041A-CE28-4BDF-A7DB-F0360F1A5F14" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180x\\+sdx55_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C751ABFE-3B9B-472B-A10C-277270790D95" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180x\\+sdx55:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C819454D-D413-478A-B78D-CFF6994803A1" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd_455_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B3EF9964-D615-473E-A289-8A01D91D87AA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd_455:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9C177163-B6E6-42D8-8969-C2F9832C6701" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd_675_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3F900C8F-9763-441A-B97E-E5394A68A08A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd_675:-:*:*:*:*:*:*:*", - "matchCriteriaId": "589C1001-E9F6-41A6-BCC8-A94A3C97F2E6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd_8_gen1_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "76910884-45D9-4EA2-BA30-44A8C7CC1339" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd_8_gen1_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "33D393A6-4586-4416-86EB-F9D86DC3DED8" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd_8cx_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A71D1A7C-537F-458B-BA56-A11F95E36EA9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd_8cx:-:*:*:*:*:*:*:*", - "matchCriteriaId": "716DEC4D-D854-44CD-8A14-AA5AFD96809E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd460_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "52036768-810C-40C2-9213-8397A4073703" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd460:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BE8AB22C-54EA-4D61-B6F9-7BC45820D29E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd660_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3991C516-4FBE-43D8-835F-413FE45BF73E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd660:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D9CF5EBB-B25A-4A76-B522-951F108263CC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd662_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C7BE7001-5539-4C5E-A064-6E62023803AE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd662:-:*:*:*:*:*:*:*", - "matchCriteriaId": "06661DAC-5D22-433E-B5EC-486931E265B4" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd670_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5B8DA94C-23A0-4C99-9F05-144B9B5224B3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd670:-:*:*:*:*:*:*:*", - "matchCriteriaId": "39E10E22-E7CC-41D6-80F3-030083F45645" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd675_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1497D052-884E-496B-BEF8-6904A25125ED" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd675:-:*:*:*:*:*:*:*", - "matchCriteriaId": "589F4888-28F6-4ECA-860E-8054C2A8C419" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd730_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EC4DA7EA-DB81-4C71-A875-2612D8D7D726" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd730:-:*:*:*:*:*:*:*", - "matchCriteriaId": "48F26F64-98D4-420A-8918-E5E56ABA1D47" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd835_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9DA605FD-B801-43BB-B52D-879013F7F57E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd835:-:*:*:*:*:*:*:*", - "matchCriteriaId": "908BFD96-0423-4AFC-B8F3-105B2D5B4C73" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd855_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "42B30014-95AB-4F24-A7A5-60A907502609" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd855:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F562ED3D-CBE3-4DCC-BFBB-DE0AD2425A9C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd865_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "72433485-B229-46A6-BCA4-394AA4EEA683" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd865_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "04D40EC4-BF31-4BFD-8D0A-8193F541AF02" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd888_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "79219DA5-0D09-4CEF-AEFD-917F269AE7DF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd888:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4D30BACF-71C1-4A6D-8811-9AD708A98307" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sdx55_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E93FB34B-3674-404D-9687-E092E9A246AB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sdx55:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F3FF5A9A-A34A-499C-B6E0-D67B496C5454" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sg4150p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9279F02F-6C30-4891-8941-97003DE9C8C7" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sg4150p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FFA7BB42-305C-451F-92D8-0718DF68A012" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm4125_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E2B93301-AFE8-409B-A8C8-6754BE5A0C14" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm4125:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B185412C-177F-48E2-87F9-1269E0FB8E31" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm4450_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8F57DB5E-863C-4CA1-B7C0-DD8FCA50F835" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm4450:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6E3F3930-3C47-4A0D-ADC2-2641AE1CC02C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm6250_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FACA2BF1-85D3-447F-A08D-B90330A22550" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm6250:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C2ABA18D-82C1-4366-B1D7-DED42DD3D5C5" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm6250p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E3FB2972-94B6-4716-BA96-4B452BA3990F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm6250p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "57F4F872-094E-4E27-BB89-D8251FAFB713" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm7250p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "76DB5472-DF51-4144-8A69-9B231CF782DA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm7250p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1D395018-251C-45AA-9EE8-A638CAB0B508" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:smart_audio_400_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "57B0086F-5F2C-4F89-AC53-D8429D6506CD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:smart_audio_400_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FB8145C8-D978-4047-9203-602E854E7290" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_4_gen_1_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2CCBF666-CB4E-44E1-9676-6891EDC73578" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_4_gen_1_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C767AB6A-1A8C-406C-A600-96A816F44E2F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_460_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "390D7CAF-6C0B-4438-AA7D-AEEE127F4D3C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_460_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5BB1FC5E-CF6F-4E54-B78D-C01AFD034903" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_480_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CA3F11F3-C9F4-460D-BD77-1BFBCC1F0592" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_480_5g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "25673A10-D99C-4F67-BDA7-9C2E4A70EF9C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_480\\+_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "50906EF2-01F7-4E97-9F49-F892DF41CB29" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_480\\+_5g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B23A89FF-9C94-40C6-B9B7-3E8354777916" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_630_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "531A9325-790A-4D7E-BFF2-EB1808C719D7" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_630_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E1AACB4E-70A7-43ED-953D-911D2450C946" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_636_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2C558A35-E8E3-43CD-BAC5-C665875D3E60" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_636_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5F23BF59-9FB7-49D6-846D-52263747E69F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_660_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "873CD3BE-2098-4328-B350-A14453C44F1D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_660_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BE294B26-BBD0-455F-82B0-4605987B7DDC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_662_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FE08D23A-2D0D-4472-8847-27B955F55165" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_662_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "37DF4D73-3ACC-41B3-8CA4-20DAECE6BFB7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_665_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D9151A7D-4A02-4EDD-830E-3408BBB2B0C3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_665_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "73D551AC-1008-444B-8A69-CF8CE60942FF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_670_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C9871C72-4B99-43E5-B389-EB26996B08DD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_670_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "586E725A-B3F6-4C4D-AE46-0D76A0C0D91E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_675_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ABF96A66-FECF-4D2F-94C5-7BFC746789E5" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_675_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "28638583-F98D-4B88-AF50-A10642D6A105" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_678_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E1B3C6D8-F06D-48DE-9127-0E574578E501" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_678_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A933F383-717C-4D7B-836A-76042F55488F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_680_4g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8D0ED00F-1345-43AD-83C6-E979890B84AB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_680_4g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "92C28019-B57D-4487-B551-F7B53395C6E5" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_685_4g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C174F07D-0E33-43FD-9BAD-6C6D8B51B6A6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_685_4g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "47311B68-A07F-448B-99D5-9C92C8127A81" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_690_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A930E317-7F22-4605-A85F-144921EEBA0C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_690_5g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BAF50FDA-47FA-491B-BEAE-76CC38C18F52" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_695_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A9A2DA11-5E4E-4E36-923C-A2D3CC2F2751" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_695_5g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BE7DFAD4-1D21-4A3A-9E8C-10F00AD7C403" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_710_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1FEAB1AE-53FE-4641-A2BB-4E1449A76E8C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_710_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3E92D896-80E5-47C6-A752-F19F1CB8005D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_712_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C9B4C948-7C2F-41E5-8111-9A17673E2787" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_712_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2504D653-29C7-4F1F-991C-AA50A4E5E092" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_720g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E6B6B409-33F8-49CA-9A09-3AA97DCBCE54" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_720g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1F34AF35-8A0B-4B90-8AE6-EC961B7FEC4B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_730_mobile_platform__firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D1D763D8-ACBB-491C-9CF2-002E9BC4B4BF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_730_mobile_platform_:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2C867295-F219-4AB8-823B-9AF9D4CB4749" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_730g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E454506E-21BE-4BC9-91B9-21DC2AEA63E3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_730g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7D06996C-0832-4406-9581-1327345E95B9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_732g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A0E3DAEC-1C6C-41D4-867D-A246C51A7F08" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_732g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B4E25E7B-7391-479A-AE10-E593ADF7A5B1" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_750g_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A96C773B-B228-4A39-8CAE-AEA0EE6E5699" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_750g_5g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "898FE463-291B-4C89-BEC5-8B99EA18CF23" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_765_5g_mobile_platform__firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3ACEFE5A-EBC4-4C72-9E72-78D708B7300C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_765_5g_mobile_platform_:-:*:*:*:*:*:*:*", - "matchCriteriaId": "92FD49D6-405A-401E-AC9A-E762D789C713" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_765g_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DD14F17B-FDC3-4B1B-9901-E40B783E77C6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_765g_5g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B8FD2424-599C-4137-9BB0-378F34B7AB3C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_768g_5g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BABB84B3-C5BC-4AE9-AB6E-BA4BAF9FBECB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_768g_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F6037264-BF88-4BCA-9F5F-B5D30587D9A8" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_780g_5g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "38E60ED4-9FB7-481E-915B-B7576566E0BC" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_780g_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A4C68227-8928-41C4-A6B8-CD142C018AB6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_7c_compute_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "75F10C87-25C4-40A5-9B7E-904C2258CB3C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_7c_compute_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "65B3644E-74B5-41BB-BA43-F3E588D152CE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_7c_gen_2_compute_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AF331899-4AA1-4D55-B494-4FA47BB97AE5" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_7c_gen_2_compute_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EC68355A-3202-4317-9767-26AFDD321789" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_8_gen_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3E53D47E-C94F-41BC-94ED-86002A961ACE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_8_gen_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AAF6E29D-7041-43D8-A09B-DEF37B0500C5" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_835_mobile_pc_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5B4837E0-EFF7-4546-918C-03551E03F6BD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_835_mobile_pc_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "81FC1C9D-D494-4426-93FF-A774D68554D7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_845_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4E289B26-AF53-442A-9740-2F44D1F59DA5" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_845_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D56B0CD3-138D-4197-84D5-2887C8FA40D2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_850_mobile_compute_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5167E425-3B5D-4F79-B6AF-599820BEB33E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_850_mobile_compute_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "355080DC-FC83-45C1-AB1A-21533638C181" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_855_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2BF8CD16-C2A7-4C93-8693-0E74F3CD0809" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_855_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "532F3191-56DD-41C2-8FCC-D1B20D0E5624" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_855\\+_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DBE1A34C-6C13-4B32-B49C-9DB1E3D32835" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_855\\+_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DB987280-8F49-4A31-997C-8055AEB5D36A" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_860_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D1B7E8DA-A04A-4509-A847-5EEC760B2D92" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_860_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DE7F357C-96A5-41EE-BECE-401A05683D84" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_865_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6C9F4285-1F09-40CD-B1AA-84B406FD6A71" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_865_5g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8623DD44-DFDD-442D-9789-11A527A450A4" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_865\\+_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "22303AD4-779C-45A3-8F33-3864C45E4328" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_865\\+_5g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B8EC440D-D420-4477-8F14-427245B80631" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_870_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "41446A77-6EF3-4570-BAD2-4C761A2C4E7F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_870_5g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "448C401B-EF07-4385-A7B4-123D7808F64F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_888_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "22A78236-5965-4F65-9001-3FE7FF6D27E8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_888_5g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "414C5C1D-A5DA-47C7-B6C9-3564DD4DD911" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_888\\+_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "01CBD543-635C-4C57-87B7-55DD3BA3C1A2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_888\\+_5g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6A7272B6-AADB-4CCD-B041-66170C313C76" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_8c_compute_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DC63E59F-CB68-435C-B1A4-7DA5D722142F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_8c_compute_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "088D62A3-1FE5-42D6-9231-41DDE4DA37EF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_8c_compute_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DC63E59F-CB68-435C-B1A4-7DA5D722142F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_8c_compute_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "088D62A3-1FE5-42D6-9231-41DDE4DA37EF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_8cx_compute_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "36903AF3-4E2D-4990-B021-A1D980229077" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_8cx_compute_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "472928D4-90F4-402D-B1F2-0CE358326A10" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_8cx_compute_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "36903AF3-4E2D-4990-B021-A1D980229077" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_8cx_compute_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "472928D4-90F4-402D-B1F2-0CE358326A10" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_8cx_gen_2_5g_compute_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C7ACDB5B-A32C-43A1-9086-D081E9FFF9AA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_8cx_gen_2_5g_compute_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "583E50CC-2017-4092-A21E-7AAC53F53A25" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_8cx_gen_2_5g_compute_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C7ACDB5B-A32C-43A1-9086-D081E9FFF9AA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_8cx_gen_2_5g_compute_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "583E50CC-2017-4092-A21E-7AAC53F53A25" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_8cx_gen_3_compute_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7C155F86-467F-4B57-950E-12FAAB570B01" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_8cx_gen_3_compute_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "71E06B94-9463-49A6-B816-E8A82BEA8545" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_ar2_gen_1_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5C1AB7D4-FB11-4020-A4A0-8F40D98C07F1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_ar2_gen_1_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FB6053F0-5E34-458A-B084-078E4D4F4021" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_auto_5g_modem-rf_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "88AF39A5-F44E-4B14-AA6E-4F80D9EEB017" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_auto_5g_modem-rf:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2A25FE8F-555A-4D85-8A94-A808B62EAE86" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_w5\\+_gen_1_wearable_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0C455E7D-D256-4240-BE72-2A93273D685A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_w5\\+_gen_1_wearable_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "423E21A1-8F52-46DA-9AC2-77159FEB6001" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_x50_5g_modem-rf_system_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "69D1567F-D669-4415-9A08-110221EFA6BA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_x50_5g_modem-rf_system:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EF808C56-AD46-4351-9A46-6A2B6AAAB5BB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_x55_5g_modem-rf_system_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AAFF2095-4257-40C9-8C48-B38C143159ED" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_x55_5g_modem-rf_system:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7FEA2F1D-7D07-4684-BDC1-24224A53A8BC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_x65_5g_modem-rf_system_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F74BF53E-DFA1-4750-A638-FE7572B79D16" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_x65_5g_modem-rf_system:-:*:*:*:*:*:*:*", - "matchCriteriaId": "226D1ABD-E4AD-487E-88EB-4C66D51DB33D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_xr1_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A1E1B7FD-39CD-42AB-A113-2AFB25B5F85B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_xr1_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C93EECE3-7A8A-4B58-A674-134040CE43FE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_xr2_5g_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1A129620-8241-4A47-AAC8-CC7E10A09C9C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_xr2_5g_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4CEDD78E-124C-4216-9B57-3B7B53463659" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_xr2\\+_gen_1_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BF9740EB-F82E-42EA-993E-A393B05CC6BB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_xr2\\+_gen_1_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "022A5532-03F7-4FB8-BA0D-4221178C9486" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_auto_4g_modem_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3C8F12FE-0057-4A13-9A7F-D12C114ECEF9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_auto_4g_modem:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1271B0C7-2D91-4129-9B58-E6689DD68C39" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ssg2115p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A146E52D-4AFC-47B4-920F-DAC76077DF25" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ssg2115p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2BA4BA00-C8D1-4DAC-8030-CB5EEC7D4591" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ssg2125p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EA41907C-1CDE-42F3-B21D-5D53B2F06AF7" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ssg2125p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EDC270A7-205C-41EB-A2E5-2A381A16BFBB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sw5100_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA1BF9BB-AF11-46A7-A71C-F7D289E76E3F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sw5100:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7B8455D6-287D-4934-8E4D-F4127A9C0449" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sw5100p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DB599A9F-0305-4FE4-8623-0F86630FEDCB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sw5100p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EEB883BF-68B2-4C25-84DC-5DA953BFAA2F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sxr1120_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CF839E24-6542-4C5D-A1B7-FD3BA00683CB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sxr1120:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E9F12284-93E0-482D-9D35-EB38BA7D6C6D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sxr1230p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BE3236D6-0D01-4D05-B580-8888B99BAA5D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sxr1230p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7E1753FC-F3CD-4B50-886D-8E16D9301A84" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sxr2130_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9F9FA3B1-E4E4-4D9B-A99C-7BF958D4B993" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sxr2130:-:*:*:*:*:*:*:*", - "matchCriteriaId": "95762B01-2762-45BD-8388-5DB77EA6139C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sxr2230p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CD6444F6-A477-4B4C-8A09-C22C47CCE45B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sxr2230p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F3E20681-4FC4-46E2-AF77-BCF03BC8E77E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:vision_intelligence_300_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1708266E-EB99-475A-AB48-B2ACEE5657EC" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:vision_intelligence_300_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FEBBF98A-40C2-4386-85C5-5B1D445CC846" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:vision_intelligence_400_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6E685A5C-870C-41E9-91AA-7AA7535C4D85" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:vision_intelligence_400_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D8F52FE7-2C9C-4908-A578-2230ED6A1505" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9326_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3A2FAD34-B7C5-400A-8575-A12CDE65ACBE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9326:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5A39A2E5-6D8D-4F6E-98CB-96DB1975A4BC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9335_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "28717583-463A-468A-8073-ECF0F90585F6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9335:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4D1A7188-7D5D-4D46-AEAB-08BA84FFF539" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9340_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8BA28CC6-C8BB-4F50-BFE3-A59F664A4F54" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9340:-:*:*:*:*:*:*:*", - "matchCriteriaId": "94D2BDF1-764C-48BA-8944-3275E8768078" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9341_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CE852339-1CAE-4983-9757-8F00EDEF1141" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9341:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4D9E96B3-F1BB-46F8-B715-7DF90180F1E1" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9360_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C4D6C6B2-36DC-4D0D-AFF8-2108A090A78D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9360:-:*:*:*:*:*:*:*", - "matchCriteriaId": "28FEB3B1-F641-436D-AC4F-3304C37167C4" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1295D869-F4DD-4766-B4AA-3513752F43B4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9370:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B98784DC-3143-4D38-AD28-DBBDCCAB4272" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9371_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2503805B-B2A6-4AEE-8AB1-2B8A040702BD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9371:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D3AD370C-2ED0-43CF-83D9-50DC92A01CA5" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9375_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "34143ABA-7D09-429F-A65C-3A33438BF62C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9375:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9D56DFE3-5EF1-4B23-BBD5-0203FBF9CCEC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "70292B01-617F-44AD-AF77-1AFC1450523D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FA94C6D6-85DB-4031-AAF4-C399019AE16D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "92B17201-8185-47F1-9720-5AB4ECD11B22" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E1FA2EB9-416F-4D69-8786-386CC73978AE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3910_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9F0D7B24-D567-479A-B4F1-595FAA053418" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3910:-:*:*:*:*:*:*:*", - "matchCriteriaId": "33A8FAA1-F824-4561-9CCC-7F0DF12F740F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3950_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3FEF2DB6-00F5-4B07-953B-EF58B31267F1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3950:-:*:*:*:*:*:*:*", - "matchCriteriaId": "120E8F0F-EBEB-4565-9927-2D473F783EF7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9C6E9038-9B18-4958-BE1E-215901C9B4B2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3980:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B36D3274-F8D0-49C5-A6D5-95F5DC6D1950" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3988_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E4BFB25F-013B-48E3-99FF-3E8687F94423" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3988:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BF676C5B-838B-446C-A689-6A25AB8A87E2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3990_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2744A053-5BD9-45A9-A2FC-791BCA0CCD4C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3990:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D5F28E29-520F-469E-B048-62DE2EF07ADD" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3999_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DF49BC31-A332-4B9A-A826-F63116D7029F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3999:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6DD3C245-D5F8-4145-8CDF-F635D2C8F088" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn6740_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FB5DB2B8-25E1-4C0F-8AFB-7627FF9A04E1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn6740:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9BB21B3F-6D07-4B45-8A71-DC5490176296" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "15307882-7039-43E9-9BA3-035045988B99" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA85B322-E593-4499-829A-CC6D70BAE884" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E839A0B9-64C3-4C7A-82B7-D2AAF65928F8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7E870D82-DE3B-4199-A730-C8FB545BAA98" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "11B69595-E488-4590-A150-CE5BE08B5E13" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BF680174-5FA6-47D9-8EAB-CC2A37A7BD42" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7ACAD26E-B79E-4659-91A5-D301281F7D36" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8832:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F0E46DA6-9494-4D92-A4AE-A272AF6ACCCC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F80BC68E-7476-4A40-9F48-53722FE9A5BF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6B36F4B2-BAA3-45AD-9967-0EB482C99708" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.qualcomm.com\/company\/product-security\/bulletins\/september-2023-bulletin", - "source": "product-security@qualcomm.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-28559", - "sourceIdentifier": "product-security@qualcomm.com", - "published": "2023-09-05T07:15:13.687", - "lastModified": "2024-04-12T17:17:06.163", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Memory corruption in WLAN FW while processing command parameters from untrusted WMI payload." - }, - { - "lang": "es", - "value": "Corrupción de memoria en WLAN FW al procesar parámetros de comando de payloads WMI no fiables." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - }, - { - "source": "product-security@qualcomm.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-787" - } - ] - }, - { - "source": "product-security@qualcomm.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-120" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:aqt1000_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EC6FCE91-BF38-49ED-8FFB-429BAFEE7832" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:aqt1000:-:*:*:*:*:*:*:*", - "matchCriteriaId": "715A9F94-5F9E-45E5-B07B-699410C01478" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ar8031_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FCE1ADA9-8042-4CDE-A2B9-E96665CB41BE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ar8031:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BB1DE046-DD70-4ACA-9DF4-59939DAC1889" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ar9380_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B032F871-3EC2-427D-A06F-681A58075925" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ar9380:-:*:*:*:*:*:*:*", - "matchCriteriaId": "73286FFB-C267-46B7-8FEF-C96534656AF9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:csr8811_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D4CAA848-413D-4C63-823B-BFCE95C7740C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:csr8811:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1AA32CC0-DE30-4B15-8EC6-1FAF14C5C4E2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:csra6620_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FA42F2EA-5D00-42B8-B020-C27675B72915" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:csra6620:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BFCF207D-B8C8-4860-89C7-673C821F0237" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:csra6640_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A8A35ECF-B12E-42DE-A74B-2C3BE03639A4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:csra6640:-:*:*:*:*:*:*:*", - "matchCriteriaId": "65B283D6-B2D2-49B6-98A8-08EDB54C1F15" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:fastconnect_6200_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CDE1CBDE-3D28-463C-B215-AA7DF373EF09" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:fastconnect_6200:-:*:*:*:*:*:*:*", - "matchCriteriaId": "66BD3B88-7CF9-482D-A2DD-67F6ACF4CC57" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:fastconnect_6700_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "82B82E87-F3F4-466F-A76B-C8809121FF6F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:fastconnect_6700:-:*:*:*:*:*:*:*", - "matchCriteriaId": "419A132E-E42C-4395-B74B-788A39DF1D13" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:fastconnect_6800_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D89F035A-2388-48FC-AEBB-8429C6880F4A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:fastconnect_6800:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CA13EF4E-AAE6-45F4-9E41-78310E37CE81" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E670F500-9B71-4BBE-B5DA-221D35803C89" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:fastconnect_6900:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9ADEB5C5-B79A-4F45-B7D3-75945B38DB6C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:home_hub_100_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "08E5DFB7-9516-4019-8F74-D9584BC01D23" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:home_hub_100_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F2EDB814-A56C-4A85-B8AB-566D42BC9EB5" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:immersive_home_214_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4C241123-63B1-4CA2-A3CB-BADA86EAAA2E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:immersive_home_214_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "66E4B95D-966A-4940-A403-9E8241F121C2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:immersive_home_216_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "68309F58-91D9-407E-9578-17EAF6836E07" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:immersive_home_216_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A0D491A9-6A1F-4B62-9A30-5A9F592BD5B5" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:immersive_home_316_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA6CA3E5-7A0F-4705-985E-0C25DE609494" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:immersive_home_316_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8DC770BF-4B23-4F43-A0B9-E5FE41536F5E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:immersive_home_318_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "84B4531C-9D90-4A9B-8724-1428372319C8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:immersive_home_318_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "497EC79B-0879-4FA2-A5B7-63EA54FC20A5" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq4018_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1D65E62B-95CA-4229-A61B-F4FB70466B6E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq4018:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1339CEEF-34C9-426E-864B-6C7B68E72CAA" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq4019_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "94CB547F-0078-47CD-B511-06DE96882D5A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq4019:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA679375-BB14-4B24-8AD9-B2BFBACE2FDB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq4028_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3525CD2A-CE43-4B42-B8C2-9B19B2551214" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq4028:-:*:*:*:*:*:*:*", - "matchCriteriaId": "010DBDB1-F1A3-4805-BDD2-84CBFA0A0BE1" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq4029_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3D21F293-B9C7-46CB-8D83-BEE27E899BC3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq4029:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C4BA4D00-D7B2-4152-BD82-E6F572655AF3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq5010_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8543C671-054B-489F-ACFE-B7D7BEC1DEE6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq5010:-:*:*:*:*:*:*:*", - "matchCriteriaId": "15C5F8CB-3291-4E13-94F0-680FC85A9669" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq5028_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5AE3085F-59BE-46A0-9A96-65CFAB7DFEAE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq5028:-:*:*:*:*:*:*:*", - "matchCriteriaId": "825524E0-BB01-4CAD-9F65-95E096467D28" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq6000_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA7A5C46-48BF-42A9-A477-A660C6D7B437" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq6000:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EDB79382-19D6-4A67-9013-7099A9C58829" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq6010_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A5CF970F-17AE-4C59-89A5-5B41A41E1DE0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq6010:-:*:*:*:*:*:*:*", - "matchCriteriaId": "71C54A70-AAA8-4B5E-AC1B-471A5C7E79B0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq6018_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B04589FF-F299-4EF6-A57B-1AD145372DBB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq6018:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FDC1ADAD-DA77-47EF-8DB9-C36961C560C2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq6028_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "06126F30-D081-4A11-92FB-4074A451FAF9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq6028:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E2550040-CCC7-4B52-8D3E-7948B3E3C62B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8064_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7A1CC1C1-F2CA-4C43-B9E9-1288C3496C7B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8064:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AC82552A-9E7C-4A13-B7A5-43CEA218675C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8065_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9F37542D-35FD-4B15-8882-DD7543FF4E3D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8065:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1A7A9919-4B34-4960-ADC7-04A176579B80" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8068_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A3CB8796-7976-4077-BFF3-04DAEF5C8DDF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8068:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E848E5C5-F6C6-4FA1-93A6-C7737D69BB15" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8069_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C818E621-4286-485B-96E3-AB485F16BD8D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8069:-:*:*:*:*:*:*:*", - "matchCriteriaId": "87CFC07B-1F10-4AC8-85D8-5BE76FE35FB3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8070_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C670A4C5-1F17-4F1E-91DC-A33A9BA8878A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8070:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ACC9F136-90A7-486F-AF2A-EC60125E5AF8" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8070a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "711FC14F-4DED-4F90-9BA5-0036537E6DCF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8070a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "302F06C0-4835-4CD6-B745-BF7B704C3C86" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8071_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA6FF982-7B4C-40F8-8A79-49CD234930DF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8071:-:*:*:*:*:*:*:*", - "matchCriteriaId": "77052755-6A86-4ED7-B45C-32F884D27C64" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8071a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "623ED6A2-EE37-458E-BEFA-8BAD08256AE8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8071a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "53449B68-4C58-4AEB-82B7-72726ADE0E2C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8072_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "83357A1C-633B-4814-ABB5-A8AC2AC12990" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8072:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8C4A7555-7224-403A-9B7D-23D1622623B7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8072a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "93E5DB9B-F388-49F3-ABD5-CE773FC4B045" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8072a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0137E60A-1869-479C-9B4B-378E5FCCBA1D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8074_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2914BF98-E69C-4C8D-8B10-759642ADD7B4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8074:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2118C404-402F-463C-8160-3CC3B703DF30" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8074a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5C7691C2-C4F8-4F23-9B5F-5E8FE0E2293E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8074a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "02BF2E50-E2A4-44FF-9748-ED96C0C1AB5F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8076_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "966392A8-DD8E-4AA1-B407-5BF2D937139E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8076:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A211C022-8EDF-4B76-89D6-599812900446" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8076a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EF245F8E-C056-4BEF-982E-9616F8C65CD6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8076a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CE302EF9-165F-47F9-B0D6-BE1E3D8C6C65" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8078_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A24951FD-C4AB-4988-A1DD-019412430AC6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8078:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EFEC5D65-C1E3-40ED-9FE3-8DF888CA2654" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8078a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DF609C6C-CD50-423A-A75E-83C730296089" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8078a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B8B35C18-9A01-41E1-8CE9-D8FA7E4A25ED" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8173_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8890C528-C2A3-4148-A397-85B63FB920C4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8173:-:*:*:*:*:*:*:*", - "matchCriteriaId": "81494D75-1D4D-4DC5-AF67-F83FD562DBB9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8174_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6BB84228-3083-4048-8E83-E1F30B537223" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8174:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EB58F259-62BA-40B9-BD71-960F25D20BED" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:mdm9250_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BA44E1D7-C4B5-4A1C-8D89-C080856104EE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:mdm9250:-:*:*:*:*:*:*:*", - "matchCriteriaId": "268F94E5-15A2-4BCA-BE1B-0B6A7179B9C9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca4010_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "04F1CE4C-CAF8-4AB9-B44D-ADC2F2E7CF4C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca4010:-:*:*:*:*:*:*:*", - "matchCriteriaId": "30C10881-C26D-452D-A2D1-8617C2709D60" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca4024_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C359D1E7-6E0A-41B5-ABE5-B55598960700" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca4024:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B4DC3CE7-0C4A-458B-A42E-8F80C062DD5F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6310_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "62DC4FBB-D9CB-43EB-829E-0A892306D0E2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6310:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5B0F8ED6-EAE7-44EA-A8C6-F5AD408261F0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6320_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "886CF046-E1D9-4FD4-AC02-EAB61C3F70FD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6320:-:*:*:*:*:*:*:*", - "matchCriteriaId": "059486E9-3F99-4C65-A763-470564EDAF2C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6335_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "966CDA56-809F-4FF4-909D-0DD92F44CF67" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6335:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C90747B4-2CC0-4816-A994-58E00F5ADA05" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6391_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "83B53119-1B2F-4978-B7F5-33B84BE73B68" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6391:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6FEBC0C5-CAA1-475C-96C2-B8D24B2E4536" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6420_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7E16994A-6DBA-426C-ADD2-B1E8B49FEDBF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6420:-:*:*:*:*:*:*:*", - "matchCriteriaId": "47E674DE-55AB-44E5-8E00-C804FC9D4DC0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6428_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8B9382B5-AEB1-41E6-9F25-B0EDC95363C9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6428:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BDFC0DFF-F13A-4804-890C-99AFA0C56D62" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6430_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "95AFC483-1468-43FC-96FA-A56165C290E0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6430:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0A963FDF-6FF4-4F48-834E-2A14D241716D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6438_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F8D7658D-692D-4873-8D41-7682E9ECAEB3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6438:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DB8993C2-1E06-4ACF-B1E8-A62D89EBF4A0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6554a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0B1397F3-8CCF-4BBA-9F0F-A12E4F045754" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6554a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F5888224-567D-4C84-BE6D-17B636BF506C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6564a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "886124F6-B397-4EB6-8E01-6012E468ABE9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6564a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "93ED74CE-6BF2-4983-8780-07D5336745B3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6564au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B59672A0-2FA6-46CC-B75A-C599B842AFB9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6564au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3847F4A5-90A5-4C84-B43F-0DDD81BD79CE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6574_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9B828AC8-4A01-4537-B2BD-8180C99F5C32" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6574:-:*:*:*:*:*:*:*", - "matchCriteriaId": "66C16E1E-9D4A-4F20-B697-833FDCCA86FB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6574a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "828CFB37-76A6-4927-9D00-AF9A1C432DD6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6574a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "11405993-5903-4716-B452-370281034B42" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6574au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D527E2B1-2A46-4FBA-9F7A-F5543677C8FB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6574au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8374DDB3-D484-4141-AE0C-42333D2721F6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6584au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C3DDA896-576C-44B8-85B6-F71F473F776B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6584au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "51A87BDA-5B24-4212-BAB3-D2BBB2F4162E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6595_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "643EC76D-2836-48E6-81DA-78C4883C33CA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6595:-:*:*:*:*:*:*:*", - "matchCriteriaId": "477F6529-4CE1-44FC-B6EE-D24D44C71AE7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6595au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "288F637F-22F8-47CF-B67F-C798A730A1BD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6595au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D0996EA3-1C92-4933-BE34-9CF625E59FE7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6696_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0AE207DB-9770-40ED-961D-FDA75965826F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6696:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0E23922D-C37F-476F-A623-4C1458A9156F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca7500_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9D4F8296-D8D0-42C6-AAD2-24DA0DB403D4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca7500:-:*:*:*:*:*:*:*", - "matchCriteriaId": "14EC7373-E5F3-4D2B-B727-CAEE772B74BB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8075_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CC8A5A87-7D62-4EB7-962A-0F160DE3E889" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8075:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7B68D126-7F49-4FFA-8AF8-78120973D78E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8081_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1D1C53DC-D2F3-4C92-9725-9A85340AF026" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8081:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ED0585FF-E390-46E8-8701-70964A4057BB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9377_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C4D2B46E-3996-42FD-B932-09E92C02EC8A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9377:-:*:*:*:*:*:*:*", - "matchCriteriaId": "98E58C63-F253-4DCC-8A14-48FEB64B4C3D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9880_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7F81D132-B2DD-4D09-8561-21A2CFBCC9FA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9880:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F099A893-232B-48FB-81B3-F01AF2A19426" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9886_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "311229F9-4A32-462D-AE8D-E5E2B2C416CE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9886:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5A523C3F-FB62-4728-8173-4C117C28AC5A" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9888_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EF227702-EEFC-43CC-AC80-81EA6E4927E0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9888:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AE5DFEA5-EA29-40B6-83DB-883B276E8245" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9889_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "728CCD27-ED06-49FD-AECD-9B0856813EDF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9889:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1D181868-AE93-4116-B45F-81D94F537227" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9898_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "49882EDE-598D-40B2-8A65-D258241E669F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9898:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F1572D87-4EC2-4B95-826A-B03FDD4985AE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9980_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DCBC53AC-E040-40E0-B09B-4117E641C9D4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9980:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7AE49086-E95B-4852-8A09-16A83DD63EC9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9984_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "93BA2DC9-5B4F-4F8F-8B3D-8DA01043B9BD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9984:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8FA8880F-E513-4390-B839-C5D86E7A89EB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9985_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ED6C33CE-635A-415F-9F4E-70E2D86A06D3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9985:-:*:*:*:*:*:*:*", - "matchCriteriaId": "124FF4F3-0490-4CB8-8689-5F0FA6D9230F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9986_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "70DBC461-DFD7-419E-8241-B55913315D45" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9986:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4E9EC919-0F83-49F3-807B-CD4B27AAE741" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9987_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "77057B7D-E70A-4F74-A141-14B0DD798247" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9987:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E0B7DFC6-5D6A-4B73-B5F8-6C2073E0EBE0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9990_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "991D9592-D61E-4777-8B59-EB004F09998E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9990:-:*:*:*:*:*:*:*", - "matchCriteriaId": "37A829C8-5BA3-4B13-9033-30FCD5B78B70" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9992_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5D8FB66C-5616-4C3A-9CAE-7610519ACA1A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9992:-:*:*:*:*:*:*:*", - "matchCriteriaId": "408C8494-E7D8-4F99-9B04-7E84A31C799B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9994_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BD5B18AA-0699-4F21-9D3E-C45B071B4903" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9994:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DDC4C800-C9E3-4DB0-AE99-3F75D3660DEC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcm2290_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5AB1F0FA-25F3-4304-A3BC-5264E55CC092" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcm2290:-:*:*:*:*:*:*:*", - "matchCriteriaId": "214A053F-D80C-4AD9-B4F1-83384095A3F3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcm4290_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3C7FFB96-53E7-41A2-BC99-7ACD853214A8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcm4290:-:*:*:*:*:*:*:*", - "matchCriteriaId": "74EBA77E-69A5-4145-9BEC-CD39BA132309" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcm4325_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F2D8044B-D4E5-4174-A0FB-478F8434EE8F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcm4325:-:*:*:*:*:*:*:*", - "matchCriteriaId": "163FE96E-DF5B-4B67-8EDE-44A5B9A8492D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcm4490_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DA506489-4338-44DF-8F92-12E60AF0048C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcm4490:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A8718C37-A82A-4A08-A887-3F22B37601A9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcm6125_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AB226552-52D9-44F5-A170-35C44761A72B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcm6125:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FBB16DC4-CDC9-4936-9C6A-0ED8E1F6D056" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5022_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "478B79F0-D257-41B2-965B-3E251A584D45" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5022:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8B6D2C9D-1BF9-4D78-90FB-B7633DD87E67" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5024_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "63965F19-033E-4755-B9CA-EF409EC339A3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5024:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CCA0E68F-6D5F-4C20-AABC-26CA6867D3D6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5052_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "85740DB4-3B08-48A4-ACAF-7BBB2612009A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5052:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8A0BD404-5EBA-4988-91B6-ECE8FCF4F041" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5064_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0405CBFB-AD0E-45F8-ADDA-60D2BF7486C0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5064:-:*:*:*:*:*:*:*", - "matchCriteriaId": "08F4DD2E-C887-424C-B931-CBB9B402726E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5122_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "290BFC8A-0D76-4BCD-B059-2DAFD368A10C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5122:-:*:*:*:*:*:*:*", - "matchCriteriaId": "936A308A-92B9-468C-9BC6-8FD71C7C2315" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5124_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2A9F76FF-96D3-4BCE-918D-B3B0ADA3E8E0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5124:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2908A543-EFE4-477D-9CF3-76534B2E6CF6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5152_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0EAE1EBF-AD14-4C07-99B5-2547A5196B20" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5152:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D4829FF9-C0BA-4E40-A01A-3EF179462029" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5154_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0ED3ED74-C2D0-4A84-A2F8-392818E5CD20" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5154:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4F1CA219-959D-481A-8622-69F1825832FB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5164_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5F6EAD64-D133-42C4-92ED-90C49938C0F1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5164:-:*:*:*:*:*:*:*", - "matchCriteriaId": "93E7ED58-C5A7-4F78-8233-750780CCAB16" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5550_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A0A436BB-212C-4419-A0C7-03C0E04BD582" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5550:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3AF4B33B-223D-45F5-8168-3D2232E11663" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6023_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "63FF89C5-3BBF-4A13-8A3B-F490C2FA1A95" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6023:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6784EC5F-2C26-49C5-9A03-6FD2056C04EF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6024_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A49DBE04-E2EA-4DA1-B774-A878A71524AC" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6024:-:*:*:*:*:*:*:*", - "matchCriteriaId": "69E98386-3BB2-4E8C-AD00-E05123608439" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6122_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1A988BD3-71D8-4F2B-9EC2-8E385B114114" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6122:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1E7049A3-9F35-465F-9B2E-96788E54EC63" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6132_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A59FBBDC-0495-422C-B25A-FFDF94D33C34" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6132:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F6E55C06-45EE-4144-8CBC-4D41DDE4D899" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn7605_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9C9D1966-30F0-414D-BE75-0A14B12A1457" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn7605:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CD28C87D-1D28-4C84-BFE4-56EE3BF2C6B0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn7606_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F466A5BD-1912-4811-9A93-81555F101D46" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn7606:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0F92914E-16F6-4A25-9FEF-FB7CB3377132" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9000_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5BCCFF8B-4857-439D-BD4A-EB35672F474B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9000:-:*:*:*:*:*:*:*", - "matchCriteriaId": "86896D55-89F5-440B-9082-916E486B65D9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9012_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "61F34DD2-9DC0-49E5-BC85-1543EA199477" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9012:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1A06879F-6FE9-448A-8186-8347D76F872B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9022_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "36A10EB2-E7A2-461F-836E-FC38B9428C98" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9022:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A457C1D6-A026-4B5F-9CB1-FA795785A515" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9024_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A64CDA49-19BF-413F-A0E0-2B9729E45E25" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9024:-:*:*:*:*:*:*:*", - "matchCriteriaId": "345CCD64-C09E-407D-AAA2-311C4CCFE24F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9070_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2C10CAAC-FD93-4116-9F0C-E983B3693FAF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9070:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9FEC2402-BA39-49BB-A34C-FF32ED44A158" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9072_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "809FD84D-11C5-4EE3-B830-62CF5F6CB1BC" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9072:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DFD77A52-D53C-424F-9E17-160B710469C3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9074_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "65303C2D-C6BF-47CB-8146-E240CB8BBE42" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9074:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A6B03022-497A-4F42-BB4D-5624EA7DF1B9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9100_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B31EEE9E-CDEC-4E88-B950-3413205E483E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9100:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3E1E341A-7DDD-47E5-BB5F-0666482B41C0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs2290_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "93CDB7BC-89F2-4482-B8E3-9DDBD918C851" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs2290:-:*:*:*:*:*:*:*", - "matchCriteriaId": "76E03AE9-2485-449B-BCFD-3E452BB01FC6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs410_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DC43BB27-0516-4750-A4C2-C45298441398" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs410:-:*:*:*:*:*:*:*", - "matchCriteriaId": "969585DE-93D6-4406-A632-D838ECD4D5AD" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs4290_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "06789CB9-E6FA-400D-90B6-C2DB6C8EF153" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs4290:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FFCB9F22-57F2-4327-95B9-B2342A02E45E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs4490_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3336CDD7-9E7B-4FFB-A5CE-594B19B63A6C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs4490:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1197E229-1E27-4CA3-A386-B77FAE5DFE1A" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs610_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E634F59C-6817-4898-A141-082044E66836" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs610:-:*:*:*:*:*:*:*", - "matchCriteriaId": "29762819-EC90-499C-A8C6-1423DE3FE6B9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs6125_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4468EA5D-87B0-4FEC-A3DB-617651B0D169" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs6125:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6DA2C3E1-E285-4CAD-9FA3-813C8EC436F6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qualcomm_robotics_rb3_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3190C4FD-36BE-46F4-AAD9-028105D7A39B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qualcomm_robotics_rb3_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4CE5E237-2F85-4EB3-BB8C-BA11D8F25C5C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6150p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "054F77D6-FC66-4151-9005-DC7ECDB5C722" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6150p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8ED3F589-16D9-46A7-A539-C9862473EE0D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6155_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4C40544E-B040-491C-8DF3-50225E70B50C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6155:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A2DAC85C-CDC9-4784-A69A-147A2CE8A8B2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6155p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8DC40C14-3B2D-4E00-9E0F-86E6BDBF2D81" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6155p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0514D433-162C-4680-8912-721D19BE6201" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8145p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A71D74B0-0963-49FD-8E97-148C8993B263" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8145p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "910CBFA4-50F7-4C7A-B9B9-B88C8A919827" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8150p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "69C1B02F-8D2D-42E7-B70D-41F4D9844FD1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8150p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3FEACAA9-C061-4713-9A54-37D8BFC0B00B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8155_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F33EB594-B0D3-42F2-B1CA-B0E6C9D82C6B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8155:-:*:*:*:*:*:*:*", - "matchCriteriaId": "50EF47E5-2875-412F-815D-44804BB3A739" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8155p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C8648B38-2597-401A-8F53-D582FA911569" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8155p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A01CD59B-8F21-4CD6-8A1A-7B37547A8715" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8195p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "51BC0A66-493B-43BE-B51F-640BDF2FF32E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8195p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D8DA4D12-7ABF-4A04-B44E-E1D68C8E58AB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180x\\+sdx55_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C751ABFE-3B9B-472B-A10C-277270790D95" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180x\\+sdx55:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C819454D-D413-478A-B78D-CFF6994803A1" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd_455_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B3EF9964-D615-473E-A289-8A01D91D87AA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd_455:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9C177163-B6E6-42D8-8969-C2F9832C6701" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd_675_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3F900C8F-9763-441A-B97E-E5394A68A08A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd_675:-:*:*:*:*:*:*:*", - "matchCriteriaId": "589C1001-E9F6-41A6-BCC8-A94A3C97F2E6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd_8cx_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A71D1A7C-537F-458B-BA56-A11F95E36EA9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd_8cx:-:*:*:*:*:*:*:*", - "matchCriteriaId": "716DEC4D-D854-44CD-8A14-AA5AFD96809E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd460_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "52036768-810C-40C2-9213-8397A4073703" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd460:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BE8AB22C-54EA-4D61-B6F9-7BC45820D29E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd660_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3991C516-4FBE-43D8-835F-413FE45BF73E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd660:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D9CF5EBB-B25A-4A76-B522-951F108263CC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd662_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C7BE7001-5539-4C5E-A064-6E62023803AE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd662:-:*:*:*:*:*:*:*", - "matchCriteriaId": "06661DAC-5D22-433E-B5EC-486931E265B4" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd670_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5B8DA94C-23A0-4C99-9F05-144B9B5224B3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd670:-:*:*:*:*:*:*:*", - "matchCriteriaId": "39E10E22-E7CC-41D6-80F3-030083F45645" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd675_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1497D052-884E-496B-BEF8-6904A25125ED" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd675:-:*:*:*:*:*:*:*", - "matchCriteriaId": "589F4888-28F6-4ECA-860E-8054C2A8C419" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd730_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EC4DA7EA-DB81-4C71-A875-2612D8D7D726" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd730:-:*:*:*:*:*:*:*", - "matchCriteriaId": "48F26F64-98D4-420A-8918-E5E56ABA1D47" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd835_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9DA605FD-B801-43BB-B52D-879013F7F57E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd835:-:*:*:*:*:*:*:*", - "matchCriteriaId": "908BFD96-0423-4AFC-B8F3-105B2D5B4C73" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd855_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "42B30014-95AB-4F24-A7A5-60A907502609" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd855:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F562ED3D-CBE3-4DCC-BFBB-DE0AD2425A9C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sdx55_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E93FB34B-3674-404D-9687-E092E9A246AB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sdx55:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F3FF5A9A-A34A-499C-B6E0-D67B496C5454" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sg4150p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9279F02F-6C30-4891-8941-97003DE9C8C7" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sg4150p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FFA7BB42-305C-451F-92D8-0718DF68A012" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm4125_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E2B93301-AFE8-409B-A8C8-6754BE5A0C14" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm4125:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B185412C-177F-48E2-87F9-1269E0FB8E31" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm4450_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8F57DB5E-863C-4CA1-B7C0-DD8FCA50F835" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm4450:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6E3F3930-3C47-4A0D-ADC2-2641AE1CC02C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm6250_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FACA2BF1-85D3-447F-A08D-B90330A22550" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm6250:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C2ABA18D-82C1-4366-B1D7-DED42DD3D5C5" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm6250p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E3FB2972-94B6-4716-BA96-4B452BA3990F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm6250p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "57F4F872-094E-4E27-BB89-D8251FAFB713" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm7250p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "76DB5472-DF51-4144-8A69-9B231CF782DA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm7250p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1D395018-251C-45AA-9EE8-A638CAB0B508" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:smart_audio_400_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "57B0086F-5F2C-4F89-AC53-D8429D6506CD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:smart_audio_400_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FB8145C8-D978-4047-9203-602E854E7290" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_4_gen_1_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2CCBF666-CB4E-44E1-9676-6891EDC73578" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_4_gen_1_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C767AB6A-1A8C-406C-A600-96A816F44E2F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_460_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "390D7CAF-6C0B-4438-AA7D-AEEE127F4D3C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_460_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5BB1FC5E-CF6F-4E54-B78D-C01AFD034903" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_480_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CA3F11F3-C9F4-460D-BD77-1BFBCC1F0592" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_480_5g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "25673A10-D99C-4F67-BDA7-9C2E4A70EF9C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_480\\+_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "50906EF2-01F7-4E97-9F49-F892DF41CB29" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_480\\+_5g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B23A89FF-9C94-40C6-B9B7-3E8354777916" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_630_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "531A9325-790A-4D7E-BFF2-EB1808C719D7" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_630_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E1AACB4E-70A7-43ED-953D-911D2450C946" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_636_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2C558A35-E8E3-43CD-BAC5-C665875D3E60" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_636_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5F23BF59-9FB7-49D6-846D-52263747E69F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_660_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "873CD3BE-2098-4328-B350-A14453C44F1D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_660_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BE294B26-BBD0-455F-82B0-4605987B7DDC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_662_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "37DF4D73-3ACC-41B3-8CA4-20DAECE6BFB7" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_662_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FE08D23A-2D0D-4472-8847-27B955F55165" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_665_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D9151A7D-4A02-4EDD-830E-3408BBB2B0C3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_665_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "73D551AC-1008-444B-8A69-CF8CE60942FF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_670_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C9871C72-4B99-43E5-B389-EB26996B08DD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_670_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "586E725A-B3F6-4C4D-AE46-0D76A0C0D91E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_675_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ABF96A66-FECF-4D2F-94C5-7BFC746789E5" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_675_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "28638583-F98D-4B88-AF50-A10642D6A105" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_678_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E1B3C6D8-F06D-48DE-9127-0E574578E501" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_678_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A933F383-717C-4D7B-836A-76042F55488F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_680_4g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8D0ED00F-1345-43AD-83C6-E979890B84AB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_680_4g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "92C28019-B57D-4487-B551-F7B53395C6E5" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_685_4g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C174F07D-0E33-43FD-9BAD-6C6D8B51B6A6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_685_4g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "47311B68-A07F-448B-99D5-9C92C8127A81" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_690_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A930E317-7F22-4605-A85F-144921EEBA0C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_690_5g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BAF50FDA-47FA-491B-BEAE-76CC38C18F52" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_695_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A9A2DA11-5E4E-4E36-923C-A2D3CC2F2751" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_695_5g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BE7DFAD4-1D21-4A3A-9E8C-10F00AD7C403" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_710_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1FEAB1AE-53FE-4641-A2BB-4E1449A76E8C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_710_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3E92D896-80E5-47C6-A752-F19F1CB8005D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_712_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C9B4C948-7C2F-41E5-8111-9A17673E2787" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_712_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2504D653-29C7-4F1F-991C-AA50A4E5E092" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_720g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E6B6B409-33F8-49CA-9A09-3AA97DCBCE54" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_720g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1F34AF35-8A0B-4B90-8AE6-EC961B7FEC4B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_730_mobile_platform__firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D1D763D8-ACBB-491C-9CF2-002E9BC4B4BF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_730_mobile_platform_:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2C867295-F219-4AB8-823B-9AF9D4CB4749" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_730g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E454506E-21BE-4BC9-91B9-21DC2AEA63E3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_730g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7D06996C-0832-4406-9581-1327345E95B9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_732g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A0E3DAEC-1C6C-41D4-867D-A246C51A7F08" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_732g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B4E25E7B-7391-479A-AE10-E593ADF7A5B1" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_750g_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A96C773B-B228-4A39-8CAE-AEA0EE6E5699" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_750g_5g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "898FE463-291B-4C89-BEC5-8B99EA18CF23" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_765_5g_mobile_platform__firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3ACEFE5A-EBC4-4C72-9E72-78D708B7300C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_765_5g_mobile_platform_:-:*:*:*:*:*:*:*", - "matchCriteriaId": "92FD49D6-405A-401E-AC9A-E762D789C713" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_765g_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DD14F17B-FDC3-4B1B-9901-E40B783E77C6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_765g_5g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B8FD2424-599C-4137-9BB0-378F34B7AB3C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_768g_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F6037264-BF88-4BCA-9F5F-B5D30587D9A8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_768g_5g_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BABB84B3-C5BC-4AE9-AB6E-BA4BAF9FBECB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_7c_compute_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "65B3644E-74B5-41BB-BA43-F3E588D152CE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_7c_compute_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "75F10C87-25C4-40A5-9B7E-904C2258CB3C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_7c_gen_2_compute_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EC68355A-3202-4317-9767-26AFDD321789" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_7c_gen_2_compute_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AF331899-4AA1-4D55-B494-4FA47BB97AE5" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_835_mobile_pc_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "81FC1C9D-D494-4426-93FF-A774D68554D7" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_835_mobile_pc_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5B4837E0-EFF7-4546-918C-03551E03F6BD" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_845_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D56B0CD3-138D-4197-84D5-2887C8FA40D2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_845_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4E289B26-AF53-442A-9740-2F44D1F59DA5" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_850_mobile_compute_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "355080DC-FC83-45C1-AB1A-21533638C181" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_850_mobile_compute_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5167E425-3B5D-4F79-B6AF-599820BEB33E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_855_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "532F3191-56DD-41C2-8FCC-D1B20D0E5624" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_855_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2BF8CD16-C2A7-4C93-8693-0E74F3CD0809" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_855\\+_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DB987280-8F49-4A31-997C-8055AEB5D36A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_855\\+_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DBE1A34C-6C13-4B32-B49C-9DB1E3D32835" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_860_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D1B7E8DA-A04A-4509-A847-5EEC760B2D92" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_860_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DE7F357C-96A5-41EE-BECE-401A05683D84" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_8c_compute_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DC63E59F-CB68-435C-B1A4-7DA5D722142F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_8c_compute_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "088D62A3-1FE5-42D6-9231-41DDE4DA37EF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_8cx_compute_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "36903AF3-4E2D-4990-B021-A1D980229077" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_8cx_compute_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "472928D4-90F4-402D-B1F2-0CE358326A10" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_8cx_compute_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "36903AF3-4E2D-4990-B021-A1D980229077" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_8cx_compute_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "472928D4-90F4-402D-B1F2-0CE358326A10" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_8cx_gen_2_5g_compute_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C7ACDB5B-A32C-43A1-9086-D081E9FFF9AA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_8cx_gen_2_5g_compute_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "583E50CC-2017-4092-A21E-7AAC53F53A25" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_auto_5g_modem-rf_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "88AF39A5-F44E-4B14-AA6E-4F80D9EEB017" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_auto_5g_modem-rf:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2A25FE8F-555A-4D85-8A94-A808B62EAE86" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_w5\\+_gen_1_wearable_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0C455E7D-D256-4240-BE72-2A93273D685A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_w5\\+_gen_1_wearable_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "423E21A1-8F52-46DA-9AC2-77159FEB6001" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_x50_5g_modem-rf_system_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "69D1567F-D669-4415-9A08-110221EFA6BA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_x50_5g_modem-rf_system:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EF808C56-AD46-4351-9A46-6A2B6AAAB5BB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_x55_5g_modem-rf_system_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AAFF2095-4257-40C9-8C48-B38C143159ED" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_x55_5g_modem-rf_system:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7FEA2F1D-7D07-4684-BDC1-24224A53A8BC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_xr1_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A1E1B7FD-39CD-42AB-A113-2AFB25B5F85B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_xr1_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C93EECE3-7A8A-4B58-A674-134040CE43FE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sw5100_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA1BF9BB-AF11-46A7-A71C-F7D289E76E3F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sw5100:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7B8455D6-287D-4934-8E4D-F4127A9C0449" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sw5100p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DB599A9F-0305-4FE4-8623-0F86630FEDCB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sw5100p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EEB883BF-68B2-4C25-84DC-5DA953BFAA2F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sxr1120_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CF839E24-6542-4C5D-A1B7-FD3BA00683CB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sxr1120:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E9F12284-93E0-482D-9D35-EB38BA7D6C6D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:vision_intelligence_300_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1708266E-EB99-475A-AB48-B2ACEE5657EC" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:vision_intelligence_300_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FEBBF98A-40C2-4386-85C5-5B1D445CC846" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:vision_intelligence_400_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6E685A5C-870C-41E9-91AA-7AA7535C4D85" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:vision_intelligence_400_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D8F52FE7-2C9C-4908-A578-2230ED6A1505" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9326_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3A2FAD34-B7C5-400A-8575-A12CDE65ACBE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9326:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5A39A2E5-6D8D-4F6E-98CB-96DB1975A4BC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9335_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "28717583-463A-468A-8073-ECF0F90585F6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9335:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4D1A7188-7D5D-4D46-AEAB-08BA84FFF539" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9340_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8BA28CC6-C8BB-4F50-BFE3-A59F664A4F54" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9340:-:*:*:*:*:*:*:*", - "matchCriteriaId": "94D2BDF1-764C-48BA-8944-3275E8768078" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9341_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CE852339-1CAE-4983-9757-8F00EDEF1141" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9341:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4D9E96B3-F1BB-46F8-B715-7DF90180F1E1" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9360_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C4D6C6B2-36DC-4D0D-AFF8-2108A090A78D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9360:-:*:*:*:*:*:*:*", - "matchCriteriaId": "28FEB3B1-F641-436D-AC4F-3304C37167C4" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1295D869-F4DD-4766-B4AA-3513752F43B4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9370:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B98784DC-3143-4D38-AD28-DBBDCCAB4272" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9371_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2503805B-B2A6-4AEE-8AB1-2B8A040702BD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9371:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D3AD370C-2ED0-43CF-83D9-50DC92A01CA5" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9375_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "34143ABA-7D09-429F-A65C-3A33438BF62C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9375:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9D56DFE3-5EF1-4B23-BBD5-0203FBF9CCEC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "70292B01-617F-44AD-AF77-1AFC1450523D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FA94C6D6-85DB-4031-AAF4-C399019AE16D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "92B17201-8185-47F1-9720-5AB4ECD11B22" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E1FA2EB9-416F-4D69-8786-386CC73978AE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3910_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9F0D7B24-D567-479A-B4F1-595FAA053418" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3910:-:*:*:*:*:*:*:*", - "matchCriteriaId": "33A8FAA1-F824-4561-9CCC-7F0DF12F740F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3950_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3FEF2DB6-00F5-4B07-953B-EF58B31267F1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3950:-:*:*:*:*:*:*:*", - "matchCriteriaId": "120E8F0F-EBEB-4565-9927-2D473F783EF7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9C6E9038-9B18-4958-BE1E-215901C9B4B2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3980:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B36D3274-F8D0-49C5-A6D5-95F5DC6D1950" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3988_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E4BFB25F-013B-48E3-99FF-3E8687F94423" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3988:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BF676C5B-838B-446C-A689-6A25AB8A87E2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3990_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2744A053-5BD9-45A9-A2FC-791BCA0CCD4C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3990:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D5F28E29-520F-469E-B048-62DE2EF07ADD" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3999_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DF49BC31-A332-4B9A-A826-F63116D7029F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3999:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6DD3C245-D5F8-4145-8CDF-F635D2C8F088" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "15307882-7039-43E9-9BA3-035045988B99" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA85B322-E593-4499-829A-CC6D70BAE884" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E839A0B9-64C3-4C7A-82B7-D2AAF65928F8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7E870D82-DE3B-4199-A730-C8FB545BAA98" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "11B69595-E488-4590-A150-CE5BE08B5E13" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BF680174-5FA6-47D9-8EAB-CC2A37A7BD42" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7ACAD26E-B79E-4659-91A5-D301281F7D36" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8832:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F0E46DA6-9494-4D92-A4AE-A272AF6ACCCC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F80BC68E-7476-4A40-9F48-53722FE9A5BF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6B36F4B2-BAA3-45AD-9967-0EB482C99708" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.qualcomm.com\/company\/product-security\/bulletins\/september-2023-bulletin", - "source": "product-security@qualcomm.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-28560", - "sourceIdentifier": "product-security@qualcomm.com", - "published": "2023-09-05T07:15:13.763", - "lastModified": "2024-04-12T17:17:06.503", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Memory corruption in WLAN HAL while processing devIndex from untrusted WMI payload." - }, - { - "lang": "es", - "value": "Corrupción de memoria en WLAN HAL al procesar devIndex desde un payload WMI no fiable." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - }, - { - "source": "product-security@qualcomm.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-787" - } - ] - }, - { - "source": "product-security@qualcomm.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-120" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:apq8076_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9A4CAA77-CC4D-49CF-9696-6C2542B31415" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:apq8076:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E19E8B60-4C5C-4D1C-B9F0-AB1FC1F58949" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:apq8084_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9E0E1355-0ED3-42B8-B4EB-BC5869532296" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:apq8084:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BBC2E532-1298-4B43-9EF8-AE37E1338EED" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:apq8092_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CF8D0C2A-3444-45EA-81BC-F72BE9D2F0FF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:apq8092:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B678CB4A-A4B4-45AF-9218-AFC30A5B71ED" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:apq8094_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "83BCBAD4-F51F-43E8-8865-C07B47EA6417" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:apq8094:-:*:*:*:*:*:*:*", - "matchCriteriaId": "20239319-ACA6-4249-815D-C10D5E39A16A" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:aqt1000_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EC6FCE91-BF38-49ED-8FFB-429BAFEE7832" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:aqt1000:-:*:*:*:*:*:*:*", - "matchCriteriaId": "715A9F94-5F9E-45E5-B07B-699410C01478" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ar8031_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FCE1ADA9-8042-4CDE-A2B9-E96665CB41BE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ar8031:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BB1DE046-DD70-4ACA-9DF4-59939DAC1889" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ar8035_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C88B9C86-2E8E-4DCE-A30C-02977CC00F00" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ar8035:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EE473A5A-5CFC-4F08-A173-30717F8BD0D7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ar9380_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B032F871-3EC2-427D-A06F-681A58075925" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ar9380:-:*:*:*:*:*:*:*", - "matchCriteriaId": "73286FFB-C267-46B7-8FEF-C96534656AF9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:csr8811_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D4CAA848-413D-4C63-823B-BFCE95C7740C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:csr8811:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1AA32CC0-DE30-4B15-8EC6-1FAF14C5C4E2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:csra6620_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FA42F2EA-5D00-42B8-B020-C27675B72915" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:csra6620:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BFCF207D-B8C8-4860-89C7-673C821F0237" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:csra6640_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A8A35ECF-B12E-42DE-A74B-2C3BE03639A4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:csra6640:-:*:*:*:*:*:*:*", - "matchCriteriaId": "65B283D6-B2D2-49B6-98A8-08EDB54C1F15" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:csrb31024_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1EBF42F8-50BA-4172-A3A0-7FD1BA4B3ED3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:csrb31024:-:*:*:*:*:*:*:*", - "matchCriteriaId": "770F3924-BE27-4BDE-B922-680B3C9753EB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3991_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "19013619-9B73-4A4F-B5B2-2A7D9A41D81E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3991:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9523ACC9-9D2F-4A40-9CEF-9A9676176867" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3998_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "34AB9074-97A3-43F0-B829-CDB4E3066AC4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3998:-:*:*:*:*:*:*:*", - "matchCriteriaId": "362252ED-1DB3-4CF6-86DD-14919826D75E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn785x-1_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C41266FF-5555-4522-AD55-6A7CF8BA33D5" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn785x-1:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9E9C428C-7470-4178-9029-3234086D93F1" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn785x-5_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "04EA12D4-24E2-4FE9-8CD6-06A8E36DEB2F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn785x-5:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2AED978B-0330-4B9B-B662-AA8E9E621996" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6390_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "96FBD6DF-F174-4690-AA3D-1E8974E3627F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6390:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A3BF86E1-3FAC-4A42-8C01-5944C6C30AE5" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn685x-5_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2A3CF46D-E1CB-447E-8371-15C3F49B1AA9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn685x-5:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B74FDAF1-82D0-4136-BF97-25C56FCEE77C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn685x-1_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A07C2049-B227-4849-85D0-B53D690C7697" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn685x-1:-:*:*:*:*:*:*:*", - "matchCriteriaId": "88D2DB07-B72B-4D44-A373-0C7EAB35F388" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca4020_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "97E02FD6-F0A7-4B60-9ED8-26AAE497AEED" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca4020:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3A732D0D-E999-4CE8-9448-FC6BA7FCC0A4" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca4024_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C359D1E7-6E0A-41B5-ABE5-B55598960700" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca4024:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B4DC3CE7-0C4A-458B-A42E-8F80C062DD5F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:immersive_home_214_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4C241123-63B1-4CA2-A3CB-BADA86EAAA2E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:immersive_home_214_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "66E4B95D-966A-4940-A403-9E8241F121C2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:immersive_home_216_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "68309F58-91D9-407E-9578-17EAF6836E07" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:immersive_home_216_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A0D491A9-6A1F-4B62-9A30-5A9F592BD5B5" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:immersive_home_316_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA6CA3E5-7A0F-4705-985E-0C25DE609494" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:immersive_home_316_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8DC770BF-4B23-4F43-A0B9-E5FE41536F5E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:immersive_home_318_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "84B4531C-9D90-4A9B-8724-1428372319C8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:immersive_home_318_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "497EC79B-0879-4FA2-A5B7-63EA54FC20A5" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq4018_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1D65E62B-95CA-4229-A61B-F4FB70466B6E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq4018:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1339CEEF-34C9-426E-864B-6C7B68E72CAA" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq4019_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "94CB547F-0078-47CD-B511-06DE96882D5A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq4019:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA679375-BB14-4B24-8AD9-B2BFBACE2FDB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq4028_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3525CD2A-CE43-4B42-B8C2-9B19B2551214" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq4028:-:*:*:*:*:*:*:*", - "matchCriteriaId": "010DBDB1-F1A3-4805-BDD2-84CBFA0A0BE1" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq4029_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3D21F293-B9C7-46CB-8D83-BEE27E899BC3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq4029:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C4BA4D00-D7B2-4152-BD82-E6F572655AF3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq5010_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8543C671-054B-489F-ACFE-B7D7BEC1DEE6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq5010:-:*:*:*:*:*:*:*", - "matchCriteriaId": "15C5F8CB-3291-4E13-94F0-680FC85A9669" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq5028_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5AE3085F-59BE-46A0-9A96-65CFAB7DFEAE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq5028:-:*:*:*:*:*:*:*", - "matchCriteriaId": "825524E0-BB01-4CAD-9F65-95E096467D28" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq6000_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA7A5C46-48BF-42A9-A477-A660C6D7B437" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq6000:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EDB79382-19D6-4A67-9013-7099A9C58829" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq6005_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A4695A9D-A02C-4E73-A327-E811C55B4EDF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq6005:-:*:*:*:*:*:*:*", - "matchCriteriaId": "28E41848-525C-4126-89C2-54BD193768DB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq6010_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A5CF970F-17AE-4C59-89A5-5B41A41E1DE0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq6010:-:*:*:*:*:*:*:*", - "matchCriteriaId": "71C54A70-AAA8-4B5E-AC1B-471A5C7E79B0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq6018_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B04589FF-F299-4EF6-A57B-1AD145372DBB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq6018:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FDC1ADAD-DA77-47EF-8DB9-C36961C560C2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq6028_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "06126F30-D081-4A11-92FB-4074A451FAF9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq6028:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E2550040-CCC7-4B52-8D3E-7948B3E3C62B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8064_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7A1CC1C1-F2CA-4C43-B9E9-1288C3496C7B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8064:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AC82552A-9E7C-4A13-B7A5-43CEA218675C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8065_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9F37542D-35FD-4B15-8882-DD7543FF4E3D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8065:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1A7A9919-4B34-4960-ADC7-04A176579B80" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8068_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A3CB8796-7976-4077-BFF3-04DAEF5C8DDF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8068:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E848E5C5-F6C6-4FA1-93A6-C7737D69BB15" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8069_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C818E621-4286-485B-96E3-AB485F16BD8D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8069:-:*:*:*:*:*:*:*", - "matchCriteriaId": "87CFC07B-1F10-4AC8-85D8-5BE76FE35FB3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8070_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C670A4C5-1F17-4F1E-91DC-A33A9BA8878A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8070:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ACC9F136-90A7-486F-AF2A-EC60125E5AF8" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8070a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "711FC14F-4DED-4F90-9BA5-0036537E6DCF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8070a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "302F06C0-4835-4CD6-B745-BF7B704C3C86" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8071_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA6FF982-7B4C-40F8-8A79-49CD234930DF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8071:-:*:*:*:*:*:*:*", - "matchCriteriaId": "77052755-6A86-4ED7-B45C-32F884D27C64" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8071a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "623ED6A2-EE37-458E-BEFA-8BAD08256AE8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8071a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "53449B68-4C58-4AEB-82B7-72726ADE0E2C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8072_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "83357A1C-633B-4814-ABB5-A8AC2AC12990" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8072:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8C4A7555-7224-403A-9B7D-23D1622623B7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8072a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "93E5DB9B-F388-49F3-ABD5-CE773FC4B045" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8072a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0137E60A-1869-479C-9B4B-378E5FCCBA1D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8074_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2914BF98-E69C-4C8D-8B10-759642ADD7B4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8074:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2118C404-402F-463C-8160-3CC3B703DF30" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8074a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5C7691C2-C4F8-4F23-9B5F-5E8FE0E2293E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8074a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "02BF2E50-E2A4-44FF-9748-ED96C0C1AB5F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8076_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "966392A8-DD8E-4AA1-B407-5BF2D937139E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8076:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A211C022-8EDF-4B76-89D6-599812900446" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8076a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EF245F8E-C056-4BEF-982E-9616F8C65CD6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8076a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CE302EF9-165F-47F9-B0D6-BE1E3D8C6C65" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8078_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A24951FD-C4AB-4988-A1DD-019412430AC6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8078:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EFEC5D65-C1E3-40ED-9FE3-8DF888CA2654" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8078a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DF609C6C-CD50-423A-A75E-83C730296089" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8078a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B8B35C18-9A01-41E1-8CE9-D8FA7E4A25ED" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8173_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8890C528-C2A3-4148-A397-85B63FB920C4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8173:-:*:*:*:*:*:*:*", - "matchCriteriaId": "81494D75-1D4D-4DC5-AF67-F83FD562DBB9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8174_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6BB84228-3083-4048-8E83-E1F30B537223" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8174:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EB58F259-62BA-40B9-BD71-960F25D20BED" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:mdm9235m_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5E11E2D3-357A-42AE-B5CA-7C57C6F16F7F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:mdm9235m:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2306EA19-4EF3-40C1-ADF7-F7137A732C74" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:mdm9330_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EC8F7F3C-D31B-400C-A4CB-DB30027E9B16" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:mdm9330:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5F9133B8-5415-4840-BD0A-54ACF3F26988" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:mdm9635m_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9EF77DD1-BE11-4132-9889-646196FAE567" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:mdm9635m:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CB323C15-2018-4CB8-858E-56F088B03FBB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:mdm9640_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7FD1C359-C79B-4CE8-A192-5AA34D0BF05B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:mdm9640:-:*:*:*:*:*:*:*", - "matchCriteriaId": "716B747E-672C-4B95-9D8E-1262338E67EA" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:msm8996au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8CA1E7B0-782B-4757-B118-802943798984" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:msm8996au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "95CB08EC-AE12-4A54-AA3C-998F01FC8763" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca1990_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D00F3FE8-83F3-46E4-9DD9-8A716E24C226" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca1990:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9136B88F-3C3D-471F-8589-CA0BA4473B4F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca4004_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DFB39496-8699-4DAF-BD7B-AE69260B20CB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca4004:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E9CFBC24-5F15-40DE-806E-62C1EE808992" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca4010_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "04F1CE4C-CAF8-4AB9-B44D-ADC2F2E7CF4C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca4010:-:*:*:*:*:*:*:*", - "matchCriteriaId": "30C10881-C26D-452D-A2D1-8617C2709D60" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6164_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FF093219-0593-4318-A726-382022D6C7BE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6164:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AC0A77BD-F36A-468B-A7D6-EC8989D58575" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6174_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D0814A50-D8E6-42BD-A0A3-0768A3E28F53" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6174:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D2AD8F5C-1FEB-45C2-BC8F-123C2BEB0EA5" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6174a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4FF653D0-15CF-4A10-8D8E-BE56F4DAB890" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6174a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C31FA74C-6659-4457-BC32-257624F43C66" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6310_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "62DC4FBB-D9CB-43EB-829E-0A892306D0E2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6310:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5B0F8ED6-EAE7-44EA-A8C6-F5AD408261F0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6320_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "886CF046-E1D9-4FD4-AC02-EAB61C3F70FD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6320:-:*:*:*:*:*:*:*", - "matchCriteriaId": "059486E9-3F99-4C65-A763-470564EDAF2C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6335_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "966CDA56-809F-4FF4-909D-0DD92F44CF67" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6335:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C90747B4-2CC0-4816-A994-58E00F5ADA05" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6391_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "83B53119-1B2F-4978-B7F5-33B84BE73B68" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6391:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6FEBC0C5-CAA1-475C-96C2-B8D24B2E4536" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6420_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7E16994A-6DBA-426C-ADD2-B1E8B49FEDBF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6420:-:*:*:*:*:*:*:*", - "matchCriteriaId": "47E674DE-55AB-44E5-8E00-C804FC9D4DC0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6428_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8B9382B5-AEB1-41E6-9F25-B0EDC95363C9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6428:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BDFC0DFF-F13A-4804-890C-99AFA0C56D62" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6430_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "95AFC483-1468-43FC-96FA-A56165C290E0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6430:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0A963FDF-6FF4-4F48-834E-2A14D241716D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6438_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F8D7658D-692D-4873-8D41-7682E9ECAEB3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6438:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DB8993C2-1E06-4ACF-B1E8-A62D89EBF4A0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6554a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0B1397F3-8CCF-4BBA-9F0F-A12E4F045754" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6554a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F5888224-567D-4C84-BE6D-17B636BF506C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6564a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "886124F6-B397-4EB6-8E01-6012E468ABE9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6564a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "93ED74CE-6BF2-4983-8780-07D5336745B3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6564au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B59672A0-2FA6-46CC-B75A-C599B842AFB9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6564au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3847F4A5-90A5-4C84-B43F-0DDD81BD79CE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6574_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9B828AC8-4A01-4537-B2BD-8180C99F5C32" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6574:-:*:*:*:*:*:*:*", - "matchCriteriaId": "66C16E1E-9D4A-4F20-B697-833FDCCA86FB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6574a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "828CFB37-76A6-4927-9D00-AF9A1C432DD6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6574a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "11405993-5903-4716-B452-370281034B42" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6574au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D527E2B1-2A46-4FBA-9F7A-F5543677C8FB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6574au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8374DDB3-D484-4141-AE0C-42333D2721F6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6584au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C3DDA896-576C-44B8-85B6-F71F473F776B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6584au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "51A87BDA-5B24-4212-BAB3-D2BBB2F4162E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6595_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "643EC76D-2836-48E6-81DA-78C4883C33CA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6595:-:*:*:*:*:*:*:*", - "matchCriteriaId": "477F6529-4CE1-44FC-B6EE-D24D44C71AE7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6595au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "288F637F-22F8-47CF-B67F-C798A730A1BD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6595au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D0996EA3-1C92-4933-BE34-9CF625E59FE7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6696_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0AE207DB-9770-40ED-961D-FDA75965826F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6696:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0E23922D-C37F-476F-A623-4C1458A9156F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca7500_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9D4F8296-D8D0-42C6-AAD2-24DA0DB403D4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca7500:-:*:*:*:*:*:*:*", - "matchCriteriaId": "14EC7373-E5F3-4D2B-B727-CAEE772B74BB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8075_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CC8A5A87-7D62-4EB7-962A-0F160DE3E889" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8075:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7B68D126-7F49-4FFA-8AF8-78120973D78E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8081_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1D1C53DC-D2F3-4C92-9725-9A85340AF026" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8081:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ED0585FF-E390-46E8-8701-70964A4057BB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9377_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C4D2B46E-3996-42FD-B932-09E92C02EC8A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9377:-:*:*:*:*:*:*:*", - "matchCriteriaId": "98E58C63-F253-4DCC-8A14-48FEB64B4C3D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9379_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "25565FDA-651D-4A05-8B1E-2188B6921253" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9379:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B8D49750-BBEA-4A3D-9898-28B7A50A7F42" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9531_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E71452E6-551F-4E93-9951-2582C60BDFCE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9531:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6D69FB0E-FDFF-42B8-ADAD-797B7C91E979" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9558_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A2A974EE-8003-4482-BC09-F7C24AB20267" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9558:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C6F2B1C1-8267-43EA-B3FA-314A588F4A6A" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9561_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8256ECFF-0CC0-4EB4-9B6D-BAA697CC739B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9561:-:*:*:*:*:*:*:*", - "matchCriteriaId": "66B8E884-7D65-4EF9-BB56-FD8EDD7075F0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9880_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7F81D132-B2DD-4D09-8561-21A2CFBCC9FA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9880:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F099A893-232B-48FB-81B3-F01AF2A19426" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9882_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0EF5BF57-BA27-4845-956D-39ED5FBADE6A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9882:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8BFE4A19-B8BD-44F8-8AF0-689E497A271B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9886_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "311229F9-4A32-462D-AE8D-E5E2B2C416CE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9886:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5A523C3F-FB62-4728-8173-4C117C28AC5A" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9887_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "35BE591A-1EAE-4067-810E-D4A37F6187C4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9887:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2190E138-0C63-49F7-815B-1B7E6C2C4C67" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9888_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EF227702-EEFC-43CC-AC80-81EA6E4927E0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9888:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AE5DFEA5-EA29-40B6-83DB-883B276E8245" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9889_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "728CCD27-ED06-49FD-AECD-9B0856813EDF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9889:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1D181868-AE93-4116-B45F-81D94F537227" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9898_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "49882EDE-598D-40B2-8A65-D258241E669F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9898:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F1572D87-4EC2-4B95-826A-B03FDD4985AE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9980_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DCBC53AC-E040-40E0-B09B-4117E641C9D4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9980:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7AE49086-E95B-4852-8A09-16A83DD63EC9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9982_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "32B9AE1B-0E97-4A38-B33D-6EB9DC67B158" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9982:-:*:*:*:*:*:*:*", - "matchCriteriaId": "684FC997-B2E2-4DF3-85ED-A8F8C986FD2B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9984_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "93BA2DC9-5B4F-4F8F-8B3D-8DA01043B9BD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9984:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8FA8880F-E513-4390-B839-C5D86E7A89EB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9985_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ED6C33CE-635A-415F-9F4E-70E2D86A06D3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9985:-:*:*:*:*:*:*:*", - "matchCriteriaId": "124FF4F3-0490-4CB8-8689-5F0FA6D9230F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9986_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "70DBC461-DFD7-419E-8241-B55913315D45" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9986:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4E9EC919-0F83-49F3-807B-CD4B27AAE741" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9987_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "77057B7D-E70A-4F74-A141-14B0DD798247" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9987:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E0B7DFC6-5D6A-4B73-B5F8-6C2073E0EBE0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9990_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "991D9592-D61E-4777-8B59-EB004F09998E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9990:-:*:*:*:*:*:*:*", - "matchCriteriaId": "37A829C8-5BA3-4B13-9033-30FCD5B78B70" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9992_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5D8FB66C-5616-4C3A-9CAE-7610519ACA1A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9992:-:*:*:*:*:*:*:*", - "matchCriteriaId": "408C8494-E7D8-4F99-9B04-7E84A31C799B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9994_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BD5B18AA-0699-4F21-9D3E-C45B071B4903" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9994:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DDC4C800-C9E3-4DB0-AE99-3F75D3660DEC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcm2290_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5AB1F0FA-25F3-4304-A3BC-5264E55CC092" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcm2290:-:*:*:*:*:*:*:*", - "matchCriteriaId": "214A053F-D80C-4AD9-B4F1-83384095A3F3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcm4290_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3C7FFB96-53E7-41A2-BC99-7ACD853214A8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcm4290:-:*:*:*:*:*:*:*", - "matchCriteriaId": "74EBA77E-69A5-4145-9BEC-CD39BA132309" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcm4325_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F2D8044B-D4E5-4174-A0FB-478F8434EE8F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcm4325:-:*:*:*:*:*:*:*", - "matchCriteriaId": "163FE96E-DF5B-4B67-8EDE-44A5B9A8492D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcm4490_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DA506489-4338-44DF-8F92-12E60AF0048C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcm4490:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A8718C37-A82A-4A08-A887-3F22B37601A9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcm6125_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AB226552-52D9-44F5-A170-35C44761A72B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcm6125:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FBB16DC4-CDC9-4936-9C6A-0ED8E1F6D056" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5021_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B0F7D48A-7D06-46C5-A093-FAA12666A666" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5021:-:*:*:*:*:*:*:*", - "matchCriteriaId": "58DF7FA9-72B4-454D-AED7-ED9531B118BC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5022_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "478B79F0-D257-41B2-965B-3E251A584D45" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5022:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8B6D2C9D-1BF9-4D78-90FB-B7633DD87E67" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5024_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "63965F19-033E-4755-B9CA-EF409EC339A3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5024:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CCA0E68F-6D5F-4C20-AABC-26CA6867D3D6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5052_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "85740DB4-3B08-48A4-ACAF-7BBB2612009A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5052:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8A0BD404-5EBA-4988-91B6-ECE8FCF4F041" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5054_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2D6190FE-17A6-48CE-AA34-5DCF01362E9F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5054:-:*:*:*:*:*:*:*", - "matchCriteriaId": "09AB1C26-7ED2-431E-8EA4-8ACB16857A01" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5064_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0405CBFB-AD0E-45F8-ADDA-60D2BF7486C0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5064:-:*:*:*:*:*:*:*", - "matchCriteriaId": "08F4DD2E-C887-424C-B931-CBB9B402726E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5121_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F7582D75-412A-4CF8-9507-FB9AD10FBCC0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5121:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4E1CA0C2-13AD-4D4F-9FCD-882E2045D871" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5122_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "290BFC8A-0D76-4BCD-B059-2DAFD368A10C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5122:-:*:*:*:*:*:*:*", - "matchCriteriaId": "936A308A-92B9-468C-9BC6-8FD71C7C2315" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5124_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2A9F76FF-96D3-4BCE-918D-B3B0ADA3E8E0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5124:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2908A543-EFE4-477D-9CF3-76534B2E6CF6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5152_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0EAE1EBF-AD14-4C07-99B5-2547A5196B20" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5152:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D4829FF9-C0BA-4E40-A01A-3EF179462029" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5154_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0ED3ED74-C2D0-4A84-A2F8-392818E5CD20" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5154:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4F1CA219-959D-481A-8622-69F1825832FB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5164_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5F6EAD64-D133-42C4-92ED-90C49938C0F1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5164:-:*:*:*:*:*:*:*", - "matchCriteriaId": "93E7ED58-C5A7-4F78-8233-750780CCAB16" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5550_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A0A436BB-212C-4419-A0C7-03C0E04BD582" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5550:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3AF4B33B-223D-45F5-8168-3D2232E11663" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6023_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "63FF89C5-3BBF-4A13-8A3B-F490C2FA1A95" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6023:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6784EC5F-2C26-49C5-9A03-6FD2056C04EF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6024_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A49DBE04-E2EA-4DA1-B774-A878A71524AC" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6024:-:*:*:*:*:*:*:*", - "matchCriteriaId": "69E98386-3BB2-4E8C-AD00-E05123608439" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6122_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1A988BD3-71D8-4F2B-9EC2-8E385B114114" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6122:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1E7049A3-9F35-465F-9B2E-96788E54EC63" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6132_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A59FBBDC-0495-422C-B25A-FFDF94D33C34" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6132:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F6E55C06-45EE-4144-8CBC-4D41DDE4D899" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn7605_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9C9D1966-30F0-414D-BE75-0A14B12A1457" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn7605:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CD28C87D-1D28-4C84-BFE4-56EE3BF2C6B0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn7606_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F466A5BD-1912-4811-9A93-81555F101D46" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn7606:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0F92914E-16F6-4A25-9FEF-FB7CB3377132" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9000_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5BCCFF8B-4857-439D-BD4A-EB35672F474B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9000:-:*:*:*:*:*:*:*", - "matchCriteriaId": "86896D55-89F5-440B-9082-916E486B65D9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9012_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "61F34DD2-9DC0-49E5-BC85-1543EA199477" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9012:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1A06879F-6FE9-448A-8186-8347D76F872B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9022_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "36A10EB2-E7A2-461F-836E-FC38B9428C98" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9022:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A457C1D6-A026-4B5F-9CB1-FA795785A515" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9024_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A64CDA49-19BF-413F-A0E0-2B9729E45E25" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9024:-:*:*:*:*:*:*:*", - "matchCriteriaId": "345CCD64-C09E-407D-AAA2-311C4CCFE24F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9070_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2C10CAAC-FD93-4116-9F0C-E983B3693FAF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9070:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9FEC2402-BA39-49BB-A34C-FF32ED44A158" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9072_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "809FD84D-11C5-4EE3-B830-62CF5F6CB1BC" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9072:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DFD77A52-D53C-424F-9E17-160B710469C3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9074_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "65303C2D-C6BF-47CB-8146-E240CB8BBE42" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9074:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A6B03022-497A-4F42-BB4D-5624EA7DF1B9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9100_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B31EEE9E-CDEC-4E88-B950-3413205E483E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9100:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3E1E341A-7DDD-47E5-BB5F-0666482B41C0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs2290_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "93CDB7BC-89F2-4482-B8E3-9DDBD918C851" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs2290:-:*:*:*:*:*:*:*", - "matchCriteriaId": "76E03AE9-2485-449B-BCFD-3E452BB01FC6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs410_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DC43BB27-0516-4750-A4C2-C45298441398" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs410:-:*:*:*:*:*:*:*", - "matchCriteriaId": "969585DE-93D6-4406-A632-D838ECD4D5AD" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs4290_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "06789CB9-E6FA-400D-90B6-C2DB6C8EF153" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs4290:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FFCB9F22-57F2-4327-95B9-B2342A02E45E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs4490_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3336CDD7-9E7B-4FFB-A5CE-594B19B63A6C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs4490:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1197E229-1E27-4CA3-A386-B77FAE5DFE1A" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs610_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E634F59C-6817-4898-A141-082044E66836" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs610:-:*:*:*:*:*:*:*", - "matchCriteriaId": "29762819-EC90-499C-A8C6-1423DE3FE6B9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs6125_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4468EA5D-87B0-4FEC-A3DB-617651B0D169" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs6125:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6DA2C3E1-E285-4CAD-9FA3-813C8EC436F6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qfe1922_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FB11E143-E871-42D7-8B8B-A0CB9D33EC63" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qfe1922:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B46CE16F-74E6-4B6C-9423-0634D54EC9AC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qfe1952_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0DD24EC7-16C3-4192-96A7-4F820C9531FC" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qfe1952:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9C3739CB-D4FE-4247-A32C-4641741DCF0C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sda845_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "022D7D87-F60F-4DD2-9E0B-A9DFD3D69B22" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sda845:-:*:*:*:*:*:*:*", - "matchCriteriaId": "37FA5777-1B35-4BD1-BB81-CB5DE62F3D56" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sdm845_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DED4B719-53B5-4D16-B3FA-ADE29D28ED86" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sdm845:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D342C86B-E184-457C-9F72-BD853ED79425" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6145p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C66671C1-AE1A-44BE-9DB2-0B09FF4417DB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6145p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "74AA3929-3F80-4D54-B13A-9B070D5C03BB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6150p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "054F77D6-FC66-4151-9005-DC7ECDB5C722" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6150p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8ED3F589-16D9-46A7-A539-C9862473EE0D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6155_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4C40544E-B040-491C-8DF3-50225E70B50C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6155:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A2DAC85C-CDC9-4784-A69A-147A2CE8A8B2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6155p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8DC40C14-3B2D-4E00-9E0F-86E6BDBF2D81" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6155p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0514D433-162C-4680-8912-721D19BE6201" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8145p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A71D74B0-0963-49FD-8E97-148C8993B263" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8145p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "910CBFA4-50F7-4C7A-B9B9-B88C8A919827" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8150p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "69C1B02F-8D2D-42E7-B70D-41F4D9844FD1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8150p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3FEACAA9-C061-4713-9A54-37D8BFC0B00B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8155_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F33EB594-B0D3-42F2-B1CA-B0E6C9D82C6B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8155:-:*:*:*:*:*:*:*", - "matchCriteriaId": "50EF47E5-2875-412F-815D-44804BB3A739" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8155p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C8648B38-2597-401A-8F53-D582FA911569" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8155p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A01CD59B-8F21-4CD6-8A1A-7B37547A8715" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8195p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "51BC0A66-493B-43BE-B51F-640BDF2FF32E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8195p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D8DA4D12-7ABF-4A04-B44E-E1D68C8E58AB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180x\\+sdx55_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C751ABFE-3B9B-472B-A10C-277270790D95" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180x\\+sdx55:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C819454D-D413-478A-B78D-CFF6994803A1" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd_455_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B3EF9964-D615-473E-A289-8A01D91D87AA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd_455:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9C177163-B6E6-42D8-8969-C2F9832C6701" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd_675_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3F900C8F-9763-441A-B97E-E5394A68A08A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd_675:-:*:*:*:*:*:*:*", - "matchCriteriaId": "589C1001-E9F6-41A6-BCC8-A94A3C97F2E6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd_8cx_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A71D1A7C-537F-458B-BA56-A11F95E36EA9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd_8cx:-:*:*:*:*:*:*:*", - "matchCriteriaId": "716DEC4D-D854-44CD-8A14-AA5AFD96809E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd460_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "52036768-810C-40C2-9213-8397A4073703" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd460:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BE8AB22C-54EA-4D61-B6F9-7BC45820D29E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd660_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3991C516-4FBE-43D8-835F-413FE45BF73E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd660:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D9CF5EBB-B25A-4A76-B522-951F108263CC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd662_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C7BE7001-5539-4C5E-A064-6E62023803AE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd662:-:*:*:*:*:*:*:*", - "matchCriteriaId": "06661DAC-5D22-433E-B5EC-486931E265B4" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd670_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5B8DA94C-23A0-4C99-9F05-144B9B5224B3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd670:-:*:*:*:*:*:*:*", - "matchCriteriaId": "39E10E22-E7CC-41D6-80F3-030083F45645" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd675_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1497D052-884E-496B-BEF8-6904A25125ED" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd675:-:*:*:*:*:*:*:*", - "matchCriteriaId": "589F4888-28F6-4ECA-860E-8054C2A8C419" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd730_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EC4DA7EA-DB81-4C71-A875-2612D8D7D726" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd730:-:*:*:*:*:*:*:*", - "matchCriteriaId": "48F26F64-98D4-420A-8918-E5E56ABA1D47" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd820_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BC508C49-0B76-43A8-B2AF-0F8EB989E238" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd820:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E9665200-D306-4EEB-9F42-6C5963524179" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd821_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4A54F4A3-19E3-4825-98C7-DA632D692A06" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd821:-:*:*:*:*:*:*:*", - "matchCriteriaId": "028CD81A-0D9D-40B0-9E2F-DC8689607B24" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd835_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9DA605FD-B801-43BB-B52D-879013F7F57E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd835:-:*:*:*:*:*:*:*", - "matchCriteriaId": "908BFD96-0423-4AFC-B8F3-105B2D5B4C73" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd855_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "42B30014-95AB-4F24-A7A5-60A907502609" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd855:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F562ED3D-CBE3-4DCC-BFBB-DE0AD2425A9C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sdx55_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E93FB34B-3674-404D-9687-E092E9A246AB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sdx55:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F3FF5A9A-A34A-499C-B6E0-D67B496C5454" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sg4150p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9279F02F-6C30-4891-8941-97003DE9C8C7" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sg4150p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FFA7BB42-305C-451F-92D8-0718DF68A012" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm4125_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E2B93301-AFE8-409B-A8C8-6754BE5A0C14" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm4125:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B185412C-177F-48E2-87F9-1269E0FB8E31" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm4450_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8F57DB5E-863C-4CA1-B7C0-DD8FCA50F835" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm4450:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6E3F3930-3C47-4A0D-ADC2-2641AE1CC02C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm6250_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FACA2BF1-85D3-447F-A08D-B90330A22550" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm6250:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C2ABA18D-82C1-4366-B1D7-DED42DD3D5C5" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm6250p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E3FB2972-94B6-4716-BA96-4B452BA3990F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm6250p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "57F4F872-094E-4E27-BB89-D8251FAFB713" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm7250p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "76DB5472-DF51-4144-8A69-9B231CF782DA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm7250p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1D395018-251C-45AA-9EE8-A638CAB0B508" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:apq8009_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C61BF93F-53DF-4399-AF41-45CEC1E0A2B8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:apq8009:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7CC498E0-B82B-4A53-8F55-6C1DA58AFA88" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:apq5053-aa_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "35953900-1F81-49B4-B2F4-A0FEEF0E4F08" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:apq5053-aa:-:*:*:*:*:*:*:*", - "matchCriteriaId": "21E3FCA2-6CD3-4C63-9EFB-783FEF08D170" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm4375_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "117FAAF8-4E79-4BA8-BF6B-4572C114890F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm4375:-:*:*:*:*:*:*:*", - "matchCriteriaId": "233283A4-193F-430A-8019-EE1B83668E36" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm4250-aa_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8615FCF8-2AEB-4820-A0F8-DFCE50DFB465" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm4250-aa:-:*:*:*:*:*:*:*", - "matchCriteriaId": "977DF595-DA7A-48E0-BD7D-2CD89F63D037" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm4350_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0D4BDA33-248D-4040-B07D-2A9D80C64709" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm4350:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E0DB9382-CF2F-4690-ABCA-145CDA12F4AC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm4350-ac_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "86F03E3C-CDEE-46AF-9CD6-4C58BAA4514E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm4350-ac:-:*:*:*:*:*:*:*", - "matchCriteriaId": "887B369C-4398-4D8F-A95A-B9A8E9B1C1B3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_630_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "531A9325-790A-4D7E-BFF2-EB1808C719D7" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_630_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E1AACB4E-70A7-43ED-953D-911D2450C946" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_636_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2C558A35-E8E3-43CD-BAC5-C665875D3E60" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_636_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5F23BF59-9FB7-49D6-846D-52263747E69F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_652_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1697A64C-39C0-4687-B209-645CAFF3D86C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_652_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AD370EA6-2BE5-4224-818C-209C4A06D785" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_660_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "873CD3BE-2098-4328-B350-A14453C44F1D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_660_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BE294B26-BBD0-455F-82B0-4605987B7DDC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_662_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "37DF4D73-3ACC-41B3-8CA4-20DAECE6BFB7" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_662_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FE08D23A-2D0D-4472-8847-27B955F55165" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm6125_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AE529BF7-0C9B-4B79-ABF8-54D5051F5E94" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm6125:-:*:*:*:*:*:*:*", - "matchCriteriaId": "124227C1-DC7A-4A44-A513-C83976464BD3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sdm670_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "00865826-86AE-425F-BE6F-162F611FB200" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sdm670:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0CC0441C-C30B-4D99-9BAD-C1E4387302BB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_675_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ABF96A66-FECF-4D2F-94C5-7BFC746789E5" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_675_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "28638583-F98D-4B88-AF50-A10642D6A105" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm6150-ac_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "559BBC7F-CF94-4524-AF8A-172013131EED" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm6150-ac:-:*:*:*:*:*:*:*", - "matchCriteriaId": "21BE75B1-0CB5-44DD-920E-B09B1A122C78" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm6225_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EC2668D5-623D-4E13-AF37-6F7040A14007" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm6225:-:*:*:*:*:*:*:*", - "matchCriteriaId": "72B0F4C7-CA0F-4B9C-A6AA-60934B2AB2C2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm6225-ad_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E089DC83-3849-4671-95B9-E4C958EC79FB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm6225-ad:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E38F8F04-F841-492B-A555-96DBD7461380" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm6350_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "80E5A7CE-9356-4E00-8458-52C60CB34753" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm6350:-:*:*:*:*:*:*:*", - "matchCriteriaId": "571CC514-7B65-4769-9921-149ABFF2FE74" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm6375_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "737807F6-F62C-4EC5-903A-0BA996834164" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm6375:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5B79990C-AAD2-4A91-A806-E449838054BA" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sdm710_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D045BE4B-BC19-4A51-90E6-00C18389C81B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sdm710:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4F006960-CDE3-4E74-B4F0-2C4B2CA93959" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sdm712_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F9F51997-505C-4090-B146-C22DE8BD9E7B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sdm712:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CB63CBC4-57F8-486C-A2C8-6061B596ECBD" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm7125_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "055E464C-C63A-455E-97B0-0D8A266A428F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm7125:-:*:*:*:*:*:*:*", - "matchCriteriaId": "527A0A00-0C6C-4937-87A3-00668CF7BACB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm7150-aa_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E66B0335-F592-4670-8E7D-7952396B88CA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm7150-aa:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3FA9B931-E55A-4717-A700-C3717B681824" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm7150-ab_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6DB73734-92EE-4123-8D02-C7D0CE3029C1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm7150-ab:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F4D107A6-3120-4B08-B34C-A8C180474DDB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm7150-ac_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8BA93759-49DD-4E86-93C7-AACC9F9E9346" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm7150-ac:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D072F051-A8C8-488A-971A-6A5A705837BB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm7225_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "34E2940C-5D85-4D05-A1B1-41E20DF01626" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm7225:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CAD2B248-B205-4D7A-B03B-9AC3CEFF8760" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm7250-aa_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6809F530-FA3C-455E-AF16-41F57AC3F5D4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm7250-aa:-:*:*:*:*:*:*:*", - "matchCriteriaId": "464E833D-9FCA-4407-88A2-EDE7D4FAEA28" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm7250-ab_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "437D618B-FE47-4DF6-9174-B1335501862D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm7250-ab:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4616FA92-3DB7-4ABC-A804-92B9FC7D57AD" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm7250-ac_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A51EAC73-7C74-4ABC-A964-8FE2CCB1C930" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm7250-ac:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0DF142AB-6BB0-43BE-B2F1-679A4BD123D5" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc7180-ac_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2C4AF477-933A-4BD5-9713-349DF5721D56" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc7180-ac:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B6D5D11A-DEFD-44A9-AA13-6D048D95825D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc7180-ad_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "145000B1-5D57-4654-BEC5-0F1B6369AE0D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc7180-ad:-:*:*:*:*:*:*:*", - "matchCriteriaId": "50BCE5F1-EA5C-47FD-BF43-FF85D33EA847" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_808_processor_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D7C75B23-C5CB-4D69-9D27-660C3E18B781" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_808_processor:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B909B92B-64B2-42C1-A662-A40BCC90DEB4" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_810_processor_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C81A1DA3-FD45-4916-AFE4-D7E0BE4779A8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_810_processor:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BCFCB125-49A3-4AE7-9722-9C7FDF32A334" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:s820a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "482F1C72-713F-4D3A-805C-D6BCA2E9D519" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:s820a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5CD783AA-2CAD-448E-9C4D-4AA6D4C95A55" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_820_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5799B243-F73E-483B-A2A4-6DB25AEBB08D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_820_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9D534FDF-3084-4FAC-800E-D71497F9DDFB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_821_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D6A92FCC-A844-448F-9291-4E923ACA55E7" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_821_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4CF4B1EC-D38A-4FAD-8A4E-D0521F66005E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:8098_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0AE7A51B-739F-4264-B978-25DC9620B638" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:8098:-:*:*:*:*:*:*:*", - "matchCriteriaId": "134C30E3-8D6D-4BD2-8FBD-91CC4D614BC8" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:8998_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F10CB414-1CA8-4AC1-8E16-841AC2E87FDF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:8998:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A028D7DE-ED28-44BA-8D59-92DFC827FCAB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_845_mobile_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D56B0CD3-138D-4197-84D5-2887C8FA40D2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_845_mobile_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4E289B26-AF53-442A-9740-2F44D1F59DA5" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_850_mobile_compute_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "355080DC-FC83-45C1-AB1A-21533638C181" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_850_mobile_compute_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5167E425-3B5D-4F79-B6AF-599820BEB33E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm8150_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9286B1E8-E39F-4DAA-8969-311CA2A0A8AA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm8150:-:*:*:*:*:*:*:*", - "matchCriteriaId": "19B9AE36-87A9-4EE7-87C8-CCA2DCF51039" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm8150-ac_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DC335397-8340-4DD4-B8D1-9AB6E9911F85" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm8150-ac:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CB6CF9F9-8EEE-49AD-B17D-60470F2F9D57" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180x-ad_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2802A422-CCEA-4634-B164-09AC35C00C2F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180x-ad:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8AB65F7E-6921-44AA-8B2C-C4814BD51A7F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180xp-ad_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E7EB4CA4-CEAF-4D8C-AE28-5373CC5E46D7" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180xp-ad:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9B12A03C-20D1-452A-99E6-BA94C02BA982" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180x-aa_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "89811F0E-0226-4657-B0E0-5C03FAAEE0AF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180x-aa:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FD6A5576-6766-4E65-A8C1-7215DC0EC128" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180x-ab_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "797F1912-4F43-4CA6-83DA-620C4623CB94" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180x-ab:-:*:*:*:*:*:*:*", - "matchCriteriaId": "419CEB14-21A1-4B9B-A2E7-C5F76FED07D8" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180xp-ac_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "61C77656-153F-4DA8-9C7C-BCAAFD25E0A7" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180xp-ac:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0DFDC9D5-81AB-4B4E-AB78-691B8A389C86" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180xp-af_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3B7DFFD6-92C7-4042-BD8F-D3E6FDB7958C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180xp-af:-:*:*:*:*:*:*:*", - "matchCriteriaId": "007B494C-4AAD-4E74-BD16-C62A643BC241" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180x-ac_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EEC4BF9B-2B98-44FF-9B81-25C10AB71E24" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180x-ac:-:*:*:*:*:*:*:*", - "matchCriteriaId": "02C5409B-4D98-4F3D-9902-41A5394342C9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180x-af_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1B66319C-184B-4417-85D6-4F8AB51B578E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180x-af:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F7C8DA78-9E96-4140-961F-B2BD80ACCE54" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180xp-aa_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "53AE3110-9F78-45E8-BAD9-2C63ACD7489B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180xp-aa:-:*:*:*:*:*:*:*", - "matchCriteriaId": "819D5879-EE22-4E6B-B401-D02F7FC68679" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180xp-ab_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6EBD06A6-7156-4363-AECB-6CA872008B54" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180xp-ab:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FFEBF216-405D-462B-9345-3146315F6744" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_w5\\+_gen_1_wearable_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0C455E7D-D256-4240-BE72-2A93273D685A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_w5\\+_gen_1_wearable_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "423E21A1-8F52-46DA-9AC2-77159FEB6001" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_x50_5g_modem-rf_system_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "69D1567F-D669-4415-9A08-110221EFA6BA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_x50_5g_modem-rf_system:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EF808C56-AD46-4351-9A46-6A2B6AAAB5BB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_x55_5g_modem-rf_system_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AAFF2095-4257-40C9-8C48-B38C143159ED" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_x55_5g_modem-rf_system:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7FEA2F1D-7D07-4684-BDC1-24224A53A8BC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_xr1_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A1E1B7FD-39CD-42AB-A113-2AFB25B5F85B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_xr1_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C93EECE3-7A8A-4B58-A674-134040CE43FE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_auto_4g_modem_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3C8F12FE-0057-4A13-9A7F-D12C114ECEF9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_auto_4g_modem:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1271B0C7-2D91-4129-9B58-E6689DD68C39" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sw5100_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA1BF9BB-AF11-46A7-A71C-F7D289E76E3F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sw5100:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7B8455D6-287D-4934-8E4D-F4127A9C0449" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sw5100p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DB599A9F-0305-4FE4-8623-0F86630FEDCB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sw5100p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EEB883BF-68B2-4C25-84DC-5DA953BFAA2F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sxr1120_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CF839E24-6542-4C5D-A1B7-FD3BA00683CB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sxr1120:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E9F12284-93E0-482D-9D35-EB38BA7D6C6D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:vision_intelligence_300_platform_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1708266E-EB99-475A-AB48-B2ACEE5657EC" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:vision_intelligence_300_platform:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FEBBF98A-40C2-4386-85C5-5B1D445CC846" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs603_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2EEFADBF-D751-499B-80E5-C1069E129F18" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs603:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D327FBA1-69B5-467B-9B1B-A0380994D21B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs605_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B05FD66D-13A6-40E9-A64B-E428378F237E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs605:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D0D665C1-3EBA-42F2-BF56-55E6C365F7DF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9326_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3A2FAD34-B7C5-400A-8575-A12CDE65ACBE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9326:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5A39A2E5-6D8D-4F6E-98CB-96DB1975A4BC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9330_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "43A90019-4E96-40B5-9E4D-CCBDD51ACA34" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9330:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BC3D23FE-B3D5-4EC3-8268-98F12181966D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9335_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "28717583-463A-468A-8073-ECF0F90585F6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9335:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4D1A7188-7D5D-4D46-AEAB-08BA84FFF539" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9340_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8BA28CC6-C8BB-4F50-BFE3-A59F664A4F54" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9340:-:*:*:*:*:*:*:*", - "matchCriteriaId": "94D2BDF1-764C-48BA-8944-3275E8768078" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9341_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CE852339-1CAE-4983-9757-8F00EDEF1141" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9341:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4D9E96B3-F1BB-46F8-B715-7DF90180F1E1" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1295D869-F4DD-4766-B4AA-3513752F43B4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9370:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B98784DC-3143-4D38-AD28-DBBDCCAB4272" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9371_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2503805B-B2A6-4AEE-8AB1-2B8A040702BD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9371:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D3AD370C-2ED0-43CF-83D9-50DC92A01CA5" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9375_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "34143ABA-7D09-429F-A65C-3A33438BF62C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9375:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9D56DFE3-5EF1-4B23-BBD5-0203FBF9CCEC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "70292B01-617F-44AD-AF77-1AFC1450523D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FA94C6D6-85DB-4031-AAF4-C399019AE16D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "92B17201-8185-47F1-9720-5AB4ECD11B22" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E1FA2EB9-416F-4D69-8786-386CC73978AE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3610_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DAFD64E7-3F13-4DCA-8C46-6E8FE0C6F798" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3610:-:*:*:*:*:*:*:*", - "matchCriteriaId": "044A14FB-64F6-4200-AC85-8DC91C31BD16" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3615_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9590EF1F-E821-4525-943B-4A315ACAEFFC" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3615:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7A7D32B3-325E-4B1F-8649-3D0071396BBA" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3660b_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FB37B5DB-2493-4082-B2BF-60385B7E027C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3660b:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6BCD2FE2-11F2-4B2A-9BD7-EB26718139DA" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3680b_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0755F669-6D7E-454A-95DA-D60FA0696FD9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3680b:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BE861CE7-B530-4698-A9BC-43A159647BF2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3910_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9F0D7B24-D567-479A-B4F1-595FAA053418" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3910:-:*:*:*:*:*:*:*", - "matchCriteriaId": "33A8FAA1-F824-4561-9CCC-7F0DF12F740F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3950_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3FEF2DB6-00F5-4B07-953B-EF58B31267F1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3950:-:*:*:*:*:*:*:*", - "matchCriteriaId": "120E8F0F-EBEB-4565-9927-2D473F783EF7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9C6E9038-9B18-4958-BE1E-215901C9B4B2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3980:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B36D3274-F8D0-49C5-A6D5-95F5DC6D1950" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3988_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E4BFB25F-013B-48E3-99FF-3E8687F94423" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3988:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BF676C5B-838B-446C-A689-6A25AB8A87E2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3990_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2744A053-5BD9-45A9-A2FC-791BCA0CCD4C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3990:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D5F28E29-520F-469E-B048-62DE2EF07ADD" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3999_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DF49BC31-A332-4B9A-A826-F63116D7029F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3999:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6DD3C245-D5F8-4145-8CDF-F635D2C8F088" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "15307882-7039-43E9-9BA3-035045988B99" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA85B322-E593-4499-829A-CC6D70BAE884" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E839A0B9-64C3-4C7A-82B7-D2AAF65928F8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7E870D82-DE3B-4199-A730-C8FB545BAA98" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "11B69595-E488-4590-A150-CE5BE08B5E13" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BF680174-5FA6-47D9-8EAB-CC2A37A7BD42" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7ACAD26E-B79E-4659-91A5-D301281F7D36" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8832:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F0E46DA6-9494-4D92-A4AE-A272AF6ACCCC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F80BC68E-7476-4A40-9F48-53722FE9A5BF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6B36F4B2-BAA3-45AD-9967-0EB482C99708" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.qualcomm.com\/company\/product-security\/bulletins\/september-2023-bulletin", - "source": "product-security@qualcomm.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-28562", - "sourceIdentifier": "product-security@qualcomm.com", - "published": "2023-09-05T07:15:13.843", - "lastModified": "2024-04-12T17:17:07.090", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Memory corruption while handling payloads from remote ESL." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL" - }, - "exploitabilityScore": 3.9, - "impactScore": 5.9 - }, - { - "source": "product-security@qualcomm.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL" - }, - "exploitabilityScore": 3.9, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-787" - } - ] - }, - { - "source": "product-security@qualcomm.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-120" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:aqt1000_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EC6FCE91-BF38-49ED-8FFB-429BAFEE7832" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:aqt1000:-:*:*:*:*:*:*:*", - "matchCriteriaId": "715A9F94-5F9E-45E5-B07B-699410C01478" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:fastconnect_6200_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CDE1CBDE-3D28-463C-B215-AA7DF373EF09" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:fastconnect_6200:-:*:*:*:*:*:*:*", - "matchCriteriaId": "66BD3B88-7CF9-482D-A2DD-67F6ACF4CC57" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:fastconnect_6800_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D89F035A-2388-48FC-AEBB-8429C6880F4A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:fastconnect_6800:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CA13EF4E-AAE6-45F4-9E41-78310E37CE81" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6391_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "83B53119-1B2F-4978-B7F5-33B84BE73B68" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6391:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6FEBC0C5-CAA1-475C-96C2-B8D24B2E4536" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6420_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7E16994A-6DBA-426C-ADD2-B1E8B49FEDBF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6420:-:*:*:*:*:*:*:*", - "matchCriteriaId": "47E674DE-55AB-44E5-8E00-C804FC9D4DC0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6430_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "95AFC483-1468-43FC-96FA-A56165C290E0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6430:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0A963FDF-6FF4-4F48-834E-2A14D241716D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn7606_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F466A5BD-1912-4811-9A93-81555F101D46" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn7606:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0F92914E-16F6-4A25-9FEF-FB7CB3377132" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs410_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DC43BB27-0516-4750-A4C2-C45298441398" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs410:-:*:*:*:*:*:*:*", - "matchCriteriaId": "969585DE-93D6-4406-A632-D838ECD4D5AD" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs610_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E634F59C-6817-4898-A141-082044E66836" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs610:-:*:*:*:*:*:*:*", - "matchCriteriaId": "29762819-EC90-499C-A8C6-1423DE3FE6B9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180x\\+sdx55_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C751ABFE-3B9B-472B-A10C-277270790D95" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180x\\+sdx55:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C819454D-D413-478A-B78D-CFF6994803A1" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd460_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "52036768-810C-40C2-9213-8397A4073703" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd460:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BE8AB22C-54EA-4D61-B6F9-7BC45820D29E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd662_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C7BE7001-5539-4C5E-A064-6E62023803AE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd662:-:*:*:*:*:*:*:*", - "matchCriteriaId": "06661DAC-5D22-433E-B5EC-486931E265B4" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd730_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EC4DA7EA-DB81-4C71-A875-2612D8D7D726" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd730:-:*:*:*:*:*:*:*", - "matchCriteriaId": "48F26F64-98D4-420A-8918-E5E56ABA1D47" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd855_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "42B30014-95AB-4F24-A7A5-60A907502609" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd855:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F562ED3D-CBE3-4DCC-BFBB-DE0AD2425A9C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sdx55_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E93FB34B-3674-404D-9687-E092E9A246AB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sdx55:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F3FF5A9A-A34A-499C-B6E0-D67B496C5454" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm4125_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E2B93301-AFE8-409B-A8C8-6754BE5A0C14" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm4125:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B185412C-177F-48E2-87F9-1269E0FB8E31" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm6250_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FACA2BF1-85D3-447F-A08D-B90330A22550" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm6250:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C2ABA18D-82C1-4366-B1D7-DED42DD3D5C5" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm6250p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E3FB2972-94B6-4716-BA96-4B452BA3990F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm6250p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "57F4F872-094E-4E27-BB89-D8251FAFB713" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm7250p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "76DB5472-DF51-4144-8A69-9B231CF782DA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm7250p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1D395018-251C-45AA-9EE8-A638CAB0B508" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_460_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E4DA61D9-00F0-44AE-9821-41C730D85CA9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_460:-:*:*:*:*:*:*:*", - "matchCriteriaId": "312DFB2A-E115-487A-AABE-BBAC057AFA73" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_480_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "04DAFFC1-9038-4CEB-B181-C555BC0A3CF7" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_480_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "70A8B62B-DA3A-416E-96D8-4E5AAD197631" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_480\\+_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8BE024DC-38BD-4AD5-8505-C3218C5FCF06" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_480\\+_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A5F6C78C-33F5-40D8-9D2C-52D0FEC6DCA8" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_662_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ECA86357-66BD-4356-87DF-5AF445BC8DF9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_662:-:*:*:*:*:*:*:*", - "matchCriteriaId": "88C87768-9D47-4C92-BF01-743F572C3F10" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_675_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EC6976CA-9019-4B8A-84B1-58F73A0E2673" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_675:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B11CD214-B46D-43A9-A170-CBC40BFED199" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_678_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "63FDD354-0044-4BD2-B1B9-B89BE040070D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_678:-:*:*:*:*:*:*:*", - "matchCriteriaId": "52CFA50A-F846-4C91-83ED-B52B8B5C9781" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_690_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1DCF8439-B259-43FE-B797-57C2D62A35E5" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_690_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F97A345D-4024-4C48-A7C5-BF2F13D3B2BE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_695_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "624349A3-DAD6-4C93-A694-AB4CDC0F00EC" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_695_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3E265840-94AC-4462-853D-29098B2CD746" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_720g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0EDCFF2B-1713-46E2-AA4A-419FB63ED8A0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_720g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5E87C169-AC6C-41FB-878C-748517AB40BF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_730_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5CB628D4-566E-454D-B2B9-04A5533C6737" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_730:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E726FE28-3CEB-48DC-8C4E-7DB56D9567C0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_730g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B7A5B684-09BB-4DD0-9F16-D3761EA37D34" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_730g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E6A01340-72E8-4811-A24A-D359C8B63611" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_732g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B8C1A76A-AD97-4A08-B45A-F9994D5455DE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_732g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6E07087B-C0E3-431E-A03A-0255B3EC73A3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_750g_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A1DF0CA5-9874-4C25-8357-7E5D9AABACD1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_750g_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C4D5549F-053A-4EF0-BB43-CAD84E0BBF98" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_765_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5D8D5607-F0BC-46C9-A94F-1D28EE5A3F0E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_765_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "17D19361-1C7D-44F2-B007-36097947B352" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_765g_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9F4659B0-547B-4492-9338-90B45B0462FC" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_765g_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B52D8884-D1E4-45F7-86F6-D882DF099611" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_768g_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CE9D188A-2029-431E-A225-302C7795B891" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_768g_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E0D216C8-92CF-4C54-8D44-5E1BBAB76C92" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_855_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B5501670-56E2-48B6-ACFC-67F908D5ECCA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_855:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C3AB9254-8202-411C-9700-C2739D9C317C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_855\\+_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "06165461-2AA0-4306-8F72-C8F6A9D5113A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_855\\+:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D95A0D7F-8A18-46A1-B420-2DF65E03B60C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_860_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "47D193F3-8369-4253-B46A-07DC2D4CC19D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_860:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DCAFB57B-87C0-45EA-9F8D-1818AF187D35" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180x-ad_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2802A422-CCEA-4634-B164-09AC35C00C2F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180x-ad:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8AB65F7E-6921-44AA-8B2C-C4814BD51A7F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180xp-ad_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E7EB4CA4-CEAF-4D8C-AE28-5373CC5E46D7" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180xp-ad:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9B12A03C-20D1-452A-99E6-BA94C02BA982" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180x-aa_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "89811F0E-0226-4657-B0E0-5C03FAAEE0AF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180x-aa:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FD6A5576-6766-4E65-A8C1-7215DC0EC128" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180x-ab_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "797F1912-4F43-4CA6-83DA-620C4623CB94" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180x-ab:-:*:*:*:*:*:*:*", - "matchCriteriaId": "419CEB14-21A1-4B9B-A2E7-C5F76FED07D8" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180xp-ac_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "61C77656-153F-4DA8-9C7C-BCAAFD25E0A7" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180xp-ac:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0DFDC9D5-81AB-4B4E-AB78-691B8A389C86" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180xp-af_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3B7DFFD6-92C7-4042-BD8F-D3E6FDB7958C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180xp-af:-:*:*:*:*:*:*:*", - "matchCriteriaId": "007B494C-4AAD-4E74-BD16-C62A643BC241" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180x-ac_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EEC4BF9B-2B98-44FF-9B81-25C10AB71E24" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180x-ac:-:*:*:*:*:*:*:*", - "matchCriteriaId": "02C5409B-4D98-4F3D-9902-41A5394342C9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180x-af_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1B66319C-184B-4417-85D6-4F8AB51B578E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180x-af:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F7C8DA78-9E96-4140-961F-B2BD80ACCE54" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180xp-aa_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "53AE3110-9F78-45E8-BAD9-2C63ACD7489B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180xp-aa:-:*:*:*:*:*:*:*", - "matchCriteriaId": "819D5879-EE22-4E6B-B401-D02F7FC68679" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180xp-ab_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6EBD06A6-7156-4363-AECB-6CA872008B54" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180xp-ab:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FFEBF216-405D-462B-9345-3146315F6744" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_x50_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C9C56B06-3D58-4720-835F-103C404D109E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_x50_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "80CF44A8-24C9-4625-B538-93721C348438" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_x55_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "50081C21-0E3C-451C-B5D9-BFA6763FC92A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_x55_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F8D443BF-15A5-4984-972B-0BC5BEDC835B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:vision_intelligence_400_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A8E976A6-4785-4F88-9035-0F6F0509A642" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:vision_intelligence_400:-:*:*:*:*:*:*:*", - "matchCriteriaId": "16204302-0B17-4759-A4C8-E8B0301BBCAB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9326_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3A2FAD34-B7C5-400A-8575-A12CDE65ACBE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9326:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5A39A2E5-6D8D-4F6E-98CB-96DB1975A4BC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9335_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "28717583-463A-468A-8073-ECF0F90585F6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9335:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4D1A7188-7D5D-4D46-AEAB-08BA84FFF539" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9340_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8BA28CC6-C8BB-4F50-BFE3-A59F664A4F54" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9340:-:*:*:*:*:*:*:*", - "matchCriteriaId": "94D2BDF1-764C-48BA-8944-3275E8768078" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9341_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CE852339-1CAE-4983-9757-8F00EDEF1141" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9341:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4D9E96B3-F1BB-46F8-B715-7DF90180F1E1" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1295D869-F4DD-4766-B4AA-3513752F43B4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9370:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B98784DC-3143-4D38-AD28-DBBDCCAB4272" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9375_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "34143ABA-7D09-429F-A65C-3A33438BF62C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9375:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9D56DFE3-5EF1-4B23-BBD5-0203FBF9CCEC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "70292B01-617F-44AD-AF77-1AFC1450523D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FA94C6D6-85DB-4031-AAF4-C399019AE16D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "92B17201-8185-47F1-9720-5AB4ECD11B22" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E1FA2EB9-416F-4D69-8786-386CC73978AE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3910_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9F0D7B24-D567-479A-B4F1-595FAA053418" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3910:-:*:*:*:*:*:*:*", - "matchCriteriaId": "33A8FAA1-F824-4561-9CCC-7F0DF12F740F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3950_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3FEF2DB6-00F5-4B07-953B-EF58B31267F1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3950:-:*:*:*:*:*:*:*", - "matchCriteriaId": "120E8F0F-EBEB-4565-9927-2D473F783EF7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9C6E9038-9B18-4958-BE1E-215901C9B4B2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3980:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B36D3274-F8D0-49C5-A6D5-95F5DC6D1950" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3988_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E4BFB25F-013B-48E3-99FF-3E8687F94423" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3988:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BF676C5B-838B-446C-A689-6A25AB8A87E2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3990_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2744A053-5BD9-45A9-A2FC-791BCA0CCD4C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3990:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D5F28E29-520F-469E-B048-62DE2EF07ADD" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "15307882-7039-43E9-9BA3-035045988B99" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA85B322-E593-4499-829A-CC6D70BAE884" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E839A0B9-64C3-4C7A-82B7-D2AAF65928F8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7E870D82-DE3B-4199-A730-C8FB545BAA98" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "11B69595-E488-4590-A150-CE5BE08B5E13" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BF680174-5FA6-47D9-8EAB-CC2A37A7BD42" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F80BC68E-7476-4A40-9F48-53722FE9A5BF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6B36F4B2-BAA3-45AD-9967-0EB482C99708" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.qualcomm.com\/company\/product-security\/bulletins\/september-2023-bulletin", - "source": "product-security@qualcomm.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-28564", - "sourceIdentifier": "product-security@qualcomm.com", - "published": "2023-09-05T07:15:13.923", - "lastModified": "2024-04-12T17:17:07.573", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Memory corruption in WLAN HAL while passing command parameters through WMI interfaces." - }, - { - "lang": "es", - "value": "Corrupción de memoria en WLAN HAL mientras pasan parámetros de comando a través de interfaces WMI." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - }, - { - "source": "product-security@qualcomm.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-787" - } - ] - }, - { - "source": "product-security@qualcomm.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-823" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:aqt1000_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EC6FCE91-BF38-49ED-8FFB-429BAFEE7832" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:aqt1000:-:*:*:*:*:*:*:*", - "matchCriteriaId": "715A9F94-5F9E-45E5-B07B-699410C01478" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ar8031_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FCE1ADA9-8042-4CDE-A2B9-E96665CB41BE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ar8031:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BB1DE046-DD70-4ACA-9DF4-59939DAC1889" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ar9380_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B032F871-3EC2-427D-A06F-681A58075925" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ar9380:-:*:*:*:*:*:*:*", - "matchCriteriaId": "73286FFB-C267-46B7-8FEF-C96534656AF9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:csr8811_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D4CAA848-413D-4C63-823B-BFCE95C7740C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:csr8811:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1AA32CC0-DE30-4B15-8EC6-1FAF14C5C4E2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:csra6620_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FA42F2EA-5D00-42B8-B020-C27675B72915" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:csra6620:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BFCF207D-B8C8-4860-89C7-673C821F0237" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:csra6640_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A8A35ECF-B12E-42DE-A74B-2C3BE03639A4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:csra6640:-:*:*:*:*:*:*:*", - "matchCriteriaId": "65B283D6-B2D2-49B6-98A8-08EDB54C1F15" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:csrb31024_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1EBF42F8-50BA-4172-A3A0-7FD1BA4B3ED3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:csrb31024:-:*:*:*:*:*:*:*", - "matchCriteriaId": "770F3924-BE27-4BDE-B922-680B3C9753EB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:fastconnect_6200_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CDE1CBDE-3D28-463C-B215-AA7DF373EF09" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:fastconnect_6200:-:*:*:*:*:*:*:*", - "matchCriteriaId": "66BD3B88-7CF9-482D-A2DD-67F6ACF4CC57" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:fastconnect_6700_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "82B82E87-F3F4-466F-A76B-C8809121FF6F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:fastconnect_6700:-:*:*:*:*:*:*:*", - "matchCriteriaId": "419A132E-E42C-4395-B74B-788A39DF1D13" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:fastconnect_6800_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D89F035A-2388-48FC-AEBB-8429C6880F4A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:fastconnect_6800:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CA13EF4E-AAE6-45F4-9E41-78310E37CE81" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E670F500-9B71-4BBE-B5DA-221D35803C89" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:fastconnect_6900:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9ADEB5C5-B79A-4F45-B7D3-75945B38DB6C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:home_hub_100_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4EFFEA50-D8F0-49DB-AF22-EBC2DA8C634D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:home_hub_100:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D57A69BF-7FBF-4519-94DA-A2C1766B48EC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:immersive_home_214_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8C7CEC6E-D316-4A89-BB58-003C2E3369FD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:immersive_home_214:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA5A801F-F95E-4E6F-AE6A-9F3D112FA69C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:immersive_home_216_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "779827C5-93CF-45BE-827C-F8B4443AE302" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:immersive_home_216:-:*:*:*:*:*:*:*", - "matchCriteriaId": "30EB0454-57C1-4054-BB62-ADC31817D254" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:immersive_home_316_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C7FCC903-A4B0-4462-9D1D-9B7B767D4607" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:immersive_home_316:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E1725FFF-665F-4569-996C-31A0BB094D4F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:immersive_home_318:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BA1B1C6F-9195-4B94-9AAB-7E3EA6275F62" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:immersive_home_318_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "87655E53-09B3-4BC0-8BB4-1E4F0FFAE15F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq4018:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1339CEEF-34C9-426E-864B-6C7B68E72CAA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq4018_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1D65E62B-95CA-4229-A61B-F4FB70466B6E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq4019:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA679375-BB14-4B24-8AD9-B2BFBACE2FDB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq4019_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "94CB547F-0078-47CD-B511-06DE96882D5A" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq4028:-:*:*:*:*:*:*:*", - "matchCriteriaId": "010DBDB1-F1A3-4805-BDD2-84CBFA0A0BE1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq4028_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3525CD2A-CE43-4B42-B8C2-9B19B2551214" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq4029:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C4BA4D00-D7B2-4152-BD82-E6F572655AF3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq4029_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3D21F293-B9C7-46CB-8D83-BEE27E899BC3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq5010:-:*:*:*:*:*:*:*", - "matchCriteriaId": "15C5F8CB-3291-4E13-94F0-680FC85A9669" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq5010_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8543C671-054B-489F-ACFE-B7D7BEC1DEE6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq5028:-:*:*:*:*:*:*:*", - "matchCriteriaId": "825524E0-BB01-4CAD-9F65-95E096467D28" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq5028_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5AE3085F-59BE-46A0-9A96-65CFAB7DFEAE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq6000:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EDB79382-19D6-4A67-9013-7099A9C58829" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq6000_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA7A5C46-48BF-42A9-A477-A660C6D7B437" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq6005_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A4695A9D-A02C-4E73-A327-E811C55B4EDF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq6005:-:*:*:*:*:*:*:*", - "matchCriteriaId": "28E41848-525C-4126-89C2-54BD193768DB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq6010_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A5CF970F-17AE-4C59-89A5-5B41A41E1DE0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq6010:-:*:*:*:*:*:*:*", - "matchCriteriaId": "71C54A70-AAA8-4B5E-AC1B-471A5C7E79B0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq6018_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B04589FF-F299-4EF6-A57B-1AD145372DBB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq6018:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FDC1ADAD-DA77-47EF-8DB9-C36961C560C2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq6028_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "06126F30-D081-4A11-92FB-4074A451FAF9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq6028:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E2550040-CCC7-4B52-8D3E-7948B3E3C62B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8064_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7A1CC1C1-F2CA-4C43-B9E9-1288C3496C7B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8064:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AC82552A-9E7C-4A13-B7A5-43CEA218675C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8065_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9F37542D-35FD-4B15-8882-DD7543FF4E3D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8065:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1A7A9919-4B34-4960-ADC7-04A176579B80" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8068_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A3CB8796-7976-4077-BFF3-04DAEF5C8DDF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8068:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E848E5C5-F6C6-4FA1-93A6-C7737D69BB15" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8069_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C818E621-4286-485B-96E3-AB485F16BD8D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8069:-:*:*:*:*:*:*:*", - "matchCriteriaId": "87CFC07B-1F10-4AC8-85D8-5BE76FE35FB3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8070_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C670A4C5-1F17-4F1E-91DC-A33A9BA8878A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8070:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ACC9F136-90A7-486F-AF2A-EC60125E5AF8" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8070a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "711FC14F-4DED-4F90-9BA5-0036537E6DCF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8070a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "302F06C0-4835-4CD6-B745-BF7B704C3C86" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8071_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA6FF982-7B4C-40F8-8A79-49CD234930DF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8071:-:*:*:*:*:*:*:*", - "matchCriteriaId": "77052755-6A86-4ED7-B45C-32F884D27C64" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8071a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "623ED6A2-EE37-458E-BEFA-8BAD08256AE8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8071a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "53449B68-4C58-4AEB-82B7-72726ADE0E2C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8072_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "83357A1C-633B-4814-ABB5-A8AC2AC12990" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8072:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8C4A7555-7224-403A-9B7D-23D1622623B7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8072a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "93E5DB9B-F388-49F3-ABD5-CE773FC4B045" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8072a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0137E60A-1869-479C-9B4B-378E5FCCBA1D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8074_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2914BF98-E69C-4C8D-8B10-759642ADD7B4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8074:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2118C404-402F-463C-8160-3CC3B703DF30" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8074a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5C7691C2-C4F8-4F23-9B5F-5E8FE0E2293E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8074a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "02BF2E50-E2A4-44FF-9748-ED96C0C1AB5F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8076_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "966392A8-DD8E-4AA1-B407-5BF2D937139E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8076:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A211C022-8EDF-4B76-89D6-599812900446" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8076a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EF245F8E-C056-4BEF-982E-9616F8C65CD6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8076a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CE302EF9-165F-47F9-B0D6-BE1E3D8C6C65" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8078_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A24951FD-C4AB-4988-A1DD-019412430AC6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8078:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EFEC5D65-C1E3-40ED-9FE3-8DF888CA2654" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8078a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DF609C6C-CD50-423A-A75E-83C730296089" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8078a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B8B35C18-9A01-41E1-8CE9-D8FA7E4A25ED" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8173_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8890C528-C2A3-4148-A397-85B63FB920C4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8173:-:*:*:*:*:*:*:*", - "matchCriteriaId": "81494D75-1D4D-4DC5-AF67-F83FD562DBB9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8174_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6BB84228-3083-4048-8E83-E1F30B537223" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8174:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EB58F259-62BA-40B9-BD71-960F25D20BED" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:mdm9250_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BA44E1D7-C4B5-4A1C-8D89-C080856104EE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:mdm9250:-:*:*:*:*:*:*:*", - "matchCriteriaId": "268F94E5-15A2-4BCA-BE1B-0B6A7179B9C9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:mdm9628_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ADC6FBEE-D2FA-4660-A078-D6CE2097653D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:mdm9628:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F6BD8A1C-D9AB-4BE7-A855-31E58631879C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:mdm9640_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7FD1C359-C79B-4CE8-A192-5AA34D0BF05B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:mdm9640:-:*:*:*:*:*:*:*", - "matchCriteriaId": "716B747E-672C-4B95-9D8E-1262338E67EA" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:mdm9650_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "35B7E25E-FA92-4C36-883C-CFF36F4B3507" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:mdm9650:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ECD99C6F-2444-4A5E-A517-0C8023DDF23D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:msm8996au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8CA1E7B0-782B-4757-B118-802943798984" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:msm8996au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "95CB08EC-AE12-4A54-AA3C-998F01FC8763" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qam8295p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C2D9E281-B382-41AC-84CB-5B1063E5AC51" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qam8295p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "44EBEBD5-98C3-493B-A108-FD4DE6FFBE97" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca4024_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C359D1E7-6E0A-41B5-ABE5-B55598960700" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca4024:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B4DC3CE7-0C4A-458B-A42E-8F80C062DD5F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6174a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4FF653D0-15CF-4A10-8D8E-BE56F4DAB890" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6174a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C31FA74C-6659-4457-BC32-257624F43C66" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6175a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "08811FE5-AEF1-4D3C-8916-DABB7969BA93" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6175a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F8A94CD9-E084-4772-B173-91B6A0F46291" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6310_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "62DC4FBB-D9CB-43EB-829E-0A892306D0E2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6310:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5B0F8ED6-EAE7-44EA-A8C6-F5AD408261F0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6320_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "886CF046-E1D9-4FD4-AC02-EAB61C3F70FD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6320:-:*:*:*:*:*:*:*", - "matchCriteriaId": "059486E9-3F99-4C65-A763-470564EDAF2C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6335_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "966CDA56-809F-4FF4-909D-0DD92F44CF67" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6335:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C90747B4-2CC0-4816-A994-58E00F5ADA05" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6391_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "83B53119-1B2F-4978-B7F5-33B84BE73B68" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6391:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6FEBC0C5-CAA1-475C-96C2-B8D24B2E4536" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6420_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7E16994A-6DBA-426C-ADD2-B1E8B49FEDBF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6420:-:*:*:*:*:*:*:*", - "matchCriteriaId": "47E674DE-55AB-44E5-8E00-C804FC9D4DC0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6428_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8B9382B5-AEB1-41E6-9F25-B0EDC95363C9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6428:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BDFC0DFF-F13A-4804-890C-99AFA0C56D62" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6430_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "95AFC483-1468-43FC-96FA-A56165C290E0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6430:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0A963FDF-6FF4-4F48-834E-2A14D241716D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6438_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F8D7658D-692D-4873-8D41-7682E9ECAEB3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6438:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DB8993C2-1E06-4ACF-B1E8-A62D89EBF4A0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6554a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0B1397F3-8CCF-4BBA-9F0F-A12E4F045754" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6554a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F5888224-567D-4C84-BE6D-17B636BF506C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6564_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "00FE294D-4BE0-4436-9273-507E760884EC" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6564:-:*:*:*:*:*:*:*", - "matchCriteriaId": "424CB795-58E5-43A4-A2EC-C563D93C5E72" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6564a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "886124F6-B397-4EB6-8E01-6012E468ABE9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6564a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "93ED74CE-6BF2-4983-8780-07D5336745B3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6564au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B59672A0-2FA6-46CC-B75A-C599B842AFB9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6564au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3847F4A5-90A5-4C84-B43F-0DDD81BD79CE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6574_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9B828AC8-4A01-4537-B2BD-8180C99F5C32" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6574:-:*:*:*:*:*:*:*", - "matchCriteriaId": "66C16E1E-9D4A-4F20-B697-833FDCCA86FB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6574a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "828CFB37-76A6-4927-9D00-AF9A1C432DD6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6574a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "11405993-5903-4716-B452-370281034B42" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6574au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D527E2B1-2A46-4FBA-9F7A-F5543677C8FB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6574au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8374DDB3-D484-4141-AE0C-42333D2721F6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6584au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C3DDA896-576C-44B8-85B6-F71F473F776B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6584au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "51A87BDA-5B24-4212-BAB3-D2BBB2F4162E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6595_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "643EC76D-2836-48E6-81DA-78C4883C33CA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6595:-:*:*:*:*:*:*:*", - "matchCriteriaId": "477F6529-4CE1-44FC-B6EE-D24D44C71AE7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6595au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "288F637F-22F8-47CF-B67F-C798A730A1BD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6595au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D0996EA3-1C92-4933-BE34-9CF625E59FE7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6696_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0AE207DB-9770-40ED-961D-FDA75965826F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6696:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0E23922D-C37F-476F-A623-4C1458A9156F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6698aq_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5FA1F8F4-EAF2-4704-A8A6-19AD3CA1B577" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6698aq:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B3F7853D-09EE-476F-B48D-BB30AEB4A67D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca7500_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9D4F8296-D8D0-42C6-AAD2-24DA0DB403D4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca7500:-:*:*:*:*:*:*:*", - "matchCriteriaId": "14EC7373-E5F3-4D2B-B727-CAEE772B74BB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8075_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CC8A5A87-7D62-4EB7-962A-0F160DE3E889" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8075:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7B68D126-7F49-4FFA-8AF8-78120973D78E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8081_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1D1C53DC-D2F3-4C92-9725-9A85340AF026" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8081:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ED0585FF-E390-46E8-8701-70964A4057BB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9377_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C4D2B46E-3996-42FD-B932-09E92C02EC8A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9377:-:*:*:*:*:*:*:*", - "matchCriteriaId": "98E58C63-F253-4DCC-8A14-48FEB64B4C3D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9531_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E71452E6-551F-4E93-9951-2582C60BDFCE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9531:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6D69FB0E-FDFF-42B8-ADAD-797B7C91E979" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9558_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A2A974EE-8003-4482-BC09-F7C24AB20267" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9558:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C6F2B1C1-8267-43EA-B3FA-314A588F4A6A" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9561_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8256ECFF-0CC0-4EB4-9B6D-BAA697CC739B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9561:-:*:*:*:*:*:*:*", - "matchCriteriaId": "66B8E884-7D65-4EF9-BB56-FD8EDD7075F0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9880_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7F81D132-B2DD-4D09-8561-21A2CFBCC9FA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9880:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F099A893-232B-48FB-81B3-F01AF2A19426" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9882_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0EF5BF57-BA27-4845-956D-39ED5FBADE6A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9882:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8BFE4A19-B8BD-44F8-8AF0-689E497A271B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9886_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "311229F9-4A32-462D-AE8D-E5E2B2C416CE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9886:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5A523C3F-FB62-4728-8173-4C117C28AC5A" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9887_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "35BE591A-1EAE-4067-810E-D4A37F6187C4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9887:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2190E138-0C63-49F7-815B-1B7E6C2C4C67" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9888_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EF227702-EEFC-43CC-AC80-81EA6E4927E0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9888:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AE5DFEA5-EA29-40B6-83DB-883B276E8245" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9889_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "728CCD27-ED06-49FD-AECD-9B0856813EDF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9889:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1D181868-AE93-4116-B45F-81D94F537227" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9898_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "49882EDE-598D-40B2-8A65-D258241E669F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9898:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F1572D87-4EC2-4B95-826A-B03FDD4985AE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9980_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DCBC53AC-E040-40E0-B09B-4117E641C9D4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9980:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7AE49086-E95B-4852-8A09-16A83DD63EC9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9982_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "32B9AE1B-0E97-4A38-B33D-6EB9DC67B158" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9982:-:*:*:*:*:*:*:*", - "matchCriteriaId": "684FC997-B2E2-4DF3-85ED-A8F8C986FD2B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9984_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "93BA2DC9-5B4F-4F8F-8B3D-8DA01043B9BD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9984:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8FA8880F-E513-4390-B839-C5D86E7A89EB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9985_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ED6C33CE-635A-415F-9F4E-70E2D86A06D3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9985:-:*:*:*:*:*:*:*", - "matchCriteriaId": "124FF4F3-0490-4CB8-8689-5F0FA6D9230F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9986:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4E9EC919-0F83-49F3-807B-CD4B27AAE741" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9986_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "70DBC461-DFD7-419E-8241-B55913315D45" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9987:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E0B7DFC6-5D6A-4B73-B5F8-6C2073E0EBE0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9987_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "77057B7D-E70A-4F74-A141-14B0DD798247" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9990:-:*:*:*:*:*:*:*", - "matchCriteriaId": "37A829C8-5BA3-4B13-9033-30FCD5B78B70" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9990_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "991D9592-D61E-4777-8B59-EB004F09998E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9992:-:*:*:*:*:*:*:*", - "matchCriteriaId": "408C8494-E7D8-4F99-9B04-7E84A31C799B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9992_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5D8FB66C-5616-4C3A-9CAE-7610519ACA1A" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9994_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BD5B18AA-0699-4F21-9D3E-C45B071B4903" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9994:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DDC4C800-C9E3-4DB0-AE99-3F75D3660DEC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcm2290_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5AB1F0FA-25F3-4304-A3BC-5264E55CC092" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcm2290:-:*:*:*:*:*:*:*", - "matchCriteriaId": "214A053F-D80C-4AD9-B4F1-83384095A3F3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcm4290_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3C7FFB96-53E7-41A2-BC99-7ACD853214A8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcm4290:-:*:*:*:*:*:*:*", - "matchCriteriaId": "74EBA77E-69A5-4145-9BEC-CD39BA132309" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcm4325_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F2D8044B-D4E5-4174-A0FB-478F8434EE8F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcm4325:-:*:*:*:*:*:*:*", - "matchCriteriaId": "163FE96E-DF5B-4B67-8EDE-44A5B9A8492D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcm4490_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DA506489-4338-44DF-8F92-12E60AF0048C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcm4490:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A8718C37-A82A-4A08-A887-3F22B37601A9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcm6125_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AB226552-52D9-44F5-A170-35C44761A72B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcm6125:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FBB16DC4-CDC9-4936-9C6A-0ED8E1F6D056" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5021_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B0F7D48A-7D06-46C5-A093-FAA12666A666" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5021:-:*:*:*:*:*:*:*", - "matchCriteriaId": "58DF7FA9-72B4-454D-AED7-ED9531B118BC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5022_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "478B79F0-D257-41B2-965B-3E251A584D45" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5022:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8B6D2C9D-1BF9-4D78-90FB-B7633DD87E67" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5024_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "63965F19-033E-4755-B9CA-EF409EC339A3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5024:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CCA0E68F-6D5F-4C20-AABC-26CA6867D3D6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5052_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "85740DB4-3B08-48A4-ACAF-7BBB2612009A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5052:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8A0BD404-5EBA-4988-91B6-ECE8FCF4F041" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5054_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2D6190FE-17A6-48CE-AA34-5DCF01362E9F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5054:-:*:*:*:*:*:*:*", - "matchCriteriaId": "09AB1C26-7ED2-431E-8EA4-8ACB16857A01" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5064_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0405CBFB-AD0E-45F8-ADDA-60D2BF7486C0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5064:-:*:*:*:*:*:*:*", - "matchCriteriaId": "08F4DD2E-C887-424C-B931-CBB9B402726E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5121_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F7582D75-412A-4CF8-9507-FB9AD10FBCC0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5121:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4E1CA0C2-13AD-4D4F-9FCD-882E2045D871" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5122_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "290BFC8A-0D76-4BCD-B059-2DAFD368A10C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5122:-:*:*:*:*:*:*:*", - "matchCriteriaId": "936A308A-92B9-468C-9BC6-8FD71C7C2315" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5124_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2A9F76FF-96D3-4BCE-918D-B3B0ADA3E8E0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5124:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2908A543-EFE4-477D-9CF3-76534B2E6CF6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5152_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0EAE1EBF-AD14-4C07-99B5-2547A5196B20" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5152:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D4829FF9-C0BA-4E40-A01A-3EF179462029" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5154_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0ED3ED74-C2D0-4A84-A2F8-392818E5CD20" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5154:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4F1CA219-959D-481A-8622-69F1825832FB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5164_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5F6EAD64-D133-42C4-92ED-90C49938C0F1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5164:-:*:*:*:*:*:*:*", - "matchCriteriaId": "93E7ED58-C5A7-4F78-8233-750780CCAB16" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5550_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A0A436BB-212C-4419-A0C7-03C0E04BD582" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5550:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3AF4B33B-223D-45F5-8168-3D2232E11663" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6023_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "63FF89C5-3BBF-4A13-8A3B-F490C2FA1A95" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6023:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6784EC5F-2C26-49C5-9A03-6FD2056C04EF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6024_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A49DBE04-E2EA-4DA1-B774-A878A71524AC" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6024:-:*:*:*:*:*:*:*", - "matchCriteriaId": "69E98386-3BB2-4E8C-AD00-E05123608439" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6122_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1A988BD3-71D8-4F2B-9EC2-8E385B114114" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6122:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1E7049A3-9F35-465F-9B2E-96788E54EC63" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6132_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A59FBBDC-0495-422C-B25A-FFDF94D33C34" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6132:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F6E55C06-45EE-4144-8CBC-4D41DDE4D899" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn7605_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9C9D1966-30F0-414D-BE75-0A14B12A1457" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn7605:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CD28C87D-1D28-4C84-BFE4-56EE3BF2C6B0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn7606:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0F92914E-16F6-4A25-9FEF-FB7CB3377132" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn7606_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F466A5BD-1912-4811-9A93-81555F101D46" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9000:-:*:*:*:*:*:*:*", - "matchCriteriaId": "86896D55-89F5-440B-9082-916E486B65D9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9000_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5BCCFF8B-4857-439D-BD4A-EB35672F474B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9012:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1A06879F-6FE9-448A-8186-8347D76F872B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9012_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "61F34DD2-9DC0-49E5-BC85-1543EA199477" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9022_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "36A10EB2-E7A2-461F-836E-FC38B9428C98" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9022:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A457C1D6-A026-4B5F-9CB1-FA795785A515" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9024_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A64CDA49-19BF-413F-A0E0-2B9729E45E25" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9024:-:*:*:*:*:*:*:*", - "matchCriteriaId": "345CCD64-C09E-407D-AAA2-311C4CCFE24F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9070_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2C10CAAC-FD93-4116-9F0C-E983B3693FAF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9070:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9FEC2402-BA39-49BB-A34C-FF32ED44A158" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9072_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "809FD84D-11C5-4EE3-B830-62CF5F6CB1BC" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9072:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DFD77A52-D53C-424F-9E17-160B710469C3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9074_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "65303C2D-C6BF-47CB-8146-E240CB8BBE42" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9074:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A6B03022-497A-4F42-BB4D-5624EA7DF1B9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9100_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B31EEE9E-CDEC-4E88-B950-3413205E483E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9100:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3E1E341A-7DDD-47E5-BB5F-0666482B41C0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs2290_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "93CDB7BC-89F2-4482-B8E3-9DDBD918C851" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs2290:-:*:*:*:*:*:*:*", - "matchCriteriaId": "76E03AE9-2485-449B-BCFD-3E452BB01FC6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs410_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DC43BB27-0516-4750-A4C2-C45298441398" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs410:-:*:*:*:*:*:*:*", - "matchCriteriaId": "969585DE-93D6-4406-A632-D838ECD4D5AD" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs4290_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "06789CB9-E6FA-400D-90B6-C2DB6C8EF153" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs4290:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FFCB9F22-57F2-4327-95B9-B2342A02E45E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs4490_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3336CDD7-9E7B-4FFB-A5CE-594B19B63A6C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs4490:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1197E229-1E27-4CA3-A386-B77FAE5DFE1A" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs610_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E634F59C-6817-4898-A141-082044E66836" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs610:-:*:*:*:*:*:*:*", - "matchCriteriaId": "29762819-EC90-499C-A8C6-1423DE3FE6B9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs6125_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4468EA5D-87B0-4FEC-A3DB-617651B0D169" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs6125:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6DA2C3E1-E285-4CAD-9FA3-813C8EC436F6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qfe1922_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FB11E143-E871-42D7-8B8B-A0CB9D33EC63" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qfe1922:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B46CE16F-74E6-4B6C-9423-0634D54EC9AC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qfe1952_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0DD24EC7-16C3-4192-96A7-4F820C9531FC" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qfe1952:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9C3739CB-D4FE-4247-A32C-4641741DCF0C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:robotics_rb3_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "01264215-1B23-4406-B5A2-2C0A7B4E9937" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:robotics_rb3:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F67FE29B-D218-4B32-B881-79262BD6BFA1" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa4150p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0DC99C0C-8AE3-4918-B91D-2C26990FE931" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa4150p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A558A868-1B67-48D2-8A94-FDEA7126FAE7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa4155p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D8D28764-EF4F-4FB3-B936-B42397450EFD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa4155p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7964A762-467B-47D7-865F-30D48A0AE47C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6145p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C66671C1-AE1A-44BE-9DB2-0B09FF4417DB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6145p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "74AA3929-3F80-4D54-B13A-9B070D5C03BB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6150p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "054F77D6-FC66-4151-9005-DC7ECDB5C722" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6150p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8ED3F589-16D9-46A7-A539-C9862473EE0D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6155_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4C40544E-B040-491C-8DF3-50225E70B50C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6155:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A2DAC85C-CDC9-4784-A69A-147A2CE8A8B2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6155p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8DC40C14-3B2D-4E00-9E0F-86E6BDBF2D81" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6155p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0514D433-162C-4680-8912-721D19BE6201" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8145p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A71D74B0-0963-49FD-8E97-148C8993B263" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8145p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "910CBFA4-50F7-4C7A-B9B9-B88C8A919827" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8150p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "69C1B02F-8D2D-42E7-B70D-41F4D9844FD1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8150p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3FEACAA9-C061-4713-9A54-37D8BFC0B00B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8155_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F33EB594-B0D3-42F2-B1CA-B0E6C9D82C6B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8155:-:*:*:*:*:*:*:*", - "matchCriteriaId": "50EF47E5-2875-412F-815D-44804BB3A739" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8155p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C8648B38-2597-401A-8F53-D582FA911569" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8155p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A01CD59B-8F21-4CD6-8A1A-7B37547A8715" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8195p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "51BC0A66-493B-43BE-B51F-640BDF2FF32E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8195p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D8DA4D12-7ABF-4A04-B44E-E1D68C8E58AB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8295p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2A19659B-A0C3-44B7-8D54-BA21729873A4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8295p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F978041A-CE28-4BDF-A7DB-F0360F1A5F14" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180x\\+sdx55_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C751ABFE-3B9B-472B-A10C-277270790D95" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180x\\+sdx55:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C819454D-D413-478A-B78D-CFF6994803A1" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd_455_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B3EF9964-D615-473E-A289-8A01D91D87AA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd_455:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9C177163-B6E6-42D8-8969-C2F9832C6701" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd_675_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3F900C8F-9763-441A-B97E-E5394A68A08A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd_675:-:*:*:*:*:*:*:*", - "matchCriteriaId": "589C1001-E9F6-41A6-BCC8-A94A3C97F2E6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd_8cx_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A71D1A7C-537F-458B-BA56-A11F95E36EA9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd_8cx:-:*:*:*:*:*:*:*", - "matchCriteriaId": "716DEC4D-D854-44CD-8A14-AA5AFD96809E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd460_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "52036768-810C-40C2-9213-8397A4073703" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd460:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BE8AB22C-54EA-4D61-B6F9-7BC45820D29E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd660_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3991C516-4FBE-43D8-835F-413FE45BF73E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd660:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D9CF5EBB-B25A-4A76-B522-951F108263CC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd662_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C7BE7001-5539-4C5E-A064-6E62023803AE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd662:-:*:*:*:*:*:*:*", - "matchCriteriaId": "06661DAC-5D22-433E-B5EC-486931E265B4" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd670_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5B8DA94C-23A0-4C99-9F05-144B9B5224B3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd670:-:*:*:*:*:*:*:*", - "matchCriteriaId": "39E10E22-E7CC-41D6-80F3-030083F45645" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd675_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1497D052-884E-496B-BEF8-6904A25125ED" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd675:-:*:*:*:*:*:*:*", - "matchCriteriaId": "589F4888-28F6-4ECA-860E-8054C2A8C419" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd730_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EC4DA7EA-DB81-4C71-A875-2612D8D7D726" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd730:-:*:*:*:*:*:*:*", - "matchCriteriaId": "48F26F64-98D4-420A-8918-E5E56ABA1D47" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd835_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9DA605FD-B801-43BB-B52D-879013F7F57E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd835:-:*:*:*:*:*:*:*", - "matchCriteriaId": "908BFD96-0423-4AFC-B8F3-105B2D5B4C73" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd855_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "42B30014-95AB-4F24-A7A5-60A907502609" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd855:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F562ED3D-CBE3-4DCC-BFBB-DE0AD2425A9C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sdx20m_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4079EC4E-ACCF-4BC4-BC3F-D7951C4B6496" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sdx20m:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5765D9F4-4090-4470-A90A-7E72A50881AF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sdx55_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E93FB34B-3674-404D-9687-E092E9A246AB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sdx55:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F3FF5A9A-A34A-499C-B6E0-D67B496C5454" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sg4150p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9279F02F-6C30-4891-8941-97003DE9C8C7" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sg4150p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FFA7BB42-305C-451F-92D8-0718DF68A012" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm4125_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E2B93301-AFE8-409B-A8C8-6754BE5A0C14" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm4125:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B185412C-177F-48E2-87F9-1269E0FB8E31" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm4450_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8F57DB5E-863C-4CA1-B7C0-DD8FCA50F835" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm4450:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6E3F3930-3C47-4A0D-ADC2-2641AE1CC02C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm6250_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FACA2BF1-85D3-447F-A08D-B90330A22550" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm6250:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C2ABA18D-82C1-4366-B1D7-DED42DD3D5C5" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm6250p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E3FB2972-94B6-4716-BA96-4B452BA3990F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm6250p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "57F4F872-094E-4E27-BB89-D8251FAFB713" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm7250p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "76DB5472-DF51-4144-8A69-9B231CF782DA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm7250p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1D395018-251C-45AA-9EE8-A638CAB0B508" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:smart_audio_400_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BF7A6EE4-D951-480F-8F68-D49983C911D6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:smart_audio_400:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6FD155BC-1157-4DEA-940A-FB8BD117D4C6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_4_gen_1_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C57BEA9E-2DAD-47E5-9777-DF835C83FC89" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_4_gen_1:-:*:*:*:*:*:*:*", - "matchCriteriaId": "67E8D5A1-0C4F-4ADE-902E-1768F9C84EDA" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_460_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E4DA61D9-00F0-44AE-9821-41C730D85CA9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_460:-:*:*:*:*:*:*:*", - "matchCriteriaId": "312DFB2A-E115-487A-AABE-BBAC057AFA73" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_480_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "04DAFFC1-9038-4CEB-B181-C555BC0A3CF7" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_480_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "70A8B62B-DA3A-416E-96D8-4E5AAD197631" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_480\\+_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8BE024DC-38BD-4AD5-8505-C3218C5FCF06" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_480\\+_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A5F6C78C-33F5-40D8-9D2C-52D0FEC6DCA8" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_630_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B2E368C7-0696-466E-9FAC-0C9A58275787" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_630:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7FBF4F78-DCD9-4554-85F2-540979546ED7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_636_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F32168D9-3A1C-40FD-BD46-941D5A1F02EE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_636:-:*:*:*:*:*:*:*", - "matchCriteriaId": "20F4EB92-9FD7-4FD9-9FDE-A48D7AF83510" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_660_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FF33DF89-CD83-4003-B3E2-F399A61B71AF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_660:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7D84D667-1939-4891-87E3-F8A77433252E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_662_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ECA86357-66BD-4356-87DF-5AF445BC8DF9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_662:-:*:*:*:*:*:*:*", - "matchCriteriaId": "88C87768-9D47-4C92-BF01-743F572C3F10" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_665_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "92B6A9E9-F392-4F44-AC5D-00331C10F038" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_665:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F4971876-4B11-4A7A-A461-424846F7DDC1" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_670_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6D675A8D-0FB3-4B2F-9D60-0DBB521820D5" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_670:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C1E4FC24-7BB8-4E16-8ADA-C54FE94C2CE7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_675_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EC6976CA-9019-4B8A-84B1-58F73A0E2673" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_675:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B11CD214-B46D-43A9-A170-CBC40BFED199" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_678_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "63FDD354-0044-4BD2-B1B9-B89BE040070D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_678:-:*:*:*:*:*:*:*", - "matchCriteriaId": "52CFA50A-F846-4C91-83ED-B52B8B5C9781" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_680_4g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A7C981FE-CD14-4DA0-86FE-94C34B490A36" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_680_4g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CC7A9678-01AD-4CCE-BD3E-DD0FDD7E246A" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_685_4g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5CF03844-5ECE-4738-9DD3-E7F690679A06" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_685_4g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CD0989BA-DEBC-4B45-AC3A-F2033C17B93A" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_690_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F97A345D-4024-4C48-A7C5-BF2F13D3B2BE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_690_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1DCF8439-B259-43FE-B797-57C2D62A35E5" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_695_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3E265840-94AC-4462-853D-29098B2CD746" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_695_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "624349A3-DAD6-4C93-A694-AB4CDC0F00EC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_710:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A7E3CAB2-09FB-459E-8219-66283C59B6CF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_710_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9937F60D-3325-41F8-8F7D-99C1A07016F9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_712:-:*:*:*:*:*:*:*", - "matchCriteriaId": "263C29D6-25C1-4B30-AD96-AF9AEC5B7745" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_712_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A4265281-9F77-48CC-80D8-4BE3743C10B2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_720g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5E87C169-AC6C-41FB-878C-748517AB40BF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_720g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0EDCFF2B-1713-46E2-AA4A-419FB63ED8A0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_730:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E726FE28-3CEB-48DC-8C4E-7DB56D9567C0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_730_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5CB628D4-566E-454D-B2B9-04A5533C6737" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_730g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E6A01340-72E8-4811-A24A-D359C8B63611" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_730g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B7A5B684-09BB-4DD0-9F16-D3761EA37D34" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_732g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B8C1A76A-AD97-4A08-B45A-F9994D5455DE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_732g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6E07087B-C0E3-431E-A03A-0255B3EC73A3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_750g_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A1DF0CA5-9874-4C25-8357-7E5D9AABACD1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_750g_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C4D5549F-053A-4EF0-BB43-CAD84E0BBF98" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_765_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5D8D5607-F0BC-46C9-A94F-1D28EE5A3F0E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_765_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "17D19361-1C7D-44F2-B007-36097947B352" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_765g_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B52D8884-D1E4-45F7-86F6-D882DF099611" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_765g_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9F4659B0-547B-4492-9338-90B45B0462FC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_768g_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CE9D188A-2029-431E-A225-302C7795B891" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_768g_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E0D216C8-92CF-4C54-8D44-5E1BBAB76C92" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_7c_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "047C3F2B-1DC5-47AD-B802-465F30CB690C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_7c:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4623586A-DD0F-4735-A997-DCDC4AF116BA" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_7c_gen_2_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "38BAAAA9-4133-47FB-BA30-33DA4B3390B9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_7c_gen_2:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4FE39066-D0E2-4E7A-AF00-D588FCE47472" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_820_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "87D8DD02-AAAB-4EAE-BB23-C8DA64A2ADF4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_820:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4034D942-52BC-4DEB-93CD-AF7CDC30C5C5" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_835_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D712ED25-1364-40C4-94F8-DC18D1DDCC66" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_835:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4FE45292-C833-4461-97CE-6A039A29901D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_845_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3C36C7F9-2C63-46A0-A8B7-AB6225229255" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_845:-:*:*:*:*:*:*:*", - "matchCriteriaId": "96F9FBC6-940E-41CF-B524-63EAF8642C1F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_850_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FA1D0BD4-DF9A-41DC-8A96-E021F0A72102" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_850:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A8504D30-86B4-4613-82FF-9BE57F0BA5A0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_855_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B5501670-56E2-48B6-ACFC-67F908D5ECCA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_855:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C3AB9254-8202-411C-9700-C2739D9C317C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_855\\+_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "06165461-2AA0-4306-8F72-C8F6A9D5113A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_855\\+:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D95A0D7F-8A18-46A1-B420-2DF65E03B60C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_860_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "47D193F3-8369-4253-B46A-07DC2D4CC19D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_860:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DCAFB57B-87C0-45EA-9F8D-1818AF187D35" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180x-ad_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2802A422-CCEA-4634-B164-09AC35C00C2F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180x-ad:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8AB65F7E-6921-44AA-8B2C-C4814BD51A7F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180xp-ad_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E7EB4CA4-CEAF-4D8C-AE28-5373CC5E46D7" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180xp-ad:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9B12A03C-20D1-452A-99E6-BA94C02BA982" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180x-aa_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "89811F0E-0226-4657-B0E0-5C03FAAEE0AF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180x-aa:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FD6A5576-6766-4E65-A8C1-7215DC0EC128" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180x-ab_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "797F1912-4F43-4CA6-83DA-620C4623CB94" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180x-ab:-:*:*:*:*:*:*:*", - "matchCriteriaId": "419CEB14-21A1-4B9B-A2E7-C5F76FED07D8" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180xp-ac_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "61C77656-153F-4DA8-9C7C-BCAAFD25E0A7" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180xp-ac:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0DFDC9D5-81AB-4B4E-AB78-691B8A389C86" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180xp-af_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3B7DFFD6-92C7-4042-BD8F-D3E6FDB7958C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180xp-af:-:*:*:*:*:*:*:*", - "matchCriteriaId": "007B494C-4AAD-4E74-BD16-C62A643BC241" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180x-ac_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EEC4BF9B-2B98-44FF-9B81-25C10AB71E24" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180x-ac:-:*:*:*:*:*:*:*", - "matchCriteriaId": "02C5409B-4D98-4F3D-9902-41A5394342C9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180x-af_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1B66319C-184B-4417-85D6-4F8AB51B578E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180x-af:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F7C8DA78-9E96-4140-961F-B2BD80ACCE54" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180xp-aa_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "53AE3110-9F78-45E8-BAD9-2C63ACD7489B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180xp-aa:-:*:*:*:*:*:*:*", - "matchCriteriaId": "819D5879-EE22-4E6B-B401-D02F7FC68679" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180xp-ab_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6EBD06A6-7156-4363-AECB-6CA872008B54" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180xp-ab:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FFEBF216-405D-462B-9345-3146315F6744" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_auto_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "901F9968-53C6-4A19-87C8-5FC90A74DF30" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_auto_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E57A7FD9-3849-4420-95BD-905C701E6213" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_w5\\+_gen_1_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "158F6ED7-FB30-47BF-BDAE-91BED7A58157" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_w5\\+_gen_1:-:*:*:*:*:*:*:*", - "matchCriteriaId": "89A06BE0-4F54-4591-836D-4D70D9976BBE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_x5_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "749493D0-876B-4E7D-BF45-E3ABD0ADCA1C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_x5:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2B049975-50D3-447D-B366-D85ABE844498" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_x50_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A0FFF6A9-EBCB-48DE-B0D6-2DC8E480EF0F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_x50:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C451B414-B21F-4D91-AF5F-CAD8A8CCA4D7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_x55_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7311E7E8-38D2-439A-8F3E-7BCAE5A0317C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_x55:-:*:*:*:*:*:*:*", - "matchCriteriaId": "91BF9C64-BA4F-42F4-9968-02E2A074D9F8" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_xr1_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ED623126-9BE8-441A-8F5D-397F588FFC48" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_xr1:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8A55B55F-D25A-455D-8CC2-415A677393F6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_auto_4g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BDDA8319-911D-4689-A28B-AD70EBB23BB2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_auto_4g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1E3EAFB7-3581-45F8-81F6-3EBFDD12D842" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sw5100_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA1BF9BB-AF11-46A7-A71C-F7D289E76E3F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sw5100:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7B8455D6-287D-4934-8E4D-F4127A9C0449" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sw5100p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DB599A9F-0305-4FE4-8623-0F86630FEDCB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sw5100p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EEB883BF-68B2-4C25-84DC-5DA953BFAA2F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sxr1120_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CF839E24-6542-4C5D-A1B7-FD3BA00683CB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sxr1120:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E9F12284-93E0-482D-9D35-EB38BA7D6C6D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:vision_intelligence_300_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C33CAF7D-F810-41D3-9BFE-C61E7758CE84" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:vision_intelligence_300:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3B4BAC93-2C2A-4A73-A652-CD6B2F608CDD" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:vision_intelligence_400_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A8E976A6-4785-4F88-9035-0F6F0509A642" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:vision_intelligence_400:-:*:*:*:*:*:*:*", - "matchCriteriaId": "16204302-0B17-4759-A4C8-E8B0301BBCAB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9326_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3A2FAD34-B7C5-400A-8575-A12CDE65ACBE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9326:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5A39A2E5-6D8D-4F6E-98CB-96DB1975A4BC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9335_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "28717583-463A-468A-8073-ECF0F90585F6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9335:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4D1A7188-7D5D-4D46-AEAB-08BA84FFF539" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9340_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8BA28CC6-C8BB-4F50-BFE3-A59F664A4F54" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9340:-:*:*:*:*:*:*:*", - "matchCriteriaId": "94D2BDF1-764C-48BA-8944-3275E8768078" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9341_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CE852339-1CAE-4983-9757-8F00EDEF1141" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9341:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4D9E96B3-F1BB-46F8-B715-7DF90180F1E1" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9360_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C4D6C6B2-36DC-4D0D-AFF8-2108A090A78D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9360:-:*:*:*:*:*:*:*", - "matchCriteriaId": "28FEB3B1-F641-436D-AC4F-3304C37167C4" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1295D869-F4DD-4766-B4AA-3513752F43B4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9370:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B98784DC-3143-4D38-AD28-DBBDCCAB4272" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9371_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2503805B-B2A6-4AEE-8AB1-2B8A040702BD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9371:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D3AD370C-2ED0-43CF-83D9-50DC92A01CA5" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9375_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "34143ABA-7D09-429F-A65C-3A33438BF62C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9375:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9D56DFE3-5EF1-4B23-BBD5-0203FBF9CCEC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "70292B01-617F-44AD-AF77-1AFC1450523D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FA94C6D6-85DB-4031-AAF4-C399019AE16D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "92B17201-8185-47F1-9720-5AB4ECD11B22" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E1FA2EB9-416F-4D69-8786-386CC73978AE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3910_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9F0D7B24-D567-479A-B4F1-595FAA053418" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3910:-:*:*:*:*:*:*:*", - "matchCriteriaId": "33A8FAA1-F824-4561-9CCC-7F0DF12F740F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3950_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3FEF2DB6-00F5-4B07-953B-EF58B31267F1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3950:-:*:*:*:*:*:*:*", - "matchCriteriaId": "120E8F0F-EBEB-4565-9927-2D473F783EF7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9C6E9038-9B18-4958-BE1E-215901C9B4B2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3980:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B36D3274-F8D0-49C5-A6D5-95F5DC6D1950" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3988_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E4BFB25F-013B-48E3-99FF-3E8687F94423" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3988:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BF676C5B-838B-446C-A689-6A25AB8A87E2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3990_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2744A053-5BD9-45A9-A2FC-791BCA0CCD4C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3990:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D5F28E29-520F-469E-B048-62DE2EF07ADD" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3999_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DF49BC31-A332-4B9A-A826-F63116D7029F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3999:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6DD3C245-D5F8-4145-8CDF-F635D2C8F088" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "15307882-7039-43E9-9BA3-035045988B99" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA85B322-E593-4499-829A-CC6D70BAE884" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E839A0B9-64C3-4C7A-82B7-D2AAF65928F8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7E870D82-DE3B-4199-A730-C8FB545BAA98" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "11B69595-E488-4590-A150-CE5BE08B5E13" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BF680174-5FA6-47D9-8EAB-CC2A37A7BD42" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7ACAD26E-B79E-4659-91A5-D301281F7D36" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8832:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F0E46DA6-9494-4D92-A4AE-A272AF6ACCCC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F80BC68E-7476-4A40-9F48-53722FE9A5BF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6B36F4B2-BAA3-45AD-9967-0EB482C99708" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.qualcomm.com\/company\/product-security\/bulletins\/september-2023-bulletin", - "source": "product-security@qualcomm.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-28565", - "sourceIdentifier": "product-security@qualcomm.com", - "published": "2023-09-05T07:15:14.000", - "lastModified": "2024-04-12T17:17:07.970", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Memory corruption in WLAN HAL while handling command streams through WMI interfaces." - }, - { - "lang": "es", - "value": "Corrupción de memoria en WLAN HAL al manejar flujos de comandos a través de interfaces WMI. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - }, - { - "source": "product-security@qualcomm.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-787" - } - ] - }, - { - "source": "product-security@qualcomm.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-129" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:9205_lte_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2BA1C725-EA2C-488F-AAAC-2781095AC134" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:9205_lte:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CB62156B-B4B6-42C7-9AE8-4FF40F735C1A" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:apq8017_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6FEDA6CA-A0FD-4A72-B856-C8E65AC86902" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:apq8017:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8D29295A-7183-46BE-B4EE-F891D1C17ED9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:apq8064au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CDCB8499-A096-4633-8506-63C0A227A958" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:apq8064au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BEE2C7C3-E928-4466-B537-0D1826E2223C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:apq8076_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9A4CAA77-CC4D-49CF-9696-6C2542B31415" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:apq8076:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E19E8B60-4C5C-4D1C-B9F0-AB1FC1F58949" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:apq8092_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CF8D0C2A-3444-45EA-81BC-F72BE9D2F0FF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:apq8092:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B678CB4A-A4B4-45AF-9218-AFC30A5B71ED" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:apq8094_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "83BCBAD4-F51F-43E8-8865-C07B47EA6417" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:apq8094:-:*:*:*:*:*:*:*", - "matchCriteriaId": "20239319-ACA6-4249-815D-C10D5E39A16A" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:aqt1000_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EC6FCE91-BF38-49ED-8FFB-429BAFEE7832" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:aqt1000:-:*:*:*:*:*:*:*", - "matchCriteriaId": "715A9F94-5F9E-45E5-B07B-699410C01478" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ar7420_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C83C4477-A329-4DC4-A2B4-6475B41DADAD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ar7420:-:*:*:*:*:*:*:*", - "matchCriteriaId": "24715D16-FBEC-4730-B644-17D36126BEBE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ar8031_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FCE1ADA9-8042-4CDE-A2B9-E96665CB41BE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ar8031:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BB1DE046-DD70-4ACA-9DF4-59939DAC1889" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ar8035_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C88B9C86-2E8E-4DCE-A30C-02977CC00F00" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ar8035:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EE473A5A-5CFC-4F08-A173-30717F8BD0D7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ar9380_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B032F871-3EC2-427D-A06F-681A58075925" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ar9380:-:*:*:*:*:*:*:*", - "matchCriteriaId": "73286FFB-C267-46B7-8FEF-C96534656AF9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:csr8811_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D4CAA848-413D-4C63-823B-BFCE95C7740C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:csr8811:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1AA32CC0-DE30-4B15-8EC6-1FAF14C5C4E2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:csra6620_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FA42F2EA-5D00-42B8-B020-C27675B72915" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:csra6620:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BFCF207D-B8C8-4860-89C7-673C821F0237" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:csra6640_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A8A35ECF-B12E-42DE-A74B-2C3BE03639A4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:csra6640:-:*:*:*:*:*:*:*", - "matchCriteriaId": "65B283D6-B2D2-49B6-98A8-08EDB54C1F15" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:csrb31024_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1EBF42F8-50BA-4172-A3A0-7FD1BA4B3ED3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:csrb31024:-:*:*:*:*:*:*:*", - "matchCriteriaId": "770F3924-BE27-4BDE-B922-680B3C9753EB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:fastconnect_6200_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CDE1CBDE-3D28-463C-B215-AA7DF373EF09" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:fastconnect_6200:-:*:*:*:*:*:*:*", - "matchCriteriaId": "66BD3B88-7CF9-482D-A2DD-67F6ACF4CC57" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:fastconnect_6700_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "82B82E87-F3F4-466F-A76B-C8809121FF6F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:fastconnect_6700:-:*:*:*:*:*:*:*", - "matchCriteriaId": "419A132E-E42C-4395-B74B-788A39DF1D13" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:fastconnect_6800_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D89F035A-2388-48FC-AEBB-8429C6880F4A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:fastconnect_6800:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CA13EF4E-AAE6-45F4-9E41-78310E37CE81" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E670F500-9B71-4BBE-B5DA-221D35803C89" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:fastconnect_6900:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9ADEB5C5-B79A-4F45-B7D3-75945B38DB6C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:home_hub_100_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4EFFEA50-D8F0-49DB-AF22-EBC2DA8C634D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:home_hub_100:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D57A69BF-7FBF-4519-94DA-A2C1766B48EC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:immersive_home_214_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8C7CEC6E-D316-4A89-BB58-003C2E3369FD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:immersive_home_214:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA5A801F-F95E-4E6F-AE6A-9F3D112FA69C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:immersive_home_216_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "779827C5-93CF-45BE-827C-F8B4443AE302" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:immersive_home_216:-:*:*:*:*:*:*:*", - "matchCriteriaId": "30EB0454-57C1-4054-BB62-ADC31817D254" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:immersive_home_316_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C7FCC903-A4B0-4462-9D1D-9B7B767D4607" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:immersive_home_316:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E1725FFF-665F-4569-996C-31A0BB094D4F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:immersive_home_318_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "87655E53-09B3-4BC0-8BB4-1E4F0FFAE15F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:immersive_home_318:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BA1B1C6F-9195-4B94-9AAB-7E3EA6275F62" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq4018_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1D65E62B-95CA-4229-A61B-F4FB70466B6E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq4018:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1339CEEF-34C9-426E-864B-6C7B68E72CAA" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq4019_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "94CB547F-0078-47CD-B511-06DE96882D5A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq4019:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA679375-BB14-4B24-8AD9-B2BFBACE2FDB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq4028_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3525CD2A-CE43-4B42-B8C2-9B19B2551214" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq4028:-:*:*:*:*:*:*:*", - "matchCriteriaId": "010DBDB1-F1A3-4805-BDD2-84CBFA0A0BE1" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq4029_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3D21F293-B9C7-46CB-8D83-BEE27E899BC3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq4029:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C4BA4D00-D7B2-4152-BD82-E6F572655AF3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq5010_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8543C671-054B-489F-ACFE-B7D7BEC1DEE6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq5010:-:*:*:*:*:*:*:*", - "matchCriteriaId": "15C5F8CB-3291-4E13-94F0-680FC85A9669" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq5028_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5AE3085F-59BE-46A0-9A96-65CFAB7DFEAE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq5028:-:*:*:*:*:*:*:*", - "matchCriteriaId": "825524E0-BB01-4CAD-9F65-95E096467D28" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq6000_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA7A5C46-48BF-42A9-A477-A660C6D7B437" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq6000:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EDB79382-19D6-4A67-9013-7099A9C58829" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq6010_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A5CF970F-17AE-4C59-89A5-5B41A41E1DE0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq6010:-:*:*:*:*:*:*:*", - "matchCriteriaId": "71C54A70-AAA8-4B5E-AC1B-471A5C7E79B0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq6018_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B04589FF-F299-4EF6-A57B-1AD145372DBB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq6018:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FDC1ADAD-DA77-47EF-8DB9-C36961C560C2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq6028_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "06126F30-D081-4A11-92FB-4074A451FAF9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq6028:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E2550040-CCC7-4B52-8D3E-7948B3E3C62B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8064_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7A1CC1C1-F2CA-4C43-B9E9-1288C3496C7B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8064:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AC82552A-9E7C-4A13-B7A5-43CEA218675C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8065_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9F37542D-35FD-4B15-8882-DD7543FF4E3D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8065:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1A7A9919-4B34-4960-ADC7-04A176579B80" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8068_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A3CB8796-7976-4077-BFF3-04DAEF5C8DDF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8068:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E848E5C5-F6C6-4FA1-93A6-C7737D69BB15" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8069_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C818E621-4286-485B-96E3-AB485F16BD8D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8069:-:*:*:*:*:*:*:*", - "matchCriteriaId": "87CFC07B-1F10-4AC8-85D8-5BE76FE35FB3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8070_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C670A4C5-1F17-4F1E-91DC-A33A9BA8878A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8070:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ACC9F136-90A7-486F-AF2A-EC60125E5AF8" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8070a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "711FC14F-4DED-4F90-9BA5-0036537E6DCF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8070a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "302F06C0-4835-4CD6-B745-BF7B704C3C86" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8071_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA6FF982-7B4C-40F8-8A79-49CD234930DF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8071:-:*:*:*:*:*:*:*", - "matchCriteriaId": "77052755-6A86-4ED7-B45C-32F884D27C64" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8071a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "623ED6A2-EE37-458E-BEFA-8BAD08256AE8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8071a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "53449B68-4C58-4AEB-82B7-72726ADE0E2C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8072_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "83357A1C-633B-4814-ABB5-A8AC2AC12990" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8072:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8C4A7555-7224-403A-9B7D-23D1622623B7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8072a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "93E5DB9B-F388-49F3-ABD5-CE773FC4B045" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8072a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0137E60A-1869-479C-9B4B-378E5FCCBA1D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8074_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2914BF98-E69C-4C8D-8B10-759642ADD7B4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8074:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2118C404-402F-463C-8160-3CC3B703DF30" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8074a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5C7691C2-C4F8-4F23-9B5F-5E8FE0E2293E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8074a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "02BF2E50-E2A4-44FF-9748-ED96C0C1AB5F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8076_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "966392A8-DD8E-4AA1-B407-5BF2D937139E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8076:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A211C022-8EDF-4B76-89D6-599812900446" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8076a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EF245F8E-C056-4BEF-982E-9616F8C65CD6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8076a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CE302EF9-165F-47F9-B0D6-BE1E3D8C6C65" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8078_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A24951FD-C4AB-4988-A1DD-019412430AC6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8078:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EFEC5D65-C1E3-40ED-9FE3-8DF888CA2654" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8078a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DF609C6C-CD50-423A-A75E-83C730296089" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8078a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B8B35C18-9A01-41E1-8CE9-D8FA7E4A25ED" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8173_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8890C528-C2A3-4148-A397-85B63FB920C4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8173:-:*:*:*:*:*:*:*", - "matchCriteriaId": "81494D75-1D4D-4DC5-AF67-F83FD562DBB9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8174_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6BB84228-3083-4048-8E83-E1F30B537223" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8174:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EB58F259-62BA-40B9-BD71-960F25D20BED" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:mdm8215_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DF497A07-F1EA-4A4F-A02F-CE22B148ED5A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:mdm8215:-:*:*:*:*:*:*:*", - "matchCriteriaId": "53F4B19E-78D9-4721-BF1E-C0330888EE75" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:mdm9215_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6C5FE07E-B7E2-4201-8D8C-322B7A3CD12E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:mdm9215:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BF064C7D-4BB8-419E-A9A2-DD75CD31FE62" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:mdm9250_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BA44E1D7-C4B5-4A1C-8D89-C080856104EE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:mdm9250:-:*:*:*:*:*:*:*", - "matchCriteriaId": "268F94E5-15A2-4BCA-BE1B-0B6A7179B9C9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:mdm9310_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A56C8CC4-304F-494A-B794-F7ED242F7773" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:mdm9310:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AF11BFFD-C16A-4999-9497-6D89B8F9A9D3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:mdm9615_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "71E28EA6-0683-4755-8ABB-7F37DA810E4F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:mdm9615:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D4DF4D4E-CDAA-42BB-802E-2722E7F3DBC2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:mdm9628_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ADC6FBEE-D2FA-4660-A078-D6CE2097653D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:mdm9628:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F6BD8A1C-D9AB-4BE7-A855-31E58631879C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:mdm9640_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7FD1C359-C79B-4CE8-A192-5AA34D0BF05B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:mdm9640:-:*:*:*:*:*:*:*", - "matchCriteriaId": "716B747E-672C-4B95-9D8E-1262338E67EA" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:mdm9645_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "65E5C59A-ABCF-4F62-8C6D-ECDACDAA83C9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:mdm9645:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1F8F856B-70D7-4A1A-8257-90AAAE62CD6F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:mdm9650_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "35B7E25E-FA92-4C36-883C-CFF36F4B3507" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:mdm9650:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ECD99C6F-2444-4A5E-A517-0C8023DDF23D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:msm8996au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8CA1E7B0-782B-4757-B118-802943798984" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:msm8996au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "95CB08EC-AE12-4A54-AA3C-998F01FC8763" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca0000_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CC941093-1A7C-47B2-AB3B-05AE4AE2FBE4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca0000:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7A2AA834-C17C-4E0E-A510-795818041E47" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca1023_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1463FF90-D687-40C2-A82D-EEAAF65BB959" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca1023:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DCA53E77-4B7F-4416-9418-7028C26A94C4" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca1990_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D00F3FE8-83F3-46E4-9DD9-8A716E24C226" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca1990:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9136B88F-3C3D-471F-8589-CA0BA4473B4F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca4004_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DFB39496-8699-4DAF-BD7B-AE69260B20CB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca4004:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E9CFBC24-5F15-40DE-806E-62C1EE808992" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca4010_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "04F1CE4C-CAF8-4AB9-B44D-ADC2F2E7CF4C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca4010:-:*:*:*:*:*:*:*", - "matchCriteriaId": "30C10881-C26D-452D-A2D1-8617C2709D60" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca4012_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "718EC520-2DFA-4787-AF4E-C7E67B3F0C20" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca4012:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1A299D61-FA12-4CF6-B681-F58F16A879CB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca4024_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C359D1E7-6E0A-41B5-ABE5-B55598960700" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca4024:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B4DC3CE7-0C4A-458B-A42E-8F80C062DD5F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca4531_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7A13DB5D-38AC-4E50-A279-130AF24256E0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca4531:-:*:*:*:*:*:*:*", - "matchCriteriaId": "90A67611-CA55-4039-B4B5-AB87CD6CEA17" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6174_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D0814A50-D8E6-42BD-A0A3-0768A3E28F53" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6174:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D2AD8F5C-1FEB-45C2-BC8F-123C2BEB0EA5" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6174a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4FF653D0-15CF-4A10-8D8E-BE56F4DAB890" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6174a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C31FA74C-6659-4457-BC32-257624F43C66" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6175a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "08811FE5-AEF1-4D3C-8916-DABB7969BA93" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6175a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F8A94CD9-E084-4772-B173-91B6A0F46291" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6310_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "62DC4FBB-D9CB-43EB-829E-0A892306D0E2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6310:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5B0F8ED6-EAE7-44EA-A8C6-F5AD408261F0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6320_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "886CF046-E1D9-4FD4-AC02-EAB61C3F70FD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6320:-:*:*:*:*:*:*:*", - "matchCriteriaId": "059486E9-3F99-4C65-A763-470564EDAF2C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6335_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "966CDA56-809F-4FF4-909D-0DD92F44CF67" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6335:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C90747B4-2CC0-4816-A994-58E00F5ADA05" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6391_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "83B53119-1B2F-4978-B7F5-33B84BE73B68" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6391:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6FEBC0C5-CAA1-475C-96C2-B8D24B2E4536" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6420_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7E16994A-6DBA-426C-ADD2-B1E8B49FEDBF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6420:-:*:*:*:*:*:*:*", - "matchCriteriaId": "47E674DE-55AB-44E5-8E00-C804FC9D4DC0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6428_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8B9382B5-AEB1-41E6-9F25-B0EDC95363C9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6428:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BDFC0DFF-F13A-4804-890C-99AFA0C56D62" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6430_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "95AFC483-1468-43FC-96FA-A56165C290E0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6430:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0A963FDF-6FF4-4F48-834E-2A14D241716D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6438_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F8D7658D-692D-4873-8D41-7682E9ECAEB3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6438:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DB8993C2-1E06-4ACF-B1E8-A62D89EBF4A0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6554a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0B1397F3-8CCF-4BBA-9F0F-A12E4F045754" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6554a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F5888224-567D-4C84-BE6D-17B636BF506C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6564_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "00FE294D-4BE0-4436-9273-507E760884EC" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6564:-:*:*:*:*:*:*:*", - "matchCriteriaId": "424CB795-58E5-43A4-A2EC-C563D93C5E72" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6564a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "886124F6-B397-4EB6-8E01-6012E468ABE9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6564a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "93ED74CE-6BF2-4983-8780-07D5336745B3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6564au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B59672A0-2FA6-46CC-B75A-C599B842AFB9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6564au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3847F4A5-90A5-4C84-B43F-0DDD81BD79CE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6574_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9B828AC8-4A01-4537-B2BD-8180C99F5C32" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6574:-:*:*:*:*:*:*:*", - "matchCriteriaId": "66C16E1E-9D4A-4F20-B697-833FDCCA86FB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6574a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "828CFB37-76A6-4927-9D00-AF9A1C432DD6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6574a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "11405993-5903-4716-B452-370281034B42" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6574au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D527E2B1-2A46-4FBA-9F7A-F5543677C8FB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6574au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8374DDB3-D484-4141-AE0C-42333D2721F6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6584_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "95CFB656-804A-453C-A39B-1B08C0A16BB9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6584:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7F0C9ED5-27E3-48EC-9A05-862715EE2034" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6584au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C3DDA896-576C-44B8-85B6-F71F473F776B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6584au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "51A87BDA-5B24-4212-BAB3-D2BBB2F4162E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6595_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "643EC76D-2836-48E6-81DA-78C4883C33CA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6595:-:*:*:*:*:*:*:*", - "matchCriteriaId": "477F6529-4CE1-44FC-B6EE-D24D44C71AE7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6595au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "288F637F-22F8-47CF-B67F-C798A730A1BD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6595au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D0996EA3-1C92-4933-BE34-9CF625E59FE7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6694_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "564DEF62-F4F2-434D-8F82-2C91881E50C9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6694:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ADD919B8-209D-4FA2-83AE-172EAA8BF5FB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6696_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0AE207DB-9770-40ED-961D-FDA75965826F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6696:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0E23922D-C37F-476F-A623-4C1458A9156F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6698aq_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5FA1F8F4-EAF2-4704-A8A6-19AD3CA1B577" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6698aq:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B3F7853D-09EE-476F-B48D-BB30AEB4A67D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca7500_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9D4F8296-D8D0-42C6-AAD2-24DA0DB403D4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca7500:-:*:*:*:*:*:*:*", - "matchCriteriaId": "14EC7373-E5F3-4D2B-B727-CAEE772B74BB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca7520_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AC1E2E17-2A9C-4A53-A3AB-719367670DC5" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca7520:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AEAB907B-E683-4002-A2D0-5ADF13456514" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca7550_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F53C35F5-BD5F-4B4B-87EF-08CF137D3165" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca7550:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4AA0D5E0-9F4E-48DD-8ACE-94A77ABD46FE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8075_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CC8A5A87-7D62-4EB7-962A-0F160DE3E889" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8075:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7B68D126-7F49-4FFA-8AF8-78120973D78E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8081_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1D1C53DC-D2F3-4C92-9725-9A85340AF026" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8081:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ED0585FF-E390-46E8-8701-70964A4057BB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9367_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2AD0E09B-92EC-4974-BC5F-66C3AAF586B1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9367:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3FBA48AB-85F4-4D6C-B811-87756B80FFB8" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9377_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C4D2B46E-3996-42FD-B932-09E92C02EC8A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9377:-:*:*:*:*:*:*:*", - "matchCriteriaId": "98E58C63-F253-4DCC-8A14-48FEB64B4C3D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9379_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "25565FDA-651D-4A05-8B1E-2188B6921253" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9379:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B8D49750-BBEA-4A3D-9898-28B7A50A7F42" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9531_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E71452E6-551F-4E93-9951-2582C60BDFCE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9531:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6D69FB0E-FDFF-42B8-ADAD-797B7C91E979" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9558_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A2A974EE-8003-4482-BC09-F7C24AB20267" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9558:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C6F2B1C1-8267-43EA-B3FA-314A588F4A6A" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9561_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8256ECFF-0CC0-4EB4-9B6D-BAA697CC739B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9561:-:*:*:*:*:*:*:*", - "matchCriteriaId": "66B8E884-7D65-4EF9-BB56-FD8EDD7075F0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9563_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D5DCC558-4298-4D86-BC40-45B03DC9C823" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9563:-:*:*:*:*:*:*:*", - "matchCriteriaId": "979B7BE3-AB01-4CE7-BF10-E78A459B7D08" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9880_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7F81D132-B2DD-4D09-8561-21A2CFBCC9FA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9880:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F099A893-232B-48FB-81B3-F01AF2A19426" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9882_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0EF5BF57-BA27-4845-956D-39ED5FBADE6A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9882:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8BFE4A19-B8BD-44F8-8AF0-689E497A271B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9886_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "311229F9-4A32-462D-AE8D-E5E2B2C416CE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9886:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5A523C3F-FB62-4728-8173-4C117C28AC5A" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9887_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "35BE591A-1EAE-4067-810E-D4A37F6187C4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9887:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2190E138-0C63-49F7-815B-1B7E6C2C4C67" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9888_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EF227702-EEFC-43CC-AC80-81EA6E4927E0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9888:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AE5DFEA5-EA29-40B6-83DB-883B276E8245" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9889_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "728CCD27-ED06-49FD-AECD-9B0856813EDF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9889:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1D181868-AE93-4116-B45F-81D94F537227" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9896_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8CF20788-8BD1-449B-9F2C-1DB7ECB34716" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9896:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B9B35C6E-8800-4E32-8D60-28173DDCDF72" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9898_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "49882EDE-598D-40B2-8A65-D258241E669F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9898:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F1572D87-4EC2-4B95-826A-B03FDD4985AE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9980_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DCBC53AC-E040-40E0-B09B-4117E641C9D4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9980:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7AE49086-E95B-4852-8A09-16A83DD63EC9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9982_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "32B9AE1B-0E97-4A38-B33D-6EB9DC67B158" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9982:-:*:*:*:*:*:*:*", - "matchCriteriaId": "684FC997-B2E2-4DF3-85ED-A8F8C986FD2B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9984_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "93BA2DC9-5B4F-4F8F-8B3D-8DA01043B9BD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9984:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8FA8880F-E513-4390-B839-C5D86E7A89EB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9985_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ED6C33CE-635A-415F-9F4E-70E2D86A06D3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9985:-:*:*:*:*:*:*:*", - "matchCriteriaId": "124FF4F3-0490-4CB8-8689-5F0FA6D9230F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9986_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "70DBC461-DFD7-419E-8241-B55913315D45" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9986:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4E9EC919-0F83-49F3-807B-CD4B27AAE741" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9987_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "77057B7D-E70A-4F74-A141-14B0DD798247" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9987:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E0B7DFC6-5D6A-4B73-B5F8-6C2073E0EBE0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9988_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C28EFD61-4B64-4431-984B-6452AB666F6A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9988:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FA53BCE6-C862-4024-8C7C-136AE6362A03" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9990_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "991D9592-D61E-4777-8B59-EB004F09998E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9990:-:*:*:*:*:*:*:*", - "matchCriteriaId": "37A829C8-5BA3-4B13-9033-30FCD5B78B70" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9992_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5D8FB66C-5616-4C3A-9CAE-7610519ACA1A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9992:-:*:*:*:*:*:*:*", - "matchCriteriaId": "408C8494-E7D8-4F99-9B04-7E84A31C799B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9994_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BD5B18AA-0699-4F21-9D3E-C45B071B4903" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9994:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DDC4C800-C9E3-4DB0-AE99-3F75D3660DEC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcm2290_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5AB1F0FA-25F3-4304-A3BC-5264E55CC092" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcm2290:-:*:*:*:*:*:*:*", - "matchCriteriaId": "214A053F-D80C-4AD9-B4F1-83384095A3F3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcm4290_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3C7FFB96-53E7-41A2-BC99-7ACD853214A8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcm4290:-:*:*:*:*:*:*:*", - "matchCriteriaId": "74EBA77E-69A5-4145-9BEC-CD39BA132309" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcm4325_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F2D8044B-D4E5-4174-A0FB-478F8434EE8F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcm4325:-:*:*:*:*:*:*:*", - "matchCriteriaId": "163FE96E-DF5B-4B67-8EDE-44A5B9A8492D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcm4490_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DA506489-4338-44DF-8F92-12E60AF0048C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcm4490:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A8718C37-A82A-4A08-A887-3F22B37601A9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcm6125_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AB226552-52D9-44F5-A170-35C44761A72B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcm6125:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FBB16DC4-CDC9-4936-9C6A-0ED8E1F6D056" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn3018_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7D7BE08E-3B98-40CD-97F8-F504AC05E4DF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn3018:-:*:*:*:*:*:*:*", - "matchCriteriaId": "04D25267-A4DC-40B7-9C56-93312C50E359" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5022_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "478B79F0-D257-41B2-965B-3E251A584D45" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5022:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8B6D2C9D-1BF9-4D78-90FB-B7633DD87E67" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5024_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "63965F19-033E-4755-B9CA-EF409EC339A3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5024:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CCA0E68F-6D5F-4C20-AABC-26CA6867D3D6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5052_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "85740DB4-3B08-48A4-ACAF-7BBB2612009A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5052:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8A0BD404-5EBA-4988-91B6-ECE8FCF4F041" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5064_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0405CBFB-AD0E-45F8-ADDA-60D2BF7486C0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5064:-:*:*:*:*:*:*:*", - "matchCriteriaId": "08F4DD2E-C887-424C-B931-CBB9B402726E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5122_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "290BFC8A-0D76-4BCD-B059-2DAFD368A10C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5122:-:*:*:*:*:*:*:*", - "matchCriteriaId": "936A308A-92B9-468C-9BC6-8FD71C7C2315" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5124_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2A9F76FF-96D3-4BCE-918D-B3B0ADA3E8E0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5124:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2908A543-EFE4-477D-9CF3-76534B2E6CF6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5152_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0EAE1EBF-AD14-4C07-99B5-2547A5196B20" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5152:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D4829FF9-C0BA-4E40-A01A-3EF179462029" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5154_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0ED3ED74-C2D0-4A84-A2F8-392818E5CD20" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5154:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4F1CA219-959D-481A-8622-69F1825832FB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5164_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5F6EAD64-D133-42C4-92ED-90C49938C0F1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5164:-:*:*:*:*:*:*:*", - "matchCriteriaId": "93E7ED58-C5A7-4F78-8233-750780CCAB16" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5501_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "11C220DD-E4BE-4D3E-9FED-3F3B6C4C3803" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5501:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7F01CAF9-EEFD-4FFA-A44D-7399C117BF6F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5502_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D33E62D2-931E-465C-BC8E-71FB36CF6E36" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5502:-:*:*:*:*:*:*:*", - "matchCriteriaId": "254F1AB0-C21A-41A6-9B9B-ED074A4C9EBD" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5550_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A0A436BB-212C-4419-A0C7-03C0E04BD582" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5550:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3AF4B33B-223D-45F5-8168-3D2232E11663" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6023_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "63FF89C5-3BBF-4A13-8A3B-F490C2FA1A95" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6023:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6784EC5F-2C26-49C5-9A03-6FD2056C04EF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6024_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A49DBE04-E2EA-4DA1-B774-A878A71524AC" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6024:-:*:*:*:*:*:*:*", - "matchCriteriaId": "69E98386-3BB2-4E8C-AD00-E05123608439" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6122_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1A988BD3-71D8-4F2B-9EC2-8E385B114114" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6122:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1E7049A3-9F35-465F-9B2E-96788E54EC63" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6132_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A59FBBDC-0495-422C-B25A-FFDF94D33C34" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6132:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F6E55C06-45EE-4144-8CBC-4D41DDE4D899" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn7605_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9C9D1966-30F0-414D-BE75-0A14B12A1457" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn7605:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CD28C87D-1D28-4C84-BFE4-56EE3BF2C6B0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn7606_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F466A5BD-1912-4811-9A93-81555F101D46" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn7606:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0F92914E-16F6-4A25-9FEF-FB7CB3377132" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9000_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5BCCFF8B-4857-439D-BD4A-EB35672F474B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9000:-:*:*:*:*:*:*:*", - "matchCriteriaId": "86896D55-89F5-440B-9082-916E486B65D9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9012_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "61F34DD2-9DC0-49E5-BC85-1543EA199477" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9012:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1A06879F-6FE9-448A-8186-8347D76F872B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9022_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "36A10EB2-E7A2-461F-836E-FC38B9428C98" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9022:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A457C1D6-A026-4B5F-9CB1-FA795785A515" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9024_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A64CDA49-19BF-413F-A0E0-2B9729E45E25" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9024:-:*:*:*:*:*:*:*", - "matchCriteriaId": "345CCD64-C09E-407D-AAA2-311C4CCFE24F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9070_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2C10CAAC-FD93-4116-9F0C-E983B3693FAF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9070:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9FEC2402-BA39-49BB-A34C-FF32ED44A158" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9072_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "809FD84D-11C5-4EE3-B830-62CF5F6CB1BC" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9072:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DFD77A52-D53C-424F-9E17-160B710469C3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9074_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "65303C2D-C6BF-47CB-8146-E240CB8BBE42" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9074:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A6B03022-497A-4F42-BB4D-5624EA7DF1B9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9100_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B31EEE9E-CDEC-4E88-B950-3413205E483E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9100:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3E1E341A-7DDD-47E5-BB5F-0666482B41C0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs2290_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "93CDB7BC-89F2-4482-B8E3-9DDBD918C851" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs2290:-:*:*:*:*:*:*:*", - "matchCriteriaId": "76E03AE9-2485-449B-BCFD-3E452BB01FC6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs410_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DC43BB27-0516-4750-A4C2-C45298441398" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs410:-:*:*:*:*:*:*:*", - "matchCriteriaId": "969585DE-93D6-4406-A632-D838ECD4D5AD" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs4290_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "06789CB9-E6FA-400D-90B6-C2DB6C8EF153" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs4290:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FFCB9F22-57F2-4327-95B9-B2342A02E45E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs4490_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3336CDD7-9E7B-4FFB-A5CE-594B19B63A6C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs4490:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1197E229-1E27-4CA3-A386-B77FAE5DFE1A" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs610_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E634F59C-6817-4898-A141-082044E66836" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs610:-:*:*:*:*:*:*:*", - "matchCriteriaId": "29762819-EC90-499C-A8C6-1423DE3FE6B9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs6125_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4468EA5D-87B0-4FEC-A3DB-617651B0D169" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs6125:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6DA2C3E1-E285-4CAD-9FA3-813C8EC436F6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qfe1922_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FB11E143-E871-42D7-8B8B-A0CB9D33EC63" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qfe1922:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B46CE16F-74E6-4B6C-9423-0634D54EC9AC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qfe1952_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0DD24EC7-16C3-4192-96A7-4F820C9531FC" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qfe1952:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9C3739CB-D4FE-4247-A32C-4641741DCF0C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qts110_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B2D4B026-2118-448D-A48D-36864DE715B8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qts110:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5ED10480-E005-452C-A03C-D669CE94ABE4" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:robotics_rb3_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "01264215-1B23-4406-B5A2-2C0A7B4E9937" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:robotics_rb3:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F67FE29B-D218-4B32-B881-79262BD6BFA1" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa4150p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0DC99C0C-8AE3-4918-B91D-2C26990FE931" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa4150p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A558A868-1B67-48D2-8A94-FDEA7126FAE7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa4155p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D8D28764-EF4F-4FB3-B936-B42397450EFD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa4155p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7964A762-467B-47D7-865F-30D48A0AE47C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6145p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C66671C1-AE1A-44BE-9DB2-0B09FF4417DB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6145p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "74AA3929-3F80-4D54-B13A-9B070D5C03BB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6150p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "054F77D6-FC66-4151-9005-DC7ECDB5C722" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6150p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8ED3F589-16D9-46A7-A539-C9862473EE0D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6155_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4C40544E-B040-491C-8DF3-50225E70B50C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6155:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A2DAC85C-CDC9-4784-A69A-147A2CE8A8B2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6155p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8DC40C14-3B2D-4E00-9E0F-86E6BDBF2D81" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6155p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0514D433-162C-4680-8912-721D19BE6201" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8145p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A71D74B0-0963-49FD-8E97-148C8993B263" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8145p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "910CBFA4-50F7-4C7A-B9B9-B88C8A919827" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8150p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "69C1B02F-8D2D-42E7-B70D-41F4D9844FD1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8150p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3FEACAA9-C061-4713-9A54-37D8BFC0B00B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8155_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F33EB594-B0D3-42F2-B1CA-B0E6C9D82C6B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8155:-:*:*:*:*:*:*:*", - "matchCriteriaId": "50EF47E5-2875-412F-815D-44804BB3A739" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8155p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C8648B38-2597-401A-8F53-D582FA911569" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8155p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A01CD59B-8F21-4CD6-8A1A-7B37547A8715" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8195p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "51BC0A66-493B-43BE-B51F-640BDF2FF32E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8195p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D8DA4D12-7ABF-4A04-B44E-E1D68C8E58AB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180x\\+sdx55_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C751ABFE-3B9B-472B-A10C-277270790D95" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180x\\+sdx55:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C819454D-D413-478A-B78D-CFF6994803A1" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd_455_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B3EF9964-D615-473E-A289-8A01D91D87AA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd_455:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9C177163-B6E6-42D8-8969-C2F9832C6701" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd_675_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3F900C8F-9763-441A-B97E-E5394A68A08A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd_675:-:*:*:*:*:*:*:*", - "matchCriteriaId": "589C1001-E9F6-41A6-BCC8-A94A3C97F2E6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd_8cx_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A71D1A7C-537F-458B-BA56-A11F95E36EA9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd_8cx:-:*:*:*:*:*:*:*", - "matchCriteriaId": "716DEC4D-D854-44CD-8A14-AA5AFD96809E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd460_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "52036768-810C-40C2-9213-8397A4073703" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd460:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BE8AB22C-54EA-4D61-B6F9-7BC45820D29E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd660_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3991C516-4FBE-43D8-835F-413FE45BF73E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd660:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D9CF5EBB-B25A-4A76-B522-951F108263CC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd662_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C7BE7001-5539-4C5E-A064-6E62023803AE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd662:-:*:*:*:*:*:*:*", - "matchCriteriaId": "06661DAC-5D22-433E-B5EC-486931E265B4" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd670_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5B8DA94C-23A0-4C99-9F05-144B9B5224B3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd670:-:*:*:*:*:*:*:*", - "matchCriteriaId": "39E10E22-E7CC-41D6-80F3-030083F45645" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd675_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1497D052-884E-496B-BEF8-6904A25125ED" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd675:-:*:*:*:*:*:*:*", - "matchCriteriaId": "589F4888-28F6-4ECA-860E-8054C2A8C419" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd730_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EC4DA7EA-DB81-4C71-A875-2612D8D7D726" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd730:-:*:*:*:*:*:*:*", - "matchCriteriaId": "48F26F64-98D4-420A-8918-E5E56ABA1D47" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd820_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BC508C49-0B76-43A8-B2AF-0F8EB989E238" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd820:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E9665200-D306-4EEB-9F42-6C5963524179" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd821_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4A54F4A3-19E3-4825-98C7-DA632D692A06" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd821:-:*:*:*:*:*:*:*", - "matchCriteriaId": "028CD81A-0D9D-40B0-9E2F-DC8689607B24" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd835_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9DA605FD-B801-43BB-B52D-879013F7F57E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd835:-:*:*:*:*:*:*:*", - "matchCriteriaId": "908BFD96-0423-4AFC-B8F3-105B2D5B4C73" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd855_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "42B30014-95AB-4F24-A7A5-60A907502609" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd855:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F562ED3D-CBE3-4DCC-BFBB-DE0AD2425A9C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sdx20m_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4079EC4E-ACCF-4BC4-BC3F-D7951C4B6496" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sdx20m:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5765D9F4-4090-4470-A90A-7E72A50881AF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sdx55_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E93FB34B-3674-404D-9687-E092E9A246AB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sdx55:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F3FF5A9A-A34A-499C-B6E0-D67B496C5454" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sg4150p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9279F02F-6C30-4891-8941-97003DE9C8C7" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sg4150p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FFA7BB42-305C-451F-92D8-0718DF68A012" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm4125_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E2B93301-AFE8-409B-A8C8-6754BE5A0C14" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm4125:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B185412C-177F-48E2-87F9-1269E0FB8E31" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm4450_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8F57DB5E-863C-4CA1-B7C0-DD8FCA50F835" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm4450:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6E3F3930-3C47-4A0D-ADC2-2641AE1CC02C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm6250_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FACA2BF1-85D3-447F-A08D-B90330A22550" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm6250:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C2ABA18D-82C1-4366-B1D7-DED42DD3D5C5" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm6250p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E3FB2972-94B6-4716-BA96-4B452BA3990F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm6250p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "57F4F872-094E-4E27-BB89-D8251FAFB713" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm7250p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "76DB5472-DF51-4144-8A69-9B231CF782DA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm7250p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1D395018-251C-45AA-9EE8-A638CAB0B508" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:smart_audio_200_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AB60C259-9FA1-41E0-BE4C-8D073A202E77" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:smart_audio_200:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5805AC43-57A8-4E29-B09C-E9FFA96C76B0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:smart_audio_400_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BF7A6EE4-D951-480F-8F68-D49983C911D6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:smart_audio_400:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6FD155BC-1157-4DEA-940A-FB8BD117D4C6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_4_gen_1_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C57BEA9E-2DAD-47E5-9777-DF835C83FC89" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_4_gen_1:-:*:*:*:*:*:*:*", - "matchCriteriaId": "67E8D5A1-0C4F-4ADE-902E-1768F9C84EDA" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_460_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E4DA61D9-00F0-44AE-9821-41C730D85CA9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_460:-:*:*:*:*:*:*:*", - "matchCriteriaId": "312DFB2A-E115-487A-AABE-BBAC057AFA73" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_480_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "04DAFFC1-9038-4CEB-B181-C555BC0A3CF7" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_480_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "70A8B62B-DA3A-416E-96D8-4E5AAD197631" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_480\\+_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8BE024DC-38BD-4AD5-8505-C3218C5FCF06" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_480\\+_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A5F6C78C-33F5-40D8-9D2C-52D0FEC6DCA8" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_630_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B2E368C7-0696-466E-9FAC-0C9A58275787" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_630:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7FBF4F78-DCD9-4554-85F2-540979546ED7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_636_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F32168D9-3A1C-40FD-BD46-941D5A1F02EE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_636:-:*:*:*:*:*:*:*", - "matchCriteriaId": "20F4EB92-9FD7-4FD9-9FDE-A48D7AF83510" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_652_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4F5097FB-0487-4A4F-B99E-E52CFD9906D4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_652:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F7578B00-89BA-48FF-978B-6F89569CACA3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_660_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FF33DF89-CD83-4003-B3E2-F399A61B71AF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_660:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7D84D667-1939-4891-87E3-F8A77433252E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_662_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ECA86357-66BD-4356-87DF-5AF445BC8DF9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_662:-:*:*:*:*:*:*:*", - "matchCriteriaId": "88C87768-9D47-4C92-BF01-743F572C3F10" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_665_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "92B6A9E9-F392-4F44-AC5D-00331C10F038" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_665:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F4971876-4B11-4A7A-A461-424846F7DDC1" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_670_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6D675A8D-0FB3-4B2F-9D60-0DBB521820D5" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_670:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C1E4FC24-7BB8-4E16-8ADA-C54FE94C2CE7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_675_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EC6976CA-9019-4B8A-84B1-58F73A0E2673" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_675:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B11CD214-B46D-43A9-A170-CBC40BFED199" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_678_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "63FDD354-0044-4BD2-B1B9-B89BE040070D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_678:-:*:*:*:*:*:*:*", - "matchCriteriaId": "52CFA50A-F846-4C91-83ED-B52B8B5C9781" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_680_4g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A7C981FE-CD14-4DA0-86FE-94C34B490A36" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_680_4g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CC7A9678-01AD-4CCE-BD3E-DD0FDD7E246A" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_685_4g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CD0989BA-DEBC-4B45-AC3A-F2033C17B93A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_685_4g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5CF03844-5ECE-4738-9DD3-E7F690679A06" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_690_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1DCF8439-B259-43FE-B797-57C2D62A35E5" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_690_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F97A345D-4024-4C48-A7C5-BF2F13D3B2BE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_695_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "624349A3-DAD6-4C93-A694-AB4CDC0F00EC" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_695_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3E265840-94AC-4462-853D-29098B2CD746" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_710_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9937F60D-3325-41F8-8F7D-99C1A07016F9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_710:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A7E3CAB2-09FB-459E-8219-66283C59B6CF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_712_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A4265281-9F77-48CC-80D8-4BE3743C10B2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_712:-:*:*:*:*:*:*:*", - "matchCriteriaId": "263C29D6-25C1-4B30-AD96-AF9AEC5B7745" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_720g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0EDCFF2B-1713-46E2-AA4A-419FB63ED8A0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_720g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5E87C169-AC6C-41FB-878C-748517AB40BF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_730_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5CB628D4-566E-454D-B2B9-04A5533C6737" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_730:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E726FE28-3CEB-48DC-8C4E-7DB56D9567C0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_730g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B7A5B684-09BB-4DD0-9F16-D3761EA37D34" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_730g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E6A01340-72E8-4811-A24A-D359C8B63611" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_732g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B8C1A76A-AD97-4A08-B45A-F9994D5455DE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_732g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6E07087B-C0E3-431E-A03A-0255B3EC73A3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_750g_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A1DF0CA5-9874-4C25-8357-7E5D9AABACD1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_750g_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C4D5549F-053A-4EF0-BB43-CAD84E0BBF98" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_765_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5D8D5607-F0BC-46C9-A94F-1D28EE5A3F0E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_765_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "17D19361-1C7D-44F2-B007-36097947B352" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_765g_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9F4659B0-547B-4492-9338-90B45B0462FC" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_765g_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B52D8884-D1E4-45F7-86F6-D882DF099611" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_768g_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CE9D188A-2029-431E-A225-302C7795B891" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_768g_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E0D216C8-92CF-4C54-8D44-5E1BBAB76C92" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_7c_compute_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9B80BE46-13C8-4AA5-8C39-865603713F8B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_7c_compute:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5489E441-7C58-4B0F-B878-9060ABE05D9E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_7c_gen_2_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "38BAAAA9-4133-47FB-BA30-33DA4B3390B9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_7c_gen_2:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4FE39066-D0E2-4E7A-AF00-D588FCE47472" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_808_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0B75598E-04F0-4D7F-8C95-38F0442FB62A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_808:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D173FDC9-3BAD-42DC-968C-2940992D7C95" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_810_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FC590CEC-44EC-48C1-BA00-75A93543FDFA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_810:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BF175DC4-CB3C-4953-845C-04929DFDA174" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_820_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "87D8DD02-AAAB-4EAE-BB23-C8DA64A2ADF4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_820:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4034D942-52BC-4DEB-93CD-AF7CDC30C5C5" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_820_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "87D8DD02-AAAB-4EAE-BB23-C8DA64A2ADF4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_820:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4034D942-52BC-4DEB-93CD-AF7CDC30C5C5" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_821_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2FAB51A7-FDFB-4B5F-960D-5442F2CCC56F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_821:-:*:*:*:*:*:*:*", - "matchCriteriaId": "15C56BAC-2AB2-4586-B677-20620CE52CDE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_835_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D712ED25-1364-40C4-94F8-DC18D1DDCC66" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_835:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4FE45292-C833-4461-97CE-6A039A29901D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_845_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3C36C7F9-2C63-46A0-A8B7-AB6225229255" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_845:-:*:*:*:*:*:*:*", - "matchCriteriaId": "96F9FBC6-940E-41CF-B524-63EAF8642C1F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_850_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FA1D0BD4-DF9A-41DC-8A96-E021F0A72102" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_850:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A8504D30-86B4-4613-82FF-9BE57F0BA5A0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_855_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B5501670-56E2-48B6-ACFC-67F908D5ECCA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_855:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C3AB9254-8202-411C-9700-C2739D9C317C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_855\\+_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "06165461-2AA0-4306-8F72-C8F6A9D5113A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_855\\+:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D95A0D7F-8A18-46A1-B420-2DF65E03B60C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_860_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "47D193F3-8369-4253-B46A-07DC2D4CC19D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_860:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DCAFB57B-87C0-45EA-9F8D-1818AF187D35" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180x-ad_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2802A422-CCEA-4634-B164-09AC35C00C2F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180x-ad:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8AB65F7E-6921-44AA-8B2C-C4814BD51A7F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180xp-ad_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E7EB4CA4-CEAF-4D8C-AE28-5373CC5E46D7" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180xp-ad:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9B12A03C-20D1-452A-99E6-BA94C02BA982" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180x-aa_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "89811F0E-0226-4657-B0E0-5C03FAAEE0AF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180x-aa:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FD6A5576-6766-4E65-A8C1-7215DC0EC128" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180x-ab_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "797F1912-4F43-4CA6-83DA-620C4623CB94" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180x-ab:-:*:*:*:*:*:*:*", - "matchCriteriaId": "419CEB14-21A1-4B9B-A2E7-C5F76FED07D8" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180xp-ac_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "61C77656-153F-4DA8-9C7C-BCAAFD25E0A7" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180xp-ac:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0DFDC9D5-81AB-4B4E-AB78-691B8A389C86" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180xp-af_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3B7DFFD6-92C7-4042-BD8F-D3E6FDB7958C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180xp-af:-:*:*:*:*:*:*:*", - "matchCriteriaId": "007B494C-4AAD-4E74-BD16-C62A643BC241" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180x-ac_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EEC4BF9B-2B98-44FF-9B81-25C10AB71E24" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180x-ac:-:*:*:*:*:*:*:*", - "matchCriteriaId": "02C5409B-4D98-4F3D-9902-41A5394342C9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180x-af_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1B66319C-184B-4417-85D6-4F8AB51B578E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180x-af:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F7C8DA78-9E96-4140-961F-B2BD80ACCE54" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180xp-aa_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "53AE3110-9F78-45E8-BAD9-2C63ACD7489B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180xp-aa:-:*:*:*:*:*:*:*", - "matchCriteriaId": "819D5879-EE22-4E6B-B401-D02F7FC68679" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180xp-ab_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6EBD06A6-7156-4363-AECB-6CA872008B54" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180xp-ab:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FFEBF216-405D-462B-9345-3146315F6744" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_auto_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "901F9968-53C6-4A19-87C8-5FC90A74DF30" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_auto_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E57A7FD9-3849-4420-95BD-905C701E6213" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_w5\\+_gen_1_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "158F6ED7-FB30-47BF-BDAE-91BED7A58157" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_w5\\+_gen_1:-:*:*:*:*:*:*:*", - "matchCriteriaId": "89A06BE0-4F54-4591-836D-4D70D9976BBE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_wear_1300_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8571A7EB-7BF1-4613-8CCB-667995115FC0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_wear_1300:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2AE7E6EB-E3E7-45FB-AA7B-29937C21D116" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_x12_lte_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AD477FCB-4FDE-43AD-8CA9-E64D8C95F8E3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_x12_lte:-:*:*:*:*:*:*:*", - "matchCriteriaId": "19A717FE-A546-4AC9-973F-7CB4AB7F766E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_x20_lte_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D2E3E2AE-E933-4230-8E12-5FD378A33284" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_x20_lte:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E2AFFA75-3E6D-46FB-A5DC-27D1E0A3A8B7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_x24_lte_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "16777702-41D2-40FC-9DF5-611E69A68E7F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_x24_lte:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6C798979-4CF2-4D18-B785-4EA87563A45C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_x5_lte_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "03F7EED4-ACB6-4874-8849-D8B43373DC2A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_x5_lte:-:*:*:*:*:*:*:*", - "matchCriteriaId": "727E9B7F-99DE-4862-8BC6-5E72EA50EBB4" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_x50_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C9C56B06-3D58-4720-835F-103C404D109E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_x50_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "80CF44A8-24C9-4625-B538-93721C348438" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_x55_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "50081C21-0E3C-451C-B5D9-BFA6763FC92A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_x55_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F8D443BF-15A5-4984-972B-0BC5BEDC835B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_xr1_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ED623126-9BE8-441A-8F5D-397F588FFC48" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_xr1:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8A55B55F-D25A-455D-8CC2-415A677393F6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_auto_4g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BDDA8319-911D-4689-A28B-AD70EBB23BB2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_auto_4g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1E3EAFB7-3581-45F8-81F6-3EBFDD12D842" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sw5100_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA1BF9BB-AF11-46A7-A71C-F7D289E76E3F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sw5100:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7B8455D6-287D-4934-8E4D-F4127A9C0449" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sw5100p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DB599A9F-0305-4FE4-8623-0F86630FEDCB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sw5100p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EEB883BF-68B2-4C25-84DC-5DA953BFAA2F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sxr1120_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CF839E24-6542-4C5D-A1B7-FD3BA00683CB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sxr1120:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E9F12284-93E0-482D-9D35-EB38BA7D6C6D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:vision_intelligence_300_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C33CAF7D-F810-41D3-9BFE-C61E7758CE84" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:vision_intelligence_300:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3B4BAC93-2C2A-4A73-A652-CD6B2F608CDD" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:vision_intelligence_400_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A8E976A6-4785-4F88-9035-0F6F0509A642" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:vision_intelligence_400:-:*:*:*:*:*:*:*", - "matchCriteriaId": "16204302-0B17-4759-A4C8-E8B0301BBCAB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9306_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FC012AD0-BCEE-4B1E-9B15-5D77D78CEA01" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9306:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F51C69B9-F0AB-4BF5-A8C2-64FEB7075593" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9326_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3A2FAD34-B7C5-400A-8575-A12CDE65ACBE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9326:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5A39A2E5-6D8D-4F6E-98CB-96DB1975A4BC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9330_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "43A90019-4E96-40B5-9E4D-CCBDD51ACA34" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9330:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BC3D23FE-B3D5-4EC3-8268-98F12181966D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9335_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "28717583-463A-468A-8073-ECF0F90585F6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9335:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4D1A7188-7D5D-4D46-AEAB-08BA84FFF539" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9340_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8BA28CC6-C8BB-4F50-BFE3-A59F664A4F54" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9340:-:*:*:*:*:*:*:*", - "matchCriteriaId": "94D2BDF1-764C-48BA-8944-3275E8768078" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9341_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CE852339-1CAE-4983-9757-8F00EDEF1141" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9341:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4D9E96B3-F1BB-46F8-B715-7DF90180F1E1" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9360_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C4D6C6B2-36DC-4D0D-AFF8-2108A090A78D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9360:-:*:*:*:*:*:*:*", - "matchCriteriaId": "28FEB3B1-F641-436D-AC4F-3304C37167C4" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1295D869-F4DD-4766-B4AA-3513752F43B4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9370:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B98784DC-3143-4D38-AD28-DBBDCCAB4272" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9371_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2503805B-B2A6-4AEE-8AB1-2B8A040702BD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9371:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D3AD370C-2ED0-43CF-83D9-50DC92A01CA5" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9375_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "34143ABA-7D09-429F-A65C-3A33438BF62C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9375:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9D56DFE3-5EF1-4B23-BBD5-0203FBF9CCEC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "70292B01-617F-44AD-AF77-1AFC1450523D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FA94C6D6-85DB-4031-AAF4-C399019AE16D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "92B17201-8185-47F1-9720-5AB4ECD11B22" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E1FA2EB9-416F-4D69-8786-386CC73978AE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3610_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DAFD64E7-3F13-4DCA-8C46-6E8FE0C6F798" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3610:-:*:*:*:*:*:*:*", - "matchCriteriaId": "044A14FB-64F6-4200-AC85-8DC91C31BD16" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3615_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9590EF1F-E821-4525-943B-4A315ACAEFFC" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3615:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7A7D32B3-325E-4B1F-8649-3D0071396BBA" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3660b_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FB37B5DB-2493-4082-B2BF-60385B7E027C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3660b:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6BCD2FE2-11F2-4B2A-9BD7-EB26718139DA" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3680b_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0755F669-6D7E-454A-95DA-D60FA0696FD9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3680b:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BE861CE7-B530-4698-A9BC-43A159647BF2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3910_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9F0D7B24-D567-479A-B4F1-595FAA053418" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3910:-:*:*:*:*:*:*:*", - "matchCriteriaId": "33A8FAA1-F824-4561-9CCC-7F0DF12F740F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3950_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3FEF2DB6-00F5-4B07-953B-EF58B31267F1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3950:-:*:*:*:*:*:*:*", - "matchCriteriaId": "120E8F0F-EBEB-4565-9927-2D473F783EF7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9C6E9038-9B18-4958-BE1E-215901C9B4B2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3980:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B36D3274-F8D0-49C5-A6D5-95F5DC6D1950" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3988_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E4BFB25F-013B-48E3-99FF-3E8687F94423" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3988:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BF676C5B-838B-446C-A689-6A25AB8A87E2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3990_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2744A053-5BD9-45A9-A2FC-791BCA0CCD4C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3990:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D5F28E29-520F-469E-B048-62DE2EF07ADD" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3999_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DF49BC31-A332-4B9A-A826-F63116D7029F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3999:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6DD3C245-D5F8-4145-8CDF-F635D2C8F088" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "15307882-7039-43E9-9BA3-035045988B99" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA85B322-E593-4499-829A-CC6D70BAE884" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E839A0B9-64C3-4C7A-82B7-D2AAF65928F8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7E870D82-DE3B-4199-A730-C8FB545BAA98" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "11B69595-E488-4590-A150-CE5BE08B5E13" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BF680174-5FA6-47D9-8EAB-CC2A37A7BD42" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7ACAD26E-B79E-4659-91A5-D301281F7D36" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8832:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F0E46DA6-9494-4D92-A4AE-A272AF6ACCCC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F80BC68E-7476-4A40-9F48-53722FE9A5BF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6B36F4B2-BAA3-45AD-9967-0EB482C99708" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.qualcomm.com\/company\/product-security\/bulletins\/september-2023-bulletin", - "source": "product-security@qualcomm.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-28567", - "sourceIdentifier": "product-security@qualcomm.com", - "published": "2023-09-05T07:15:14.083", - "lastModified": "2024-04-12T17:17:08.633", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Memory corruption in WLAN HAL while handling command through WMI interfaces." - }, - { - "lang": "es", - "value": "Corrupción de memoria en WLAN HAL al manejar flujos de comandos a través de interfaces WMI." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - }, - { - "source": "product-security@qualcomm.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-787" - } - ] - }, - { - "source": "product-security@qualcomm.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-129" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:315_5g_iot_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "58DD55C5-DDF3-4C9E-9084-694543AEFB4E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:315_5g_iot:-:*:*:*:*:*:*:*", - "matchCriteriaId": "00E63554-F1C6-4241-B7B8-00C889ADB35E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:aqt1000_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EC6FCE91-BF38-49ED-8FFB-429BAFEE7832" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:aqt1000:-:*:*:*:*:*:*:*", - "matchCriteriaId": "715A9F94-5F9E-45E5-B07B-699410C01478" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ar8031_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FCE1ADA9-8042-4CDE-A2B9-E96665CB41BE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ar8031:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BB1DE046-DD70-4ACA-9DF4-59939DAC1889" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ar8035_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C88B9C86-2E8E-4DCE-A30C-02977CC00F00" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ar8035:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EE473A5A-5CFC-4F08-A173-30717F8BD0D7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ar9380_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B032F871-3EC2-427D-A06F-681A58075925" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ar9380:-:*:*:*:*:*:*:*", - "matchCriteriaId": "73286FFB-C267-46B7-8FEF-C96534656AF9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:csr8811_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D4CAA848-413D-4C63-823B-BFCE95C7740C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:csr8811:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1AA32CC0-DE30-4B15-8EC6-1FAF14C5C4E2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:csra6620_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FA42F2EA-5D00-42B8-B020-C27675B72915" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:csra6620:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BFCF207D-B8C8-4860-89C7-673C821F0237" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:csra6640_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A8A35ECF-B12E-42DE-A74B-2C3BE03639A4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:csra6640:-:*:*:*:*:*:*:*", - "matchCriteriaId": "65B283D6-B2D2-49B6-98A8-08EDB54C1F15" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:csrb31024_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1EBF42F8-50BA-4172-A3A0-7FD1BA4B3ED3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:csrb31024:-:*:*:*:*:*:*:*", - "matchCriteriaId": "770F3924-BE27-4BDE-B922-680B3C9753EB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:fastconnect_6200_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CDE1CBDE-3D28-463C-B215-AA7DF373EF09" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:fastconnect_6200:-:*:*:*:*:*:*:*", - "matchCriteriaId": "66BD3B88-7CF9-482D-A2DD-67F6ACF4CC57" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:fastconnect_6700_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "82B82E87-F3F4-466F-A76B-C8809121FF6F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:fastconnect_6700:-:*:*:*:*:*:*:*", - "matchCriteriaId": "419A132E-E42C-4395-B74B-788A39DF1D13" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:fastconnect_6800_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D89F035A-2388-48FC-AEBB-8429C6880F4A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:fastconnect_6800:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CA13EF4E-AAE6-45F4-9E41-78310E37CE81" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E670F500-9B71-4BBE-B5DA-221D35803C89" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:fastconnect_6900:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9ADEB5C5-B79A-4F45-B7D3-75945B38DB6C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B3053D68-C5D8-4D47-A4F0-9F3AF2289E1D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:fastconnect_7800:-:*:*:*:*:*:*:*", - "matchCriteriaId": "638DBC7F-456F-487D-BED2-2214DFF8BEE2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:flight_rb5_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AD5C60F1-5B7F-4AB0-9863-720A1972563E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:flight_rb5_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C43A4F08-1E8A-4CEF-8E61-4152ED78E600" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:immersive_home_214_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8C7CEC6E-D316-4A89-BB58-003C2E3369FD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:immersive_home_214:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA5A801F-F95E-4E6F-AE6A-9F3D112FA69C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:immersive_home_216_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "779827C5-93CF-45BE-827C-F8B4443AE302" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:immersive_home_216:-:*:*:*:*:*:*:*", - "matchCriteriaId": "30EB0454-57C1-4054-BB62-ADC31817D254" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:immersive_home_316_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C7FCC903-A4B0-4462-9D1D-9B7B767D4607" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:immersive_home_316:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E1725FFF-665F-4569-996C-31A0BB094D4F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:immersive_home_318_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "87655E53-09B3-4BC0-8BB4-1E4F0FFAE15F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:immersive_home_318:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BA1B1C6F-9195-4B94-9AAB-7E3EA6275F62" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq4018_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1D65E62B-95CA-4229-A61B-F4FB70466B6E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq4018:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1339CEEF-34C9-426E-864B-6C7B68E72CAA" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq4019_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "94CB547F-0078-47CD-B511-06DE96882D5A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq4019:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA679375-BB14-4B24-8AD9-B2BFBACE2FDB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq4028_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3525CD2A-CE43-4B42-B8C2-9B19B2551214" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq4028:-:*:*:*:*:*:*:*", - "matchCriteriaId": "010DBDB1-F1A3-4805-BDD2-84CBFA0A0BE1" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq4029_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3D21F293-B9C7-46CB-8D83-BEE27E899BC3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq4029:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C4BA4D00-D7B2-4152-BD82-E6F572655AF3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq5010_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8543C671-054B-489F-ACFE-B7D7BEC1DEE6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq5010:-:*:*:*:*:*:*:*", - "matchCriteriaId": "15C5F8CB-3291-4E13-94F0-680FC85A9669" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq5028_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5AE3085F-59BE-46A0-9A96-65CFAB7DFEAE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq5028:-:*:*:*:*:*:*:*", - "matchCriteriaId": "825524E0-BB01-4CAD-9F65-95E096467D28" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq6000_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA7A5C46-48BF-42A9-A477-A660C6D7B437" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq6000:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EDB79382-19D6-4A67-9013-7099A9C58829" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq6010_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A5CF970F-17AE-4C59-89A5-5B41A41E1DE0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq6010:-:*:*:*:*:*:*:*", - "matchCriteriaId": "71C54A70-AAA8-4B5E-AC1B-471A5C7E79B0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq6018_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B04589FF-F299-4EF6-A57B-1AD145372DBB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq6018:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FDC1ADAD-DA77-47EF-8DB9-C36961C560C2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq6028_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "06126F30-D081-4A11-92FB-4074A451FAF9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq6028:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E2550040-CCC7-4B52-8D3E-7948B3E3C62B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8064_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7A1CC1C1-F2CA-4C43-B9E9-1288C3496C7B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8064:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AC82552A-9E7C-4A13-B7A5-43CEA218675C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8065_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9F37542D-35FD-4B15-8882-DD7543FF4E3D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8065:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1A7A9919-4B34-4960-ADC7-04A176579B80" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8068_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A3CB8796-7976-4077-BFF3-04DAEF5C8DDF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8068:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E848E5C5-F6C6-4FA1-93A6-C7737D69BB15" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8070_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C670A4C5-1F17-4F1E-91DC-A33A9BA8878A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8070:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ACC9F136-90A7-486F-AF2A-EC60125E5AF8" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8070a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "711FC14F-4DED-4F90-9BA5-0036537E6DCF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8070a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "302F06C0-4835-4CD6-B745-BF7B704C3C86" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8071_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA6FF982-7B4C-40F8-8A79-49CD234930DF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8071:-:*:*:*:*:*:*:*", - "matchCriteriaId": "77052755-6A86-4ED7-B45C-32F884D27C64" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8071a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "623ED6A2-EE37-458E-BEFA-8BAD08256AE8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8071a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "53449B68-4C58-4AEB-82B7-72726ADE0E2C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8072_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "83357A1C-633B-4814-ABB5-A8AC2AC12990" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8072:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8C4A7555-7224-403A-9B7D-23D1622623B7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8072a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "93E5DB9B-F388-49F3-ABD5-CE773FC4B045" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8072a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0137E60A-1869-479C-9B4B-378E5FCCBA1D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8074_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2914BF98-E69C-4C8D-8B10-759642ADD7B4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8074:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2118C404-402F-463C-8160-3CC3B703DF30" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8074a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5C7691C2-C4F8-4F23-9B5F-5E8FE0E2293E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8074a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "02BF2E50-E2A4-44FF-9748-ED96C0C1AB5F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8076_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "966392A8-DD8E-4AA1-B407-5BF2D937139E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8076:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A211C022-8EDF-4B76-89D6-599812900446" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8076a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EF245F8E-C056-4BEF-982E-9616F8C65CD6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8076a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CE302EF9-165F-47F9-B0D6-BE1E3D8C6C65" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8078_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A24951FD-C4AB-4988-A1DD-019412430AC6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8078:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EFEC5D65-C1E3-40ED-9FE3-8DF888CA2654" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8078a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DF609C6C-CD50-423A-A75E-83C730296089" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8078a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B8B35C18-9A01-41E1-8CE9-D8FA7E4A25ED" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8173_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8890C528-C2A3-4148-A397-85B63FB920C4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8173:-:*:*:*:*:*:*:*", - "matchCriteriaId": "81494D75-1D4D-4DC5-AF67-F83FD562DBB9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8174_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6BB84228-3083-4048-8E83-E1F30B537223" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8174:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EB58F259-62BA-40B9-BD71-960F25D20BED" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq9008_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "78A6F4F3-0CE3-4A02-B615-63E76C93ADC4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq9008:-:*:*:*:*:*:*:*", - "matchCriteriaId": "31D07608-80F7-44AA-BE91-1F97FC1CE313" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq9574_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0327D8C9-DD6B-4831-BBD4-2EE57A351493" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq9574:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0C866E83-23ED-495C-AA5A-0B01973674BF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:pmp8074_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F9B58B4E-86B7-4EB2-B78A-5E35FBA4A4FF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:pmp8074:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0EF03806-39CD-4B54-BA5C-D1C808E46621" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qam8295p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C2D9E281-B382-41AC-84CB-5B1063E5AC51" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qam8295p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "44EBEBD5-98C3-493B-A108-FD4DE6FFBE97" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca1062_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7B3F80BD-90EA-4207-BCB2-5E5CE80B599A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca1062:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AEB9196D-4EE0-4978-8A80-C21B5DC0CF21" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca1064_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CBC2C38C-5D5F-49CB-8DF5-35974D13B40B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca1064:-:*:*:*:*:*:*:*", - "matchCriteriaId": "365FE873-2311-44B8-B699-4B2F3459B0B2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca2062_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "54C350AB-526B-4681-9C37-DD508EFFB143" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca2062:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1ACBDBFC-796A-428E-9570-77E488FA1CB3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca2064_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E73670B4-1055-4C65-AD34-EB978ABB19A6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca2064:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C774D66F-60C9-46B8-BE1D-B8D61EE5E844" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca2065_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8C68AE99-4C8C-43AE-94AA-82632FD2BBE4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca2065:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E255A21F-EC50-436F-81D9-8B2AC56D9BCE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca2066_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6366F2ED-C6B7-4579-B304-C5B6DF951EB4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca2066:-:*:*:*:*:*:*:*", - "matchCriteriaId": "09B688AF-E1A4-496C-924C-D6B725CBBE26" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca4024_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C359D1E7-6E0A-41B5-ABE5-B55598960700" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca4024:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B4DC3CE7-0C4A-458B-A42E-8F80C062DD5F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6310_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "62DC4FBB-D9CB-43EB-829E-0A892306D0E2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6310:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5B0F8ED6-EAE7-44EA-A8C6-F5AD408261F0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6320_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "886CF046-E1D9-4FD4-AC02-EAB61C3F70FD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6320:-:*:*:*:*:*:*:*", - "matchCriteriaId": "059486E9-3F99-4C65-A763-470564EDAF2C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6335_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "966CDA56-809F-4FF4-909D-0DD92F44CF67" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6335:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C90747B4-2CC0-4816-A994-58E00F5ADA05" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6391_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "83B53119-1B2F-4978-B7F5-33B84BE73B68" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6391:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6FEBC0C5-CAA1-475C-96C2-B8D24B2E4536" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6420_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7E16994A-6DBA-426C-ADD2-B1E8B49FEDBF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6420:-:*:*:*:*:*:*:*", - "matchCriteriaId": "47E674DE-55AB-44E5-8E00-C804FC9D4DC0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6421_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "503CEDEF-99D0-4432-88A0-295340743606" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6421:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CE9115A0-0D87-49BE-9A9B-091DBF8D9E6E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6426_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A344E78F-D15A-460E-8EF8-7C6FC39F2D5E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6426:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8FF5EC23-4884-4C2B-8E77-50B1E8E28A3D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6428_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8B9382B5-AEB1-41E6-9F25-B0EDC95363C9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6428:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BDFC0DFF-F13A-4804-890C-99AFA0C56D62" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6430_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "95AFC483-1468-43FC-96FA-A56165C290E0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6430:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0A963FDF-6FF4-4F48-834E-2A14D241716D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6431_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "76FD6A24-B6F4-4C65-968F-AFF90A1A60B8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6431:-:*:*:*:*:*:*:*", - "matchCriteriaId": "34661A30-92C3-4F0D-ABD1-8DA8E928DFF9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6436_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "04F574BC-9AB2-4B83-A466-556ECEBBD3DF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6436:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A34D021D-C043-4EFD-9AB3-B2174528CBA3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6438_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F8D7658D-692D-4873-8D41-7682E9ECAEB3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6438:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DB8993C2-1E06-4ACF-B1E8-A62D89EBF4A0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6554a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0B1397F3-8CCF-4BBA-9F0F-A12E4F045754" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6554a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F5888224-567D-4C84-BE6D-17B636BF506C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6564a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "886124F6-B397-4EB6-8E01-6012E468ABE9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6564a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "93ED74CE-6BF2-4983-8780-07D5336745B3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6564au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B59672A0-2FA6-46CC-B75A-C599B842AFB9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6564au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3847F4A5-90A5-4C84-B43F-0DDD81BD79CE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6574_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9B828AC8-4A01-4537-B2BD-8180C99F5C32" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6574:-:*:*:*:*:*:*:*", - "matchCriteriaId": "66C16E1E-9D4A-4F20-B697-833FDCCA86FB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6574a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "828CFB37-76A6-4927-9D00-AF9A1C432DD6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6574a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "11405993-5903-4716-B452-370281034B42" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6574au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D527E2B1-2A46-4FBA-9F7A-F5543677C8FB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6574au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8374DDB3-D484-4141-AE0C-42333D2721F6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6584au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C3DDA896-576C-44B8-85B6-F71F473F776B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6584au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "51A87BDA-5B24-4212-BAB3-D2BBB2F4162E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6595_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "643EC76D-2836-48E6-81DA-78C4883C33CA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6595:-:*:*:*:*:*:*:*", - "matchCriteriaId": "477F6529-4CE1-44FC-B6EE-D24D44C71AE7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6595au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "288F637F-22F8-47CF-B67F-C798A730A1BD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6595au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D0996EA3-1C92-4933-BE34-9CF625E59FE7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6678aq_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D001127D-8160-42F0-B8B9-2FAA2976B530" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6678aq:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C9EB615F-FD4C-450B-AB25-E936FD9816C4" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6696_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0AE207DB-9770-40ED-961D-FDA75965826F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6696:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0E23922D-C37F-476F-A623-4C1458A9156F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6698aq_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5FA1F8F4-EAF2-4704-A8A6-19AD3CA1B577" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6698aq:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B3F7853D-09EE-476F-B48D-BB30AEB4A67D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca7500_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9D4F8296-D8D0-42C6-AAD2-24DA0DB403D4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca7500:-:*:*:*:*:*:*:*", - "matchCriteriaId": "14EC7373-E5F3-4D2B-B727-CAEE772B74BB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8072_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1F4012FC-F0D9-41DE-BC2A-FBDD1B212540" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8072:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B16C4C53-F8BA-48D2-A7EE-90A06499722D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8075_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CC8A5A87-7D62-4EB7-962A-0F160DE3E889" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8075:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7B68D126-7F49-4FFA-8AF8-78120973D78E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8081_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1D1C53DC-D2F3-4C92-9725-9A85340AF026" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8081:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ED0585FF-E390-46E8-8701-70964A4057BB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8082_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EB1F2E8B-1ED2-473D-AFD8-F2590F6BD414" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8082:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FBDA9657-7D30-41FD-8112-F53E6C69D53A" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8084_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1B9045A8-BA53-43C4-B24D-5EF320DE7A4A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8084:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3D6E8939-AFA3-41AC-B811-BCC282A43106" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8085_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B87335A8-DC52-478E-B19F-0C4CC63132EA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8085:-:*:*:*:*:*:*:*", - "matchCriteriaId": "99C34523-FE2A-4DDC-9A8A-D9072F3D0FD3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8337_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2FA8F9DA-1386-4961-B9B2-484E4347852A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8337:-:*:*:*:*:*:*:*", - "matchCriteriaId": "117289C8-7484-4EAE-8F35-A25768F00EED" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8386_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "08E9E6CB-2216-4AF2-81C2-D482598298BE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8386:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4774FAA6-6141-4B08-819C-58D4D9A2B69F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9880_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7F81D132-B2DD-4D09-8561-21A2CFBCC9FA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9880:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F099A893-232B-48FB-81B3-F01AF2A19426" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9886_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "311229F9-4A32-462D-AE8D-E5E2B2C416CE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9886:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5A523C3F-FB62-4728-8173-4C117C28AC5A" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9888_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EF227702-EEFC-43CC-AC80-81EA6E4927E0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9888:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AE5DFEA5-EA29-40B6-83DB-883B276E8245" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9889_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "728CCD27-ED06-49FD-AECD-9B0856813EDF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9889:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1D181868-AE93-4116-B45F-81D94F537227" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9898_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "49882EDE-598D-40B2-8A65-D258241E669F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9898:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F1572D87-4EC2-4B95-826A-B03FDD4985AE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9980_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DCBC53AC-E040-40E0-B09B-4117E641C9D4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9980:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7AE49086-E95B-4852-8A09-16A83DD63EC9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9984_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "93BA2DC9-5B4F-4F8F-8B3D-8DA01043B9BD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9984:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8FA8880F-E513-4390-B839-C5D86E7A89EB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9985_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ED6C33CE-635A-415F-9F4E-70E2D86A06D3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9985:-:*:*:*:*:*:*:*", - "matchCriteriaId": "124FF4F3-0490-4CB8-8689-5F0FA6D9230F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9986_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "70DBC461-DFD7-419E-8241-B55913315D45" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9986:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4E9EC919-0F83-49F3-807B-CD4B27AAE741" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9990_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "991D9592-D61E-4777-8B59-EB004F09998E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9990:-:*:*:*:*:*:*:*", - "matchCriteriaId": "37A829C8-5BA3-4B13-9033-30FCD5B78B70" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9992_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5D8FB66C-5616-4C3A-9CAE-7610519ACA1A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9992:-:*:*:*:*:*:*:*", - "matchCriteriaId": "408C8494-E7D8-4F99-9B04-7E84A31C799B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9994_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BD5B18AA-0699-4F21-9D3E-C45B071B4903" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9994:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DDC4C800-C9E3-4DB0-AE99-3F75D3660DEC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcm2290_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5AB1F0FA-25F3-4304-A3BC-5264E55CC092" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcm2290:-:*:*:*:*:*:*:*", - "matchCriteriaId": "214A053F-D80C-4AD9-B4F1-83384095A3F3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcm4290_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3C7FFB96-53E7-41A2-BC99-7ACD853214A8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcm4290:-:*:*:*:*:*:*:*", - "matchCriteriaId": "74EBA77E-69A5-4145-9BEC-CD39BA132309" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcm4325_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F2D8044B-D4E5-4174-A0FB-478F8434EE8F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcm4325:-:*:*:*:*:*:*:*", - "matchCriteriaId": "163FE96E-DF5B-4B67-8EDE-44A5B9A8492D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcm4490_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DA506489-4338-44DF-8F92-12E60AF0048C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcm4490:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A8718C37-A82A-4A08-A887-3F22B37601A9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcm6125_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AB226552-52D9-44F5-A170-35C44761A72B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcm6125:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FBB16DC4-CDC9-4936-9C6A-0ED8E1F6D056" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcm6490_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ADD6D51E-5787-42A6-8A02-4EBBAFFF9C94" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcm6490:-:*:*:*:*:*:*:*", - "matchCriteriaId": "99AA0291-B822-4CAD-BA17-81B632FC3FEF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5021_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B0F7D48A-7D06-46C5-A093-FAA12666A666" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5021:-:*:*:*:*:*:*:*", - "matchCriteriaId": "58DF7FA9-72B4-454D-AED7-ED9531B118BC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5022_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "478B79F0-D257-41B2-965B-3E251A584D45" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5022:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8B6D2C9D-1BF9-4D78-90FB-B7633DD87E67" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5024_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "63965F19-033E-4755-B9CA-EF409EC339A3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5024:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CCA0E68F-6D5F-4C20-AABC-26CA6867D3D6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5052_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "85740DB4-3B08-48A4-ACAF-7BBB2612009A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5052:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8A0BD404-5EBA-4988-91B6-ECE8FCF4F041" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5054_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2D6190FE-17A6-48CE-AA34-5DCF01362E9F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5054:-:*:*:*:*:*:*:*", - "matchCriteriaId": "09AB1C26-7ED2-431E-8EA4-8ACB16857A01" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5064_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0405CBFB-AD0E-45F8-ADDA-60D2BF7486C0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5064:-:*:*:*:*:*:*:*", - "matchCriteriaId": "08F4DD2E-C887-424C-B931-CBB9B402726E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5122_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "290BFC8A-0D76-4BCD-B059-2DAFD368A10C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5122:-:*:*:*:*:*:*:*", - "matchCriteriaId": "936A308A-92B9-468C-9BC6-8FD71C7C2315" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5124_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2A9F76FF-96D3-4BCE-918D-B3B0ADA3E8E0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5124:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2908A543-EFE4-477D-9CF3-76534B2E6CF6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5152_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0EAE1EBF-AD14-4C07-99B5-2547A5196B20" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5152:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D4829FF9-C0BA-4E40-A01A-3EF179462029" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5154_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0ED3ED74-C2D0-4A84-A2F8-392818E5CD20" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5154:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4F1CA219-959D-481A-8622-69F1825832FB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5164_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5F6EAD64-D133-42C4-92ED-90C49938C0F1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5164:-:*:*:*:*:*:*:*", - "matchCriteriaId": "93E7ED58-C5A7-4F78-8233-750780CCAB16" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5550_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A0A436BB-212C-4419-A0C7-03C0E04BD582" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5550:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3AF4B33B-223D-45F5-8168-3D2232E11663" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6023_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "63FF89C5-3BBF-4A13-8A3B-F490C2FA1A95" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6023:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6784EC5F-2C26-49C5-9A03-6FD2056C04EF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6024_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A49DBE04-E2EA-4DA1-B774-A878A71524AC" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6024:-:*:*:*:*:*:*:*", - "matchCriteriaId": "69E98386-3BB2-4E8C-AD00-E05123608439" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6100_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4730B8E7-C884-4AFA-ACB5-D0F39A993D18" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6100:-:*:*:*:*:*:*:*", - "matchCriteriaId": "98CB565F-FE4A-4B52-96CB-AA769E985230" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6102_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C37D96A3-0466-4FC4-9E56-35B55C3FA970" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6102:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9D55BAB4-2AC5-419C-B405-C1AA022DAA24" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6112_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6300827E-F6F0-490B-8043-38DD415E3161" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6112:-:*:*:*:*:*:*:*", - "matchCriteriaId": "58F6B4C5-2C26-4A13-BA10-5B70805AD8B6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6122_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1A988BD3-71D8-4F2B-9EC2-8E385B114114" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6122:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1E7049A3-9F35-465F-9B2E-96788E54EC63" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6132_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A59FBBDC-0495-422C-B25A-FFDF94D33C34" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6132:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F6E55C06-45EE-4144-8CBC-4D41DDE4D899" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn7605_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9C9D1966-30F0-414D-BE75-0A14B12A1457" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn7605:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CD28C87D-1D28-4C84-BFE4-56EE3BF2C6B0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn7606_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F466A5BD-1912-4811-9A93-81555F101D46" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn7606:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0F92914E-16F6-4A25-9FEF-FB7CB3377132" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9000_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5BCCFF8B-4857-439D-BD4A-EB35672F474B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9000:-:*:*:*:*:*:*:*", - "matchCriteriaId": "86896D55-89F5-440B-9082-916E486B65D9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9001_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E02C2FD8-3434-4407-99E3-EE1779C18117" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9001:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AC3468C1-CF50-4ED2-BD91-D1D140653CFC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9002_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6694BAC2-6E3B-4589-8BEA-6B5219267D19" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9002:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EF54E749-D512-45DE-841D-6199623C7099" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9003_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6128C715-8085-47A8-9EE3-F8C67FC1236B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9003:-:*:*:*:*:*:*:*", - "matchCriteriaId": "73B9F6F0-2F3A-4A4E-91A1-39EE598E22A5" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9011_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9306C34D-47E4-40CF-89F4-BA5263655D13" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9011:-:*:*:*:*:*:*:*", - "matchCriteriaId": "02BA009F-24E1-4953-BA95-2A5BC1CDBDBB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9012_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "61F34DD2-9DC0-49E5-BC85-1543EA199477" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9012:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1A06879F-6FE9-448A-8186-8347D76F872B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9022_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "36A10EB2-E7A2-461F-836E-FC38B9428C98" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9022:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A457C1D6-A026-4B5F-9CB1-FA795785A515" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9024_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A64CDA49-19BF-413F-A0E0-2B9729E45E25" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9024:-:*:*:*:*:*:*:*", - "matchCriteriaId": "345CCD64-C09E-407D-AAA2-311C4CCFE24F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9070_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2C10CAAC-FD93-4116-9F0C-E983B3693FAF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9070:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9FEC2402-BA39-49BB-A34C-FF32ED44A158" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9072_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "809FD84D-11C5-4EE3-B830-62CF5F6CB1BC" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9072:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DFD77A52-D53C-424F-9E17-160B710469C3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9074_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "65303C2D-C6BF-47CB-8146-E240CB8BBE42" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9074:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A6B03022-497A-4F42-BB4D-5624EA7DF1B9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9100_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B31EEE9E-CDEC-4E88-B950-3413205E483E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9100:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3E1E341A-7DDD-47E5-BB5F-0666482B41C0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9274_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9129A244-AB8C-4AA4-BFBB-37F84D66BD3E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9274:-:*:*:*:*:*:*:*", - "matchCriteriaId": "41F243A1-3C0B-4780-95BF-69A4E1A91F18" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs2290_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "93CDB7BC-89F2-4482-B8E3-9DDBD918C851" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs2290:-:*:*:*:*:*:*:*", - "matchCriteriaId": "76E03AE9-2485-449B-BCFD-3E452BB01FC6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs410_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DC43BB27-0516-4750-A4C2-C45298441398" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs410:-:*:*:*:*:*:*:*", - "matchCriteriaId": "969585DE-93D6-4406-A632-D838ECD4D5AD" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs4290_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "06789CB9-E6FA-400D-90B6-C2DB6C8EF153" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs4290:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FFCB9F22-57F2-4327-95B9-B2342A02E45E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs4490_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3336CDD7-9E7B-4FFB-A5CE-594B19B63A6C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs4490:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1197E229-1E27-4CA3-A386-B77FAE5DFE1A" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs610_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E634F59C-6817-4898-A141-082044E66836" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs610:-:*:*:*:*:*:*:*", - "matchCriteriaId": "29762819-EC90-499C-A8C6-1423DE3FE6B9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs6125_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4468EA5D-87B0-4FEC-A3DB-617651B0D169" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs6125:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6DA2C3E1-E285-4CAD-9FA3-813C8EC436F6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs6490_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "403AE561-6C9E-49F3-A5D6-C48DDD51D663" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs6490:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6FAC140F-FC5E-4C88-B777-7F5EBF49A695" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs8250_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1CDDD37F-4C3A-4955-9AFB-7774021A0198" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs8250:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2D13E375-0562-4263-8452-53E117F14E83" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qrb5165m_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D9CC1C8B-F642-4068-B9E3-ECE027486E45" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qrb5165m:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A60F8378-B827-4557-B891-A8A02F8F2A25" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qrb5165n_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "97BB1EB7-D194-4FE2-B4F6-A7A52F344DDE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qrb5165n:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA2C90E7-0F3A-43BB-ABF7-63CEA7A85ADA" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qsm8250_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8C194363-7FDE-43C9-B6FE-2BD6B474816F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qsm8250:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B8CC9433-6B33-4B9C-8EC3-BBBB43897E5C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qsm8350_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1894F6B9-31DA-44E8-AA28-064F73EBEE8D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qsm8350:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8AA23845-D9F5-4035-8A93-F475D865586F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:robotics_rb3_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "01264215-1B23-4406-B5A2-2C0A7B4E9937" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:robotics_rb3:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F67FE29B-D218-4B32-B881-79262BD6BFA1" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:robotics_rb5_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "71CFA659-DE2C-4AA0-8AAD-75033B2F4663" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:robotics_rb5:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0C3E952A-9CA6-4A41-820C-9756B453DECF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa4150p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0DC99C0C-8AE3-4918-B91D-2C26990FE931" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa4150p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A558A868-1B67-48D2-8A94-FDEA7126FAE7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6145p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C66671C1-AE1A-44BE-9DB2-0B09FF4417DB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6145p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "74AA3929-3F80-4D54-B13A-9B070D5C03BB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6150p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "054F77D6-FC66-4151-9005-DC7ECDB5C722" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6150p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8ED3F589-16D9-46A7-A539-C9862473EE0D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6155_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4C40544E-B040-491C-8DF3-50225E70B50C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6155:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A2DAC85C-CDC9-4784-A69A-147A2CE8A8B2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6155p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8DC40C14-3B2D-4E00-9E0F-86E6BDBF2D81" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6155p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0514D433-162C-4680-8912-721D19BE6201" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8145p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A71D74B0-0963-49FD-8E97-148C8993B263" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8145p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "910CBFA4-50F7-4C7A-B9B9-B88C8A919827" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8150p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "69C1B02F-8D2D-42E7-B70D-41F4D9844FD1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8150p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3FEACAA9-C061-4713-9A54-37D8BFC0B00B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8155_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F33EB594-B0D3-42F2-B1CA-B0E6C9D82C6B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8155:-:*:*:*:*:*:*:*", - "matchCriteriaId": "50EF47E5-2875-412F-815D-44804BB3A739" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8155p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C8648B38-2597-401A-8F53-D582FA911569" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8155p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A01CD59B-8F21-4CD6-8A1A-7B37547A8715" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8195p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "51BC0A66-493B-43BE-B51F-640BDF2FF32E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8195p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D8DA4D12-7ABF-4A04-B44E-E1D68C8E58AB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8295p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2A19659B-A0C3-44B7-8D54-BA21729873A4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8295p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F978041A-CE28-4BDF-A7DB-F0360F1A5F14" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180x\\+sdx55_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C751ABFE-3B9B-472B-A10C-277270790D95" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180x\\+sdx55:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C819454D-D413-478A-B78D-CFF6994803A1" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd_455_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B3EF9964-D615-473E-A289-8A01D91D87AA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd_455:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9C177163-B6E6-42D8-8969-C2F9832C6701" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd_675_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3F900C8F-9763-441A-B97E-E5394A68A08A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd_675:-:*:*:*:*:*:*:*", - "matchCriteriaId": "589C1001-E9F6-41A6-BCC8-A94A3C97F2E6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd_8_gen1_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "76910884-45D9-4EA2-BA30-44A8C7CC1339" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd_8_gen1_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "33D393A6-4586-4416-86EB-F9D86DC3DED8" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd_8cx_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A71D1A7C-537F-458B-BA56-A11F95E36EA9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd_8cx:-:*:*:*:*:*:*:*", - "matchCriteriaId": "716DEC4D-D854-44CD-8A14-AA5AFD96809E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd460_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "52036768-810C-40C2-9213-8397A4073703" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd460:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BE8AB22C-54EA-4D61-B6F9-7BC45820D29E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd660_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3991C516-4FBE-43D8-835F-413FE45BF73E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd660:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D9CF5EBB-B25A-4A76-B522-951F108263CC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd662_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C7BE7001-5539-4C5E-A064-6E62023803AE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd662:-:*:*:*:*:*:*:*", - "matchCriteriaId": "06661DAC-5D22-433E-B5EC-486931E265B4" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd670_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5B8DA94C-23A0-4C99-9F05-144B9B5224B3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd670:-:*:*:*:*:*:*:*", - "matchCriteriaId": "39E10E22-E7CC-41D6-80F3-030083F45645" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd675_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1497D052-884E-496B-BEF8-6904A25125ED" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd675:-:*:*:*:*:*:*:*", - "matchCriteriaId": "589F4888-28F6-4ECA-860E-8054C2A8C419" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd730_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EC4DA7EA-DB81-4C71-A875-2612D8D7D726" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd730:-:*:*:*:*:*:*:*", - "matchCriteriaId": "48F26F64-98D4-420A-8918-E5E56ABA1D47" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd835_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9DA605FD-B801-43BB-B52D-879013F7F57E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd835:-:*:*:*:*:*:*:*", - "matchCriteriaId": "908BFD96-0423-4AFC-B8F3-105B2D5B4C73" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd855_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "42B30014-95AB-4F24-A7A5-60A907502609" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd855:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F562ED3D-CBE3-4DCC-BFBB-DE0AD2425A9C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd865_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "72433485-B229-46A6-BCA4-394AA4EEA683" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd865_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "04D40EC4-BF31-4BFD-8D0A-8193F541AF02" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd888_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "79219DA5-0D09-4CEF-AEFD-917F269AE7DF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd888:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4D30BACF-71C1-4A6D-8811-9AD708A98307" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sdx55_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E93FB34B-3674-404D-9687-E092E9A246AB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sdx55:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F3FF5A9A-A34A-499C-B6E0-D67B496C5454" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sg4150p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9279F02F-6C30-4891-8941-97003DE9C8C7" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sg4150p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FFA7BB42-305C-451F-92D8-0718DF68A012" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm4125_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E2B93301-AFE8-409B-A8C8-6754BE5A0C14" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm4125:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B185412C-177F-48E2-87F9-1269E0FB8E31" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm4450_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8F57DB5E-863C-4CA1-B7C0-DD8FCA50F835" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm4450:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6E3F3930-3C47-4A0D-ADC2-2641AE1CC02C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm6250_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FACA2BF1-85D3-447F-A08D-B90330A22550" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm6250:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C2ABA18D-82C1-4366-B1D7-DED42DD3D5C5" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm6250p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E3FB2972-94B6-4716-BA96-4B452BA3990F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm6250p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "57F4F872-094E-4E27-BB89-D8251FAFB713" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm7250p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "76DB5472-DF51-4144-8A69-9B231CF782DA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm7250p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1D395018-251C-45AA-9EE8-A638CAB0B508" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm7315_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A4508742-7D97-43D8-B8F5-041F4C588723" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm7315:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CF8C63E8-169F-4164-BD49-348ED894813F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm7325p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4BEC725F-19B1-4078-B13D-CE624BE23344" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm7325p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4EA43E38-A12D-49C3-B05C-A2AF07ED2710" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:smart_audio_400_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BF7A6EE4-D951-480F-8F68-D49983C911D6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:smart_audio_400:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6FD155BC-1157-4DEA-940A-FB8BD117D4C6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_4_gen_1_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C57BEA9E-2DAD-47E5-9777-DF835C83FC89" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_4_gen_1:-:*:*:*:*:*:*:*", - "matchCriteriaId": "67E8D5A1-0C4F-4ADE-902E-1768F9C84EDA" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_460_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E4DA61D9-00F0-44AE-9821-41C730D85CA9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_460:-:*:*:*:*:*:*:*", - "matchCriteriaId": "312DFB2A-E115-487A-AABE-BBAC057AFA73" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_480_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "04DAFFC1-9038-4CEB-B181-C555BC0A3CF7" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_480_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "70A8B62B-DA3A-416E-96D8-4E5AAD197631" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_480\\+_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8BE024DC-38BD-4AD5-8505-C3218C5FCF06" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_480\\+_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A5F6C78C-33F5-40D8-9D2C-52D0FEC6DCA8" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_630_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B2E368C7-0696-466E-9FAC-0C9A58275787" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_630:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7FBF4F78-DCD9-4554-85F2-540979546ED7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_636_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F32168D9-3A1C-40FD-BD46-941D5A1F02EE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_636:-:*:*:*:*:*:*:*", - "matchCriteriaId": "20F4EB92-9FD7-4FD9-9FDE-A48D7AF83510" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_660_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FF33DF89-CD83-4003-B3E2-F399A61B71AF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_660:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7D84D667-1939-4891-87E3-F8A77433252E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_662_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ECA86357-66BD-4356-87DF-5AF445BC8DF9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_662:-:*:*:*:*:*:*:*", - "matchCriteriaId": "88C87768-9D47-4C92-BF01-743F572C3F10" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_665_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "92B6A9E9-F392-4F44-AC5D-00331C10F038" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_665:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F4971876-4B11-4A7A-A461-424846F7DDC1" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_670_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6D675A8D-0FB3-4B2F-9D60-0DBB521820D5" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_670:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C1E4FC24-7BB8-4E16-8ADA-C54FE94C2CE7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_675_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EC6976CA-9019-4B8A-84B1-58F73A0E2673" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_675:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B11CD214-B46D-43A9-A170-CBC40BFED199" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_678_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "63FDD354-0044-4BD2-B1B9-B89BE040070D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_678:-:*:*:*:*:*:*:*", - "matchCriteriaId": "52CFA50A-F846-4C91-83ED-B52B8B5C9781" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_680_4g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A7C981FE-CD14-4DA0-86FE-94C34B490A36" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_680_4g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CC7A9678-01AD-4CCE-BD3E-DD0FDD7E246A" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_685_4g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CD0989BA-DEBC-4B45-AC3A-F2033C17B93A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_685_4g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5CF03844-5ECE-4738-9DD3-E7F690679A06" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_690_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1DCF8439-B259-43FE-B797-57C2D62A35E5" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_690_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F97A345D-4024-4C48-A7C5-BF2F13D3B2BE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_695_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "624349A3-DAD6-4C93-A694-AB4CDC0F00EC" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_695_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3E265840-94AC-4462-853D-29098B2CD746" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_710_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9937F60D-3325-41F8-8F7D-99C1A07016F9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_710:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A7E3CAB2-09FB-459E-8219-66283C59B6CF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_712_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A4265281-9F77-48CC-80D8-4BE3743C10B2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_712:-:*:*:*:*:*:*:*", - "matchCriteriaId": "263C29D6-25C1-4B30-AD96-AF9AEC5B7745" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_720g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0EDCFF2B-1713-46E2-AA4A-419FB63ED8A0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_720g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5E87C169-AC6C-41FB-878C-748517AB40BF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_730_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5CB628D4-566E-454D-B2B9-04A5533C6737" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_730:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E726FE28-3CEB-48DC-8C4E-7DB56D9567C0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_730g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B7A5B684-09BB-4DD0-9F16-D3761EA37D34" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_730g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E6A01340-72E8-4811-A24A-D359C8B63611" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_732g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B8C1A76A-AD97-4A08-B45A-F9994D5455DE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_732g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6E07087B-C0E3-431E-A03A-0255B3EC73A3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_750g_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A1DF0CA5-9874-4C25-8357-7E5D9AABACD1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_750g_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C4D5549F-053A-4EF0-BB43-CAD84E0BBF98" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_765_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5D8D5607-F0BC-46C9-A94F-1D28EE5A3F0E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_765_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "17D19361-1C7D-44F2-B007-36097947B352" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_765g_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9F4659B0-547B-4492-9338-90B45B0462FC" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_765g_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B52D8884-D1E4-45F7-86F6-D882DF099611" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_768g_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CE9D188A-2029-431E-A225-302C7795B891" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_768g_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E0D216C8-92CF-4C54-8D44-5E1BBAB76C92" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_778g_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EB958799-6C95-4066-A564-2440B94EA064" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_778g_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3AEA9DD8-681B-48A9-A2E9-8F81DA4C5276" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_778g\\+_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "60CB441C-DCC6-4AF9-B3E6-6DE6305D3AAE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_778g\\+_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "44884D15-3D35-4D97-BEFE-995C573F12E8" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_780g_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "481E3382-E1DB-45A6-9FF7-B86712DFBF0D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_780g_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CF847CB8-B3E7-4371-B531-BA82B686AA1F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_782g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9D264E36-5E39-4ABD-B05D-153C852CE40B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_782g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "80322365-61A2-4B55-932E-F2B678F8C3C6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_7c_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "047C3F2B-1DC5-47AD-B802-465F30CB690C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_7c:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4623586A-DD0F-4735-A997-DCDC4AF116BA" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_7c_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "047C3F2B-1DC5-47AD-B802-465F30CB690C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_7c:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4623586A-DD0F-4735-A997-DCDC4AF116BA" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_7c\\+_gen_3_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9749871B-A555-4FAA-82F8-E46B95AC0F25" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_7c\\+_gen_3:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E0318A41-2E92-4C83-BB9D-68BC68E574BC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_8_gen_1_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "985A7570-846E-4ED8-8EF0-E529231CE0B1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_8_gen_1:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2BB1B4D9-EAE6-4395-8B8A-C97F15A64DFA" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_8\\+_gen_1_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A7504F41-E4C8-4C43-AA65-C7F67C01E105" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_8\\+_gen_1:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5435FC83-8EA3-4F96-B109-4A6DC9CF952B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_835_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D712ED25-1364-40C4-94F8-DC18D1DDCC66" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_835:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4FE45292-C833-4461-97CE-6A039A29901D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_845_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3C36C7F9-2C63-46A0-A8B7-AB6225229255" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_845:-:*:*:*:*:*:*:*", - "matchCriteriaId": "96F9FBC6-940E-41CF-B524-63EAF8642C1F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_850_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FA1D0BD4-DF9A-41DC-8A96-E021F0A72102" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_850:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A8504D30-86B4-4613-82FF-9BE57F0BA5A0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_855_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B5501670-56E2-48B6-ACFC-67F908D5ECCA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_855:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C3AB9254-8202-411C-9700-C2739D9C317C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_855\\+_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "06165461-2AA0-4306-8F72-C8F6A9D5113A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_855\\+:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D95A0D7F-8A18-46A1-B420-2DF65E03B60C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_860_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "47D193F3-8369-4253-B46A-07DC2D4CC19D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_860:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DCAFB57B-87C0-45EA-9F8D-1818AF187D35" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_865_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "713B1CB7-985F-49F4-A5A7-23DFD0F4EA04" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_865_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1D7467AE-2EC2-4D9C-9D9C-83BAE7AE48CD" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_865\\+_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7F15FC88-6366-4210-A949-75A3890476B2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_865\\+_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "711C5A1C-F67B-4BE2-BFE7-C86E716F85E2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_870_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B6D89373-04BA-4DD4-A0D0-A45AF93FA7AB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_870_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FE485ADB-9A68-41AE-BBA8-242AC27263DD" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_888_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4DB133AD-4616-4B0E-82D3-6F579F871D84" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_888_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C5C49373-6BDA-4465-B2A3-D0E9C29452BD" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_888\\+_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5C520263-AE1E-42FF-8F93-9BB2ACC2882B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_888\\+_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "01316BA6-3E0F-470B-A675-6AC22D2E408D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180x-ad_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2802A422-CCEA-4634-B164-09AC35C00C2F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180x-ad:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8AB65F7E-6921-44AA-8B2C-C4814BD51A7F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180xp-ad_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E7EB4CA4-CEAF-4D8C-AE28-5373CC5E46D7" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180xp-ad:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9B12A03C-20D1-452A-99E6-BA94C02BA982" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180x-aa_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "89811F0E-0226-4657-B0E0-5C03FAAEE0AF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180x-aa:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FD6A5576-6766-4E65-A8C1-7215DC0EC128" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180x-ab_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "797F1912-4F43-4CA6-83DA-620C4623CB94" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180x-ab:-:*:*:*:*:*:*:*", - "matchCriteriaId": "419CEB14-21A1-4B9B-A2E7-C5F76FED07D8" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180xp-ac_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "61C77656-153F-4DA8-9C7C-BCAAFD25E0A7" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180xp-ac:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0DFDC9D5-81AB-4B4E-AB78-691B8A389C86" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180xp-af_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3B7DFFD6-92C7-4042-BD8F-D3E6FDB7958C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180xp-af:-:*:*:*:*:*:*:*", - "matchCriteriaId": "007B494C-4AAD-4E74-BD16-C62A643BC241" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180x-ac_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EEC4BF9B-2B98-44FF-9B81-25C10AB71E24" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180x-ac:-:*:*:*:*:*:*:*", - "matchCriteriaId": "02C5409B-4D98-4F3D-9902-41A5394342C9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180x-af_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1B66319C-184B-4417-85D6-4F8AB51B578E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180x-af:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F7C8DA78-9E96-4140-961F-B2BD80ACCE54" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180xp-aa_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "53AE3110-9F78-45E8-BAD9-2C63ACD7489B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180xp-aa:-:*:*:*:*:*:*:*", - "matchCriteriaId": "819D5879-EE22-4E6B-B401-D02F7FC68679" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180xp-ab_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6EBD06A6-7156-4363-AECB-6CA872008B54" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180xp-ab:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FFEBF216-405D-462B-9345-3146315F6744" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8280xp-ab_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CD602832-D779-4A1E-9CE6-5E720FB1C509" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8280xp-ab:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6E162204-0481-4508-96A0-BCD8D9954E46" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8280xp-bb_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "30FD02EE-E958-4189-AF2C-1691DABA7810" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8280xp-bb:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6C28135D-DA47-4815-9240-EEEE4D42A101" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_ar2_gen_1_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7BB4A33E-6647-447E-BDA3-24246D49C5DD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_ar2_gen_1:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1046CC3E-FB12-4527-9978-DCC40EEE8938" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_auto_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "901F9968-53C6-4A19-87C8-5FC90A74DF30" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_auto_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E57A7FD9-3849-4420-95BD-905C701E6213" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_w5\\+_gen_1_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "158F6ED7-FB30-47BF-BDAE-91BED7A58157" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_w5\\+_gen_1:-:*:*:*:*:*:*:*", - "matchCriteriaId": "89A06BE0-4F54-4591-836D-4D70D9976BBE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_x50_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C9C56B06-3D58-4720-835F-103C404D109E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_x50_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "80CF44A8-24C9-4625-B538-93721C348438" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_x55_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "50081C21-0E3C-451C-B5D9-BFA6763FC92A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_x55_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F8D443BF-15A5-4984-972B-0BC5BEDC835B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_x65_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "193DA42A-82EE-4536-A4B4-B6ED03F0D0D8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_x65_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "38044A2F-02C8-458A-AA28-42FE87ED6F8A" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_xr1_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ED623126-9BE8-441A-8F5D-397F588FFC48" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_xr1:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8A55B55F-D25A-455D-8CC2-415A677393F6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_xr2_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "665811D8-F648-4F32-A375-FAF9C9E928B3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_xr2_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2A537932-6EAD-411B-83FF-48CF050F603A" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_xr2\\+_gen_1_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FD779739-5919-43A9-B949-D1FB4A46FA11" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_xr2\\+_gen_1:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BDA3083D-C664-45C7-98CD-E90223F887A8" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_auto_4g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BDDA8319-911D-4689-A28B-AD70EBB23BB2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_auto_4g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1E3EAFB7-3581-45F8-81F6-3EBFDD12D842" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ssg2115p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A146E52D-4AFC-47B4-920F-DAC76077DF25" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ssg2115p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2BA4BA00-C8D1-4DAC-8030-CB5EEC7D4591" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ssg2125p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EA41907C-1CDE-42F3-B21D-5D53B2F06AF7" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ssg2125p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EDC270A7-205C-41EB-A2E5-2A381A16BFBB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sw5100_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA1BF9BB-AF11-46A7-A71C-F7D289E76E3F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sw5100:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7B8455D6-287D-4934-8E4D-F4127A9C0449" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sw5100p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DB599A9F-0305-4FE4-8623-0F86630FEDCB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sw5100p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EEB883BF-68B2-4C25-84DC-5DA953BFAA2F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sxr1120_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CF839E24-6542-4C5D-A1B7-FD3BA00683CB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sxr1120:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E9F12284-93E0-482D-9D35-EB38BA7D6C6D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sxr1230p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BE3236D6-0D01-4D05-B580-8888B99BAA5D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sxr1230p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7E1753FC-F3CD-4B50-886D-8E16D9301A84" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sxr2130_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9F9FA3B1-E4E4-4D9B-A99C-7BF958D4B993" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sxr2130:-:*:*:*:*:*:*:*", - "matchCriteriaId": "95762B01-2762-45BD-8388-5DB77EA6139C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sxr2230p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CD6444F6-A477-4B4C-8A09-C22C47CCE45B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sxr2230p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F3E20681-4FC4-46E2-AF77-BCF03BC8E77E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:vision_intelligence_300_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C33CAF7D-F810-41D3-9BFE-C61E7758CE84" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:vision_intelligence_300:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3B4BAC93-2C2A-4A73-A652-CD6B2F608CDD" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:vision_intelligence_400_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A8E976A6-4785-4F88-9035-0F6F0509A642" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:vision_intelligence_400:-:*:*:*:*:*:*:*", - "matchCriteriaId": "16204302-0B17-4759-A4C8-E8B0301BBCAB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9326_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3A2FAD34-B7C5-400A-8575-A12CDE65ACBE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9326:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5A39A2E5-6D8D-4F6E-98CB-96DB1975A4BC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9335_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "28717583-463A-468A-8073-ECF0F90585F6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9335:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4D1A7188-7D5D-4D46-AEAB-08BA84FFF539" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9340_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8BA28CC6-C8BB-4F50-BFE3-A59F664A4F54" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9340:-:*:*:*:*:*:*:*", - "matchCriteriaId": "94D2BDF1-764C-48BA-8944-3275E8768078" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9341_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CE852339-1CAE-4983-9757-8F00EDEF1141" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9341:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4D9E96B3-F1BB-46F8-B715-7DF90180F1E1" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9360_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C4D6C6B2-36DC-4D0D-AFF8-2108A090A78D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9360:-:*:*:*:*:*:*:*", - "matchCriteriaId": "28FEB3B1-F641-436D-AC4F-3304C37167C4" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1295D869-F4DD-4766-B4AA-3513752F43B4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9370:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B98784DC-3143-4D38-AD28-DBBDCCAB4272" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9371_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2503805B-B2A6-4AEE-8AB1-2B8A040702BD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9371:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D3AD370C-2ED0-43CF-83D9-50DC92A01CA5" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9375_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "34143ABA-7D09-429F-A65C-3A33438BF62C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9375:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9D56DFE3-5EF1-4B23-BBD5-0203FBF9CCEC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "70292B01-617F-44AD-AF77-1AFC1450523D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FA94C6D6-85DB-4031-AAF4-C399019AE16D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "92B17201-8185-47F1-9720-5AB4ECD11B22" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E1FA2EB9-416F-4D69-8786-386CC73978AE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3910_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9F0D7B24-D567-479A-B4F1-595FAA053418" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3910:-:*:*:*:*:*:*:*", - "matchCriteriaId": "33A8FAA1-F824-4561-9CCC-7F0DF12F740F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3950_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3FEF2DB6-00F5-4B07-953B-EF58B31267F1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3950:-:*:*:*:*:*:*:*", - "matchCriteriaId": "120E8F0F-EBEB-4565-9927-2D473F783EF7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9C6E9038-9B18-4958-BE1E-215901C9B4B2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3980:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B36D3274-F8D0-49C5-A6D5-95F5DC6D1950" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3988_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E4BFB25F-013B-48E3-99FF-3E8687F94423" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3988:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BF676C5B-838B-446C-A689-6A25AB8A87E2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3990_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2744A053-5BD9-45A9-A2FC-791BCA0CCD4C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3990:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D5F28E29-520F-469E-B048-62DE2EF07ADD" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3999_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DF49BC31-A332-4B9A-A826-F63116D7029F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3999:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6DD3C245-D5F8-4145-8CDF-F635D2C8F088" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn6740_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FB5DB2B8-25E1-4C0F-8AFB-7627FF9A04E1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn6740:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9BB21B3F-6D07-4B45-8A71-DC5490176296" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "15307882-7039-43E9-9BA3-035045988B99" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA85B322-E593-4499-829A-CC6D70BAE884" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E839A0B9-64C3-4C7A-82B7-D2AAF65928F8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7E870D82-DE3B-4199-A730-C8FB545BAA98" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "11B69595-E488-4590-A150-CE5BE08B5E13" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BF680174-5FA6-47D9-8EAB-CC2A37A7BD42" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7ACAD26E-B79E-4659-91A5-D301281F7D36" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8832:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F0E46DA6-9494-4D92-A4AE-A272AF6ACCCC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F80BC68E-7476-4A40-9F48-53722FE9A5BF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6B36F4B2-BAA3-45AD-9967-0EB482C99708" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.qualcomm.com\/company\/product-security\/bulletins\/september-2023-bulletin", - "source": "product-security@qualcomm.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-28573", - "sourceIdentifier": "product-security@qualcomm.com", - "published": "2023-09-05T07:15:14.167", - "lastModified": "2024-04-12T17:17:10.607", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Memory corruption in WLAN HAL while parsing WMI command parameters." - }, - { - "lang": "es", - "value": "Corrupción de memoria en WLAN HAL al analizar parámetros de comandos WMI." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - }, - { - "source": "product-security@qualcomm.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-787" - } - ] - }, - { - "source": "product-security@qualcomm.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-129" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:315_5g_iot_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "58DD55C5-DDF3-4C9E-9084-694543AEFB4E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:315_5g_iot:-:*:*:*:*:*:*:*", - "matchCriteriaId": "00E63554-F1C6-4241-B7B8-00C889ADB35E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:aqt1000_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EC6FCE91-BF38-49ED-8FFB-429BAFEE7832" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:aqt1000:-:*:*:*:*:*:*:*", - "matchCriteriaId": "715A9F94-5F9E-45E5-B07B-699410C01478" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ar8035_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C88B9C86-2E8E-4DCE-A30C-02977CC00F00" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ar8035:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EE473A5A-5CFC-4F08-A173-30717F8BD0D7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ar9380_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B032F871-3EC2-427D-A06F-681A58075925" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ar9380:-:*:*:*:*:*:*:*", - "matchCriteriaId": "73286FFB-C267-46B7-8FEF-C96534656AF9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:csr8811_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D4CAA848-413D-4C63-823B-BFCE95C7740C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:csr8811:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1AA32CC0-DE30-4B15-8EC6-1FAF14C5C4E2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:csrb31024_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1EBF42F8-50BA-4172-A3A0-7FD1BA4B3ED3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:csrb31024:-:*:*:*:*:*:*:*", - "matchCriteriaId": "770F3924-BE27-4BDE-B922-680B3C9753EB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:fastconnect_6200_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CDE1CBDE-3D28-463C-B215-AA7DF373EF09" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:fastconnect_6200:-:*:*:*:*:*:*:*", - "matchCriteriaId": "66BD3B88-7CF9-482D-A2DD-67F6ACF4CC57" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:fastconnect_6700_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "82B82E87-F3F4-466F-A76B-C8809121FF6F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:fastconnect_6700:-:*:*:*:*:*:*:*", - "matchCriteriaId": "419A132E-E42C-4395-B74B-788A39DF1D13" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:fastconnect_6800_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D89F035A-2388-48FC-AEBB-8429C6880F4A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:fastconnect_6800:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CA13EF4E-AAE6-45F4-9E41-78310E37CE81" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E670F500-9B71-4BBE-B5DA-221D35803C89" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:fastconnect_6900:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9ADEB5C5-B79A-4F45-B7D3-75945B38DB6C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B3053D68-C5D8-4D47-A4F0-9F3AF2289E1D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:fastconnect_7800:-:*:*:*:*:*:*:*", - "matchCriteriaId": "638DBC7F-456F-487D-BED2-2214DFF8BEE2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:flight_rb5_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AD5C60F1-5B7F-4AB0-9863-720A1972563E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:flight_rb5_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C43A4F08-1E8A-4CEF-8E61-4152ED78E600" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:immersive_home_214_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8C7CEC6E-D316-4A89-BB58-003C2E3369FD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:immersive_home_214:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA5A801F-F95E-4E6F-AE6A-9F3D112FA69C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:immersive_home_216_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "779827C5-93CF-45BE-827C-F8B4443AE302" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:immersive_home_216:-:*:*:*:*:*:*:*", - "matchCriteriaId": "30EB0454-57C1-4054-BB62-ADC31817D254" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:immersive_home_316_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C7FCC903-A4B0-4462-9D1D-9B7B767D4607" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:immersive_home_316:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E1725FFF-665F-4569-996C-31A0BB094D4F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:immersive_home_318_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "87655E53-09B3-4BC0-8BB4-1E4F0FFAE15F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:immersive_home_318:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BA1B1C6F-9195-4B94-9AAB-7E3EA6275F62" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq5010_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8543C671-054B-489F-ACFE-B7D7BEC1DEE6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq5010:-:*:*:*:*:*:*:*", - "matchCriteriaId": "15C5F8CB-3291-4E13-94F0-680FC85A9669" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq5028_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5AE3085F-59BE-46A0-9A96-65CFAB7DFEAE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq5028:-:*:*:*:*:*:*:*", - "matchCriteriaId": "825524E0-BB01-4CAD-9F65-95E096467D28" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq6000_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA7A5C46-48BF-42A9-A477-A660C6D7B437" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq6000:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EDB79382-19D6-4A67-9013-7099A9C58829" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq6010_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A5CF970F-17AE-4C59-89A5-5B41A41E1DE0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq6010:-:*:*:*:*:*:*:*", - "matchCriteriaId": "71C54A70-AAA8-4B5E-AC1B-471A5C7E79B0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq6018_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B04589FF-F299-4EF6-A57B-1AD145372DBB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq6018:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FDC1ADAD-DA77-47EF-8DB9-C36961C560C2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq6028_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "06126F30-D081-4A11-92FB-4074A451FAF9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq6028:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E2550040-CCC7-4B52-8D3E-7948B3E3C62B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8064_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7A1CC1C1-F2CA-4C43-B9E9-1288C3496C7B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8064:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AC82552A-9E7C-4A13-B7A5-43CEA218675C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8065_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9F37542D-35FD-4B15-8882-DD7543FF4E3D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8065:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1A7A9919-4B34-4960-ADC7-04A176579B80" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8068_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A3CB8796-7976-4077-BFF3-04DAEF5C8DDF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8068:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E848E5C5-F6C6-4FA1-93A6-C7737D69BB15" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8070_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C670A4C5-1F17-4F1E-91DC-A33A9BA8878A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8070:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ACC9F136-90A7-486F-AF2A-EC60125E5AF8" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8070a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "711FC14F-4DED-4F90-9BA5-0036537E6DCF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8070a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "302F06C0-4835-4CD6-B745-BF7B704C3C86" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8071_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA6FF982-7B4C-40F8-8A79-49CD234930DF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8071:-:*:*:*:*:*:*:*", - "matchCriteriaId": "77052755-6A86-4ED7-B45C-32F884D27C64" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8071a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "623ED6A2-EE37-458E-BEFA-8BAD08256AE8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8071a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "53449B68-4C58-4AEB-82B7-72726ADE0E2C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8072_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "83357A1C-633B-4814-ABB5-A8AC2AC12990" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8072:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8C4A7555-7224-403A-9B7D-23D1622623B7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8072a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "93E5DB9B-F388-49F3-ABD5-CE773FC4B045" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8072a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0137E60A-1869-479C-9B4B-378E5FCCBA1D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8074_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2914BF98-E69C-4C8D-8B10-759642ADD7B4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8074:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2118C404-402F-463C-8160-3CC3B703DF30" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8074a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5C7691C2-C4F8-4F23-9B5F-5E8FE0E2293E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8074a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "02BF2E50-E2A4-44FF-9748-ED96C0C1AB5F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8076_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "966392A8-DD8E-4AA1-B407-5BF2D937139E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8076:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A211C022-8EDF-4B76-89D6-599812900446" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8076a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EF245F8E-C056-4BEF-982E-9616F8C65CD6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8076a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CE302EF9-165F-47F9-B0D6-BE1E3D8C6C65" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8078_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A24951FD-C4AB-4988-A1DD-019412430AC6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8078:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EFEC5D65-C1E3-40ED-9FE3-8DF888CA2654" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8078a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DF609C6C-CD50-423A-A75E-83C730296089" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8078a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B8B35C18-9A01-41E1-8CE9-D8FA7E4A25ED" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8173_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8890C528-C2A3-4148-A397-85B63FB920C4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8173:-:*:*:*:*:*:*:*", - "matchCriteriaId": "81494D75-1D4D-4DC5-AF67-F83FD562DBB9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8174_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6BB84228-3083-4048-8E83-E1F30B537223" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8174:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EB58F259-62BA-40B9-BD71-960F25D20BED" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq9008_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "78A6F4F3-0CE3-4A02-B615-63E76C93ADC4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq9008:-:*:*:*:*:*:*:*", - "matchCriteriaId": "31D07608-80F7-44AA-BE91-1F97FC1CE313" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq9574_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0327D8C9-DD6B-4831-BBD4-2EE57A351493" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq9574:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0C866E83-23ED-495C-AA5A-0B01973674BF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:pmp8074_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F9B58B4E-86B7-4EB2-B78A-5E35FBA4A4FF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:pmp8074:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0EF03806-39CD-4B54-BA5C-D1C808E46621" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qam8255p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3723C7B1-A7E2-401F-8D6D-189350F6BCA5" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qam8255p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B12B89EF-7B12-481E-BCBC-F12B9D16321A" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qam8295p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C2D9E281-B382-41AC-84CB-5B1063E5AC51" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qam8295p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "44EBEBD5-98C3-493B-A108-FD4DE6FFBE97" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca1062_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7B3F80BD-90EA-4207-BCB2-5E5CE80B599A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca1062:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AEB9196D-4EE0-4978-8A80-C21B5DC0CF21" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca1064_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CBC2C38C-5D5F-49CB-8DF5-35974D13B40B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca1064:-:*:*:*:*:*:*:*", - "matchCriteriaId": "365FE873-2311-44B8-B699-4B2F3459B0B2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca2062_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "54C350AB-526B-4681-9C37-DD508EFFB143" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca2062:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1ACBDBFC-796A-428E-9570-77E488FA1CB3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca2064_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E73670B4-1055-4C65-AD34-EB978ABB19A6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca2064:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C774D66F-60C9-46B8-BE1D-B8D61EE5E844" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca2065_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8C68AE99-4C8C-43AE-94AA-82632FD2BBE4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca2065:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E255A21F-EC50-436F-81D9-8B2AC56D9BCE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca2066_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6366F2ED-C6B7-4579-B304-C5B6DF951EB4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca2066:-:*:*:*:*:*:*:*", - "matchCriteriaId": "09B688AF-E1A4-496C-924C-D6B725CBBE26" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca4024_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C359D1E7-6E0A-41B5-ABE5-B55598960700" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca4024:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B4DC3CE7-0C4A-458B-A42E-8F80C062DD5F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6391_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "83B53119-1B2F-4978-B7F5-33B84BE73B68" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6391:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6FEBC0C5-CAA1-475C-96C2-B8D24B2E4536" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6420_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7E16994A-6DBA-426C-ADD2-B1E8B49FEDBF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6420:-:*:*:*:*:*:*:*", - "matchCriteriaId": "47E674DE-55AB-44E5-8E00-C804FC9D4DC0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6421_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "503CEDEF-99D0-4432-88A0-295340743606" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6421:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CE9115A0-0D87-49BE-9A9B-091DBF8D9E6E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6426_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A344E78F-D15A-460E-8EF8-7C6FC39F2D5E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6426:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8FF5EC23-4884-4C2B-8E77-50B1E8E28A3D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6430_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "95AFC483-1468-43FC-96FA-A56165C290E0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6430:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0A963FDF-6FF4-4F48-834E-2A14D241716D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6431_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "76FD6A24-B6F4-4C65-968F-AFF90A1A60B8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6431:-:*:*:*:*:*:*:*", - "matchCriteriaId": "34661A30-92C3-4F0D-ABD1-8DA8E928DFF9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6436_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "04F574BC-9AB2-4B83-A466-556ECEBBD3DF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6436:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A34D021D-C043-4EFD-9AB3-B2174528CBA3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6554a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0B1397F3-8CCF-4BBA-9F0F-A12E4F045754" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6554a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F5888224-567D-4C84-BE6D-17B636BF506C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6564au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B59672A0-2FA6-46CC-B75A-C599B842AFB9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6564au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3847F4A5-90A5-4C84-B43F-0DDD81BD79CE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6574_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9B828AC8-4A01-4537-B2BD-8180C99F5C32" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6574:-:*:*:*:*:*:*:*", - "matchCriteriaId": "66C16E1E-9D4A-4F20-B697-833FDCCA86FB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6574a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "828CFB37-76A6-4927-9D00-AF9A1C432DD6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6574a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "11405993-5903-4716-B452-370281034B42" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6574au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D527E2B1-2A46-4FBA-9F7A-F5543677C8FB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6574au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8374DDB3-D484-4141-AE0C-42333D2721F6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6584au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C3DDA896-576C-44B8-85B6-F71F473F776B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6584au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "51A87BDA-5B24-4212-BAB3-D2BBB2F4162E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6595_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "643EC76D-2836-48E6-81DA-78C4883C33CA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6595:-:*:*:*:*:*:*:*", - "matchCriteriaId": "477F6529-4CE1-44FC-B6EE-D24D44C71AE7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6595au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "288F637F-22F8-47CF-B67F-C798A730A1BD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6595au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D0996EA3-1C92-4933-BE34-9CF625E59FE7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6678aq_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D001127D-8160-42F0-B8B9-2FAA2976B530" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6678aq:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C9EB615F-FD4C-450B-AB25-E936FD9816C4" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6696_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0AE207DB-9770-40ED-961D-FDA75965826F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6696:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0E23922D-C37F-476F-A623-4C1458A9156F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6698aq_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5FA1F8F4-EAF2-4704-A8A6-19AD3CA1B577" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6698aq:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B3F7853D-09EE-476F-B48D-BB30AEB4A67D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6797aq_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "797295C2-535C-46A9-A725-E1A5405F0436" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6797aq:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8BFC575E-594E-4711-94B1-2DC8D03B9AC4" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8072_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1F4012FC-F0D9-41DE-BC2A-FBDD1B212540" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8072:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B16C4C53-F8BA-48D2-A7EE-90A06499722D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8075_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CC8A5A87-7D62-4EB7-962A-0F160DE3E889" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8075:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7B68D126-7F49-4FFA-8AF8-78120973D78E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8081_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1D1C53DC-D2F3-4C92-9725-9A85340AF026" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8081:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ED0585FF-E390-46E8-8701-70964A4057BB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8082_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EB1F2E8B-1ED2-473D-AFD8-F2590F6BD414" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8082:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FBDA9657-7D30-41FD-8112-F53E6C69D53A" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8084_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1B9045A8-BA53-43C4-B24D-5EF320DE7A4A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8084:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3D6E8939-AFA3-41AC-B811-BCC282A43106" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8085_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B87335A8-DC52-478E-B19F-0C4CC63132EA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8085:-:*:*:*:*:*:*:*", - "matchCriteriaId": "99C34523-FE2A-4DDC-9A8A-D9072F3D0FD3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8337_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2FA8F9DA-1386-4961-B9B2-484E4347852A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8337:-:*:*:*:*:*:*:*", - "matchCriteriaId": "117289C8-7484-4EAE-8F35-A25768F00EED" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8386_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "08E9E6CB-2216-4AF2-81C2-D482598298BE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8386:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4774FAA6-6141-4B08-819C-58D4D9A2B69F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9886_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "311229F9-4A32-462D-AE8D-E5E2B2C416CE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9886:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5A523C3F-FB62-4728-8173-4C117C28AC5A" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9888_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EF227702-EEFC-43CC-AC80-81EA6E4927E0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9888:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AE5DFEA5-EA29-40B6-83DB-883B276E8245" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9889_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "728CCD27-ED06-49FD-AECD-9B0856813EDF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9889:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1D181868-AE93-4116-B45F-81D94F537227" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9980_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DCBC53AC-E040-40E0-B09B-4117E641C9D4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9980:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7AE49086-E95B-4852-8A09-16A83DD63EC9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9984_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "93BA2DC9-5B4F-4F8F-8B3D-8DA01043B9BD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9984:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8FA8880F-E513-4390-B839-C5D86E7A89EB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9985_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ED6C33CE-635A-415F-9F4E-70E2D86A06D3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9985:-:*:*:*:*:*:*:*", - "matchCriteriaId": "124FF4F3-0490-4CB8-8689-5F0FA6D9230F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9986_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "70DBC461-DFD7-419E-8241-B55913315D45" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9986:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4E9EC919-0F83-49F3-807B-CD4B27AAE741" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9990_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "991D9592-D61E-4777-8B59-EB004F09998E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9990:-:*:*:*:*:*:*:*", - "matchCriteriaId": "37A829C8-5BA3-4B13-9033-30FCD5B78B70" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9992_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5D8FB66C-5616-4C3A-9CAE-7610519ACA1A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9992:-:*:*:*:*:*:*:*", - "matchCriteriaId": "408C8494-E7D8-4F99-9B04-7E84A31C799B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9994_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BD5B18AA-0699-4F21-9D3E-C45B071B4903" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9994:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DDC4C800-C9E3-4DB0-AE99-3F75D3660DEC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcm4490_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DA506489-4338-44DF-8F92-12E60AF0048C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcm4490:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A8718C37-A82A-4A08-A887-3F22B37601A9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcm6490_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ADD6D51E-5787-42A6-8A02-4EBBAFFF9C94" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcm6490:-:*:*:*:*:*:*:*", - "matchCriteriaId": "99AA0291-B822-4CAD-BA17-81B632FC3FEF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5021_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B0F7D48A-7D06-46C5-A093-FAA12666A666" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5021:-:*:*:*:*:*:*:*", - "matchCriteriaId": "58DF7FA9-72B4-454D-AED7-ED9531B118BC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5022_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "478B79F0-D257-41B2-965B-3E251A584D45" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5022:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8B6D2C9D-1BF9-4D78-90FB-B7633DD87E67" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5024_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "63965F19-033E-4755-B9CA-EF409EC339A3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5024:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CCA0E68F-6D5F-4C20-AABC-26CA6867D3D6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5052_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "85740DB4-3B08-48A4-ACAF-7BBB2612009A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5052:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8A0BD404-5EBA-4988-91B6-ECE8FCF4F041" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5054_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2D6190FE-17A6-48CE-AA34-5DCF01362E9F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5054:-:*:*:*:*:*:*:*", - "matchCriteriaId": "09AB1C26-7ED2-431E-8EA4-8ACB16857A01" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5122_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "290BFC8A-0D76-4BCD-B059-2DAFD368A10C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5122:-:*:*:*:*:*:*:*", - "matchCriteriaId": "936A308A-92B9-468C-9BC6-8FD71C7C2315" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5124_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2A9F76FF-96D3-4BCE-918D-B3B0ADA3E8E0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5124:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2908A543-EFE4-477D-9CF3-76534B2E6CF6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5152_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0EAE1EBF-AD14-4C07-99B5-2547A5196B20" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5152:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D4829FF9-C0BA-4E40-A01A-3EF179462029" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5154_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0ED3ED74-C2D0-4A84-A2F8-392818E5CD20" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5154:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4F1CA219-959D-481A-8622-69F1825832FB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5164_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5F6EAD64-D133-42C4-92ED-90C49938C0F1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5164:-:*:*:*:*:*:*:*", - "matchCriteriaId": "93E7ED58-C5A7-4F78-8233-750780CCAB16" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6023_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "63FF89C5-3BBF-4A13-8A3B-F490C2FA1A95" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6023:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6784EC5F-2C26-49C5-9A03-6FD2056C04EF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6024:-:*:*:*:*:*:*:*", - "matchCriteriaId": "69E98386-3BB2-4E8C-AD00-E05123608439" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6024_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A49DBE04-E2EA-4DA1-B774-A878A71524AC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6100:-:*:*:*:*:*:*:*", - "matchCriteriaId": "98CB565F-FE4A-4B52-96CB-AA769E985230" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6100_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4730B8E7-C884-4AFA-ACB5-D0F39A993D18" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6102:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9D55BAB4-2AC5-419C-B405-C1AA022DAA24" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6102_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C37D96A3-0466-4FC4-9E56-35B55C3FA970" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6112:-:*:*:*:*:*:*:*", - "matchCriteriaId": "58F6B4C5-2C26-4A13-BA10-5B70805AD8B6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6112_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6300827E-F6F0-490B-8043-38DD415E3161" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6122:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1E7049A3-9F35-465F-9B2E-96788E54EC63" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6122_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1A988BD3-71D8-4F2B-9EC2-8E385B114114" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6132:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F6E55C06-45EE-4144-8CBC-4D41DDE4D899" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6132_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A59FBBDC-0495-422C-B25A-FFDF94D33C34" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9000:-:*:*:*:*:*:*:*", - "matchCriteriaId": "86896D55-89F5-440B-9082-916E486B65D9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9000_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5BCCFF8B-4857-439D-BD4A-EB35672F474B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9001:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AC3468C1-CF50-4ED2-BD91-D1D140653CFC" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9001_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E02C2FD8-3434-4407-99E3-EE1779C18117" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9002:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EF54E749-D512-45DE-841D-6199623C7099" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9002_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6694BAC2-6E3B-4589-8BEA-6B5219267D19" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9003:-:*:*:*:*:*:*:*", - "matchCriteriaId": "73B9F6F0-2F3A-4A4E-91A1-39EE598E22A5" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9003_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6128C715-8085-47A8-9EE3-F8C67FC1236B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9011:-:*:*:*:*:*:*:*", - "matchCriteriaId": "02BA009F-24E1-4953-BA95-2A5BC1CDBDBB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9011_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9306C34D-47E4-40CF-89F4-BA5263655D13" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9012:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1A06879F-6FE9-448A-8186-8347D76F872B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9012_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "61F34DD2-9DC0-49E5-BC85-1543EA199477" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9022_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "36A10EB2-E7A2-461F-836E-FC38B9428C98" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9022:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A457C1D6-A026-4B5F-9CB1-FA795785A515" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9024_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A64CDA49-19BF-413F-A0E0-2B9729E45E25" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9024:-:*:*:*:*:*:*:*", - "matchCriteriaId": "345CCD64-C09E-407D-AAA2-311C4CCFE24F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9070_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2C10CAAC-FD93-4116-9F0C-E983B3693FAF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9070:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9FEC2402-BA39-49BB-A34C-FF32ED44A158" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9072_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "809FD84D-11C5-4EE3-B830-62CF5F6CB1BC" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9072:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DFD77A52-D53C-424F-9E17-160B710469C3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9074_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "65303C2D-C6BF-47CB-8146-E240CB8BBE42" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9074:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A6B03022-497A-4F42-BB4D-5624EA7DF1B9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9100_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B31EEE9E-CDEC-4E88-B950-3413205E483E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9100:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3E1E341A-7DDD-47E5-BB5F-0666482B41C0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9274_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9129A244-AB8C-4AA4-BFBB-37F84D66BD3E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9274:-:*:*:*:*:*:*:*", - "matchCriteriaId": "41F243A1-3C0B-4780-95BF-69A4E1A91F18" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs4490_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3336CDD7-9E7B-4FFB-A5CE-594B19B63A6C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs4490:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1197E229-1E27-4CA3-A386-B77FAE5DFE1A" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs6490_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "403AE561-6C9E-49F3-A5D6-C48DDD51D663" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs6490:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6FAC140F-FC5E-4C88-B777-7F5EBF49A695" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs8250_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1CDDD37F-4C3A-4955-9AFB-7774021A0198" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs8250:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2D13E375-0562-4263-8452-53E117F14E83" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs8550_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FFF23DDB-98A0-4343-ADD3-5AB9C2383E7E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs8550:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5ACB8AFB-5B91-4AA1-BA3A-1AF0B3503080" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qrb5165m_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D9CC1C8B-F642-4068-B9E3-ECE027486E45" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qrb5165m:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A60F8378-B827-4557-B891-A8A02F8F2A25" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qrb5165n_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "97BB1EB7-D194-4FE2-B4F6-A7A52F344DDE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qrb5165n:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA2C90E7-0F3A-43BB-ABF7-63CEA7A85ADA" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qsm8250_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8C194363-7FDE-43C9-B6FE-2BD6B474816F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qsm8250:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B8CC9433-6B33-4B9C-8EC3-BBBB43897E5C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qsm8350_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1894F6B9-31DA-44E8-AA28-064F73EBEE8D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qsm8350:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8AA23845-D9F5-4035-8A93-F475D865586F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:robotics_rb5_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "71CFA659-DE2C-4AA0-8AAD-75033B2F4663" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:robotics_rb5:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0C3E952A-9CA6-4A41-820C-9756B453DECF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa4150p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0DC99C0C-8AE3-4918-B91D-2C26990FE931" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa4150p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A558A868-1B67-48D2-8A94-FDEA7126FAE7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6145p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C66671C1-AE1A-44BE-9DB2-0B09FF4417DB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6145p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "74AA3929-3F80-4D54-B13A-9B070D5C03BB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6150p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "054F77D6-FC66-4151-9005-DC7ECDB5C722" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6150p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8ED3F589-16D9-46A7-A539-C9862473EE0D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6155_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4C40544E-B040-491C-8DF3-50225E70B50C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6155:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A2DAC85C-CDC9-4784-A69A-147A2CE8A8B2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6155p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8DC40C14-3B2D-4E00-9E0F-86E6BDBF2D81" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6155p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0514D433-162C-4680-8912-721D19BE6201" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8145p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A71D74B0-0963-49FD-8E97-148C8993B263" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8145p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "910CBFA4-50F7-4C7A-B9B9-B88C8A919827" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8150p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "69C1B02F-8D2D-42E7-B70D-41F4D9844FD1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8150p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3FEACAA9-C061-4713-9A54-37D8BFC0B00B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8155_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F33EB594-B0D3-42F2-B1CA-B0E6C9D82C6B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8155:-:*:*:*:*:*:*:*", - "matchCriteriaId": "50EF47E5-2875-412F-815D-44804BB3A739" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8155p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C8648B38-2597-401A-8F53-D582FA911569" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8155p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A01CD59B-8F21-4CD6-8A1A-7B37547A8715" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8195p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "51BC0A66-493B-43BE-B51F-640BDF2FF32E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8195p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D8DA4D12-7ABF-4A04-B44E-E1D68C8E58AB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8255p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EC6E268D-C4AF-4950-9223-39EA36D538A8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8255p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "073C1A81-D02B-4F2F-9378-CD1B2DCE0E5B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8295p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2A19659B-A0C3-44B7-8D54-BA21729873A4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8295p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F978041A-CE28-4BDF-A7DB-F0360F1A5F14" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180x\\+sdx55_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C751ABFE-3B9B-472B-A10C-277270790D95" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180x\\+sdx55:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C819454D-D413-478A-B78D-CFF6994803A1" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd_8_gen1_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "76910884-45D9-4EA2-BA30-44A8C7CC1339" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd_8_gen1_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "33D393A6-4586-4416-86EB-F9D86DC3DED8" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd865_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "72433485-B229-46A6-BCA4-394AA4EEA683" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd865_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "04D40EC4-BF31-4BFD-8D0A-8193F541AF02" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd888_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "79219DA5-0D09-4CEF-AEFD-917F269AE7DF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd888:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4D30BACF-71C1-4A6D-8811-9AD708A98307" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sdx55_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E93FB34B-3674-404D-9687-E092E9A246AB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sdx55:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F3FF5A9A-A34A-499C-B6E0-D67B496C5454" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm7315_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A4508742-7D97-43D8-B8F5-041F4C588723" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm7315:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CF8C63E8-169F-4164-BD49-348ED894813F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm7325p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4BEC725F-19B1-4078-B13D-CE624BE23344" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm7325p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4EA43E38-A12D-49C3-B05C-A2AF07ED2710" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_778g_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EB958799-6C95-4066-A564-2440B94EA064" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_778g_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3AEA9DD8-681B-48A9-A2E9-8F81DA4C5276" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_778g\\+_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "60CB441C-DCC6-4AF9-B3E6-6DE6305D3AAE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_778g\\+_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "44884D15-3D35-4D97-BEFE-995C573F12E8" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_780g_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "481E3382-E1DB-45A6-9FF7-B86712DFBF0D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_780g_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CF847CB8-B3E7-4371-B531-BA82B686AA1F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_782g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9D264E36-5E39-4ABD-B05D-153C852CE40B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_782g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "80322365-61A2-4B55-932E-F2B678F8C3C6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_7c\\+_gen_3_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9749871B-A555-4FAA-82F8-E46B95AC0F25" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_7c\\+_gen_3:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E0318A41-2E92-4C83-BB9D-68BC68E574BC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_8_gen_1_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "985A7570-846E-4ED8-8EF0-E529231CE0B1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_8_gen_1:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2BB1B4D9-EAE6-4395-8B8A-C97F15A64DFA" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_8\\+_gen_1_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A7504F41-E4C8-4C43-AA65-C7F67C01E105" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_8\\+_gen_1:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5435FC83-8EA3-4F96-B109-4A6DC9CF952B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_865_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "713B1CB7-985F-49F4-A5A7-23DFD0F4EA04" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_865_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1D7467AE-2EC2-4D9C-9D9C-83BAE7AE48CD" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_865\\+_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7F15FC88-6366-4210-A949-75A3890476B2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_865\\+_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "711C5A1C-F67B-4BE2-BFE7-C86E716F85E2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_870_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B6D89373-04BA-4DD4-A0D0-A45AF93FA7AB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_870_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FE485ADB-9A68-41AE-BBA8-242AC27263DD" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_888_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4DB133AD-4616-4B0E-82D3-6F579F871D84" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_888_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C5C49373-6BDA-4465-B2A3-D0E9C29452BD" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_888\\+_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5C520263-AE1E-42FF-8F93-9BB2ACC2882B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_888\\+_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "01316BA6-3E0F-470B-A675-6AC22D2E408D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180x-ad_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2802A422-CCEA-4634-B164-09AC35C00C2F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180x-ad:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8AB65F7E-6921-44AA-8B2C-C4814BD51A7F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180xp-ad_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E7EB4CA4-CEAF-4D8C-AE28-5373CC5E46D7" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180xp-ad:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9B12A03C-20D1-452A-99E6-BA94C02BA982" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180x-aa_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "89811F0E-0226-4657-B0E0-5C03FAAEE0AF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180x-aa:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FD6A5576-6766-4E65-A8C1-7215DC0EC128" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180x-ab_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "797F1912-4F43-4CA6-83DA-620C4623CB94" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180x-ab:-:*:*:*:*:*:*:*", - "matchCriteriaId": "419CEB14-21A1-4B9B-A2E7-C5F76FED07D8" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180xp-ac_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "61C77656-153F-4DA8-9C7C-BCAAFD25E0A7" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180xp-ac:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0DFDC9D5-81AB-4B4E-AB78-691B8A389C86" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180xp-af_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3B7DFFD6-92C7-4042-BD8F-D3E6FDB7958C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180xp-af:-:*:*:*:*:*:*:*", - "matchCriteriaId": "007B494C-4AAD-4E74-BD16-C62A643BC241" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180x-ac_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EEC4BF9B-2B98-44FF-9B81-25C10AB71E24" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180x-ac:-:*:*:*:*:*:*:*", - "matchCriteriaId": "02C5409B-4D98-4F3D-9902-41A5394342C9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180x-af_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1B66319C-184B-4417-85D6-4F8AB51B578E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180x-af:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F7C8DA78-9E96-4140-961F-B2BD80ACCE54" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180xp-aa_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "53AE3110-9F78-45E8-BAD9-2C63ACD7489B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180xp-aa:-:*:*:*:*:*:*:*", - "matchCriteriaId": "819D5879-EE22-4E6B-B401-D02F7FC68679" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180xp-ab_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6EBD06A6-7156-4363-AECB-6CA872008B54" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180xp-ab:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FFEBF216-405D-462B-9345-3146315F6744" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8280xp-ab_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CD602832-D779-4A1E-9CE6-5E720FB1C509" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8280xp-ab:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6E162204-0481-4508-96A0-BCD8D9954E46" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8280xp-bb_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "30FD02EE-E958-4189-AF2C-1691DABA7810" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8280xp-bb:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6C28135D-DA47-4815-9240-EEEE4D42A101" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_ar2_gen_1_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7BB4A33E-6647-447E-BDA3-24246D49C5DD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_ar2_gen_1:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1046CC3E-FB12-4527-9978-DCC40EEE8938" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_auto_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "901F9968-53C6-4A19-87C8-5FC90A74DF30" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_auto_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E57A7FD9-3849-4420-95BD-905C701E6213" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_x55_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "50081C21-0E3C-451C-B5D9-BFA6763FC92A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_x55_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F8D443BF-15A5-4984-972B-0BC5BEDC835B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_x65_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "193DA42A-82EE-4536-A4B4-B6ED03F0D0D8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_x65_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "38044A2F-02C8-458A-AA28-42FE87ED6F8A" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_xr2_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "665811D8-F648-4F32-A375-FAF9C9E928B3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_xr2_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2A537932-6EAD-411B-83FF-48CF050F603A" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_xr2\\+_gen_1_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FD779739-5919-43A9-B949-D1FB4A46FA11" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_xr2\\+_gen_1:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BDA3083D-C664-45C7-98CD-E90223F887A8" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_auto_4g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BDDA8319-911D-4689-A28B-AD70EBB23BB2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_auto_4g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1E3EAFB7-3581-45F8-81F6-3EBFDD12D842" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ssg2115p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A146E52D-4AFC-47B4-920F-DAC76077DF25" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ssg2115p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2BA4BA00-C8D1-4DAC-8030-CB5EEC7D4591" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ssg2125p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EA41907C-1CDE-42F3-B21D-5D53B2F06AF7" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ssg2125p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EDC270A7-205C-41EB-A2E5-2A381A16BFBB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sxr1230p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BE3236D6-0D01-4D05-B580-8888B99BAA5D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sxr1230p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7E1753FC-F3CD-4B50-886D-8E16D9301A84" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sxr2130_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9F9FA3B1-E4E4-4D9B-A99C-7BF958D4B993" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sxr2130:-:*:*:*:*:*:*:*", - "matchCriteriaId": "95762B01-2762-45BD-8388-5DB77EA6139C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sxr2230p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CD6444F6-A477-4B4C-8A09-C22C47CCE45B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sxr2230p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F3E20681-4FC4-46E2-AF77-BCF03BC8E77E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9340_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8BA28CC6-C8BB-4F50-BFE3-A59F664A4F54" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9340:-:*:*:*:*:*:*:*", - "matchCriteriaId": "94D2BDF1-764C-48BA-8944-3275E8768078" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9341_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CE852339-1CAE-4983-9757-8F00EDEF1141" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9341:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4D9E96B3-F1BB-46F8-B715-7DF90180F1E1" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9360_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C4D6C6B2-36DC-4D0D-AFF8-2108A090A78D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9360:-:*:*:*:*:*:*:*", - "matchCriteriaId": "28FEB3B1-F641-436D-AC4F-3304C37167C4" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1295D869-F4DD-4766-B4AA-3513752F43B4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9370:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B98784DC-3143-4D38-AD28-DBBDCCAB4272" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9375_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "34143ABA-7D09-429F-A65C-3A33438BF62C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9375:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9D56DFE3-5EF1-4B23-BBD5-0203FBF9CCEC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "70292B01-617F-44AD-AF77-1AFC1450523D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FA94C6D6-85DB-4031-AAF4-C399019AE16D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "92B17201-8185-47F1-9720-5AB4ECD11B22" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E1FA2EB9-416F-4D69-8786-386CC73978AE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3950_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3FEF2DB6-00F5-4B07-953B-EF58B31267F1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3950:-:*:*:*:*:*:*:*", - "matchCriteriaId": "120E8F0F-EBEB-4565-9927-2D473F783EF7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9C6E9038-9B18-4958-BE1E-215901C9B4B2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3980:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B36D3274-F8D0-49C5-A6D5-95F5DC6D1950" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn6740_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FB5DB2B8-25E1-4C0F-8AFB-7627FF9A04E1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn6740:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9BB21B3F-6D07-4B45-8A71-DC5490176296" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "15307882-7039-43E9-9BA3-035045988B99" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA85B322-E593-4499-829A-CC6D70BAE884" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E839A0B9-64C3-4C7A-82B7-D2AAF65928F8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7E870D82-DE3B-4199-A730-C8FB545BAA98" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "11B69595-E488-4590-A150-CE5BE08B5E13" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BF680174-5FA6-47D9-8EAB-CC2A37A7BD42" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7ACAD26E-B79E-4659-91A5-D301281F7D36" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8832:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F0E46DA6-9494-4D92-A4AE-A272AF6ACCCC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F80BC68E-7476-4A40-9F48-53722FE9A5BF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6B36F4B2-BAA3-45AD-9967-0EB482C99708" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.qualcomm.com\/company\/product-security\/bulletins\/september-2023-bulletin", - "source": "product-security@qualcomm.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-28581", - "sourceIdentifier": "product-security@qualcomm.com", - "published": "2023-09-05T07:15:14.247", - "lastModified": "2024-04-12T17:17:12.083", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Memory corruption in WLAN Firmware while parsing receieved GTK Keys in GTK KDE." - }, - { - "lang": "es", - "value": "Corrupción de la memoria en el WLAN Firmware mientras analiza claves GTK recibidas en GTK KDE." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL" - }, - "exploitabilityScore": 3.9, - "impactScore": 5.9 - }, - { - "source": "product-security@qualcomm.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL" - }, - "exploitabilityScore": 3.9, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-787" - } - ] - }, - { - "source": "product-security@qualcomm.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-119" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:fastconnect_6800_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D89F035A-2388-48FC-AEBB-8429C6880F4A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:fastconnect_6800:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CA13EF4E-AAE6-45F4-9E41-78310E37CE81" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E670F500-9B71-4BBE-B5DA-221D35803C89" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:fastconnect_6900:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9ADEB5C5-B79A-4F45-B7D3-75945B38DB6C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B3053D68-C5D8-4D47-A4F0-9F3AF2289E1D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:fastconnect_7800:-:*:*:*:*:*:*:*", - "matchCriteriaId": "638DBC7F-456F-487D-BED2-2214DFF8BEE2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6391_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "83B53119-1B2F-4978-B7F5-33B84BE73B68" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6391:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6FEBC0C5-CAA1-475C-96C2-B8D24B2E4536" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6426_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A344E78F-D15A-460E-8EF8-7C6FC39F2D5E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6426:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8FF5EC23-4884-4C2B-8E77-50B1E8E28A3D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6436_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "04F574BC-9AB2-4B83-A466-556ECEBBD3DF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6436:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A34D021D-C043-4EFD-9AB3-B2174528CBA3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd_8_gen1_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "76910884-45D9-4EA2-BA30-44A8C7CC1339" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd_8_gen1_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "33D393A6-4586-4416-86EB-F9D86DC3DED8" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd865_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "72433485-B229-46A6-BCA4-394AA4EEA683" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd865_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "04D40EC4-BF31-4BFD-8D0A-8193F541AF02" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_8_gen_1_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "985A7570-846E-4ED8-8EF0-E529231CE0B1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_8_gen_1:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2BB1B4D9-EAE6-4395-8B8A-C97F15A64DFA" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_865_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "713B1CB7-985F-49F4-A5A7-23DFD0F4EA04" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_865_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1D7467AE-2EC2-4D9C-9D9C-83BAE7AE48CD" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_865\\+_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7F15FC88-6366-4210-A949-75A3890476B2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_865\\+_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "711C5A1C-F67B-4BE2-BFE7-C86E716F85E2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_870_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B6D89373-04BA-4DD4-A0D0-A45AF93FA7AB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_870_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FE485ADB-9A68-41AE-BBA8-242AC27263DD" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_ar2_gen_1_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7BB4A33E-6647-447E-BDA3-24246D49C5DD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_ar2_gen_1:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1046CC3E-FB12-4527-9978-DCC40EEE8938" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_xr2_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "665811D8-F648-4F32-A375-FAF9C9E928B3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_xr2_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2A537932-6EAD-411B-83FF-48CF050F603A" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ssg2115p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A146E52D-4AFC-47B4-920F-DAC76077DF25" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ssg2115p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2BA4BA00-C8D1-4DAC-8030-CB5EEC7D4591" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ssg2125p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EA41907C-1CDE-42F3-B21D-5D53B2F06AF7" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ssg2125p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EDC270A7-205C-41EB-A2E5-2A381A16BFBB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sxr1230p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BE3236D6-0D01-4D05-B580-8888B99BAA5D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sxr1230p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7E1753FC-F3CD-4B50-886D-8E16D9301A84" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sxr2230p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CD6444F6-A477-4B4C-8A09-C22C47CCE45B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sxr2230p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F3E20681-4FC4-46E2-AF77-BCF03BC8E77E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "70292B01-617F-44AD-AF77-1AFC1450523D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FA94C6D6-85DB-4031-AAF4-C399019AE16D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "92B17201-8185-47F1-9720-5AB4ECD11B22" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E1FA2EB9-416F-4D69-8786-386CC73978AE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn6740_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FB5DB2B8-25E1-4C0F-8AFB-7627FF9A04E1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn6740:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9BB21B3F-6D07-4B45-8A71-DC5490176296" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "15307882-7039-43E9-9BA3-035045988B99" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA85B322-E593-4499-829A-CC6D70BAE884" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E839A0B9-64C3-4C7A-82B7-D2AAF65928F8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7E870D82-DE3B-4199-A730-C8FB545BAA98" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "11B69595-E488-4590-A150-CE5BE08B5E13" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BF680174-5FA6-47D9-8EAB-CC2A37A7BD42" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7ACAD26E-B79E-4659-91A5-D301281F7D36" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8832:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F0E46DA6-9494-4D92-A4AE-A272AF6ACCCC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F80BC68E-7476-4A40-9F48-53722FE9A5BF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6B36F4B2-BAA3-45AD-9967-0EB482C99708" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.qualcomm.com\/company\/product-security\/bulletins\/september-2023-bulletin", - "source": "product-security@qualcomm.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-28584", - "sourceIdentifier": "product-security@qualcomm.com", - "published": "2023-09-05T07:15:14.323", - "lastModified": "2024-04-12T17:17:12.277", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Transient DOS in WLAN Host when a mobile station receives invalid channel in CSA IE while doing channel switch announcement (CSA)." - }, - { - "lang": "es", - "value": "Un ataque de denegación de servicio (DOS) en WLAN host cuando una estación móvil recibe un canal no válido en CSA IE mientras realiza el anuncio de cambio de canal (CSA)." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:N\/I:N\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "availabilityImpact": "HIGH", - "baseScore": 7.5, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - }, - { - "source": "product-security@qualcomm.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:N\/I:N\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "availabilityImpact": "HIGH", - "baseScore": 7.5, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "NVD-CWE-noinfo" - } - ] - }, - { - "source": "product-security@qualcomm.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-285" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:aqt1000_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EC6FCE91-BF38-49ED-8FFB-429BAFEE7832" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:aqt1000:-:*:*:*:*:*:*:*", - "matchCriteriaId": "715A9F94-5F9E-45E5-B07B-699410C01478" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:csrb31024_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1EBF42F8-50BA-4172-A3A0-7FD1BA4B3ED3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:csrb31024:-:*:*:*:*:*:*:*", - "matchCriteriaId": "770F3924-BE27-4BDE-B922-680B3C9753EB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:fastconnect_6200_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CDE1CBDE-3D28-463C-B215-AA7DF373EF09" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:fastconnect_6200:-:*:*:*:*:*:*:*", - "matchCriteriaId": "66BD3B88-7CF9-482D-A2DD-67F6ACF4CC57" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:fastconnect_6700_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "82B82E87-F3F4-466F-A76B-C8809121FF6F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:fastconnect_6700:-:*:*:*:*:*:*:*", - "matchCriteriaId": "419A132E-E42C-4395-B74B-788A39DF1D13" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E670F500-9B71-4BBE-B5DA-221D35803C89" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:fastconnect_6900:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9ADEB5C5-B79A-4F45-B7D3-75945B38DB6C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B3053D68-C5D8-4D47-A4F0-9F3AF2289E1D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:fastconnect_7800:-:*:*:*:*:*:*:*", - "matchCriteriaId": "638DBC7F-456F-487D-BED2-2214DFF8BEE2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qam8255p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3723C7B1-A7E2-401F-8D6D-189350F6BCA5" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qam8255p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B12B89EF-7B12-481E-BCBC-F12B9D16321A" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qam8295p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C2D9E281-B382-41AC-84CB-5B1063E5AC51" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qam8295p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "44EBEBD5-98C3-493B-A108-FD4DE6FFBE97" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6310_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "62DC4FBB-D9CB-43EB-829E-0A892306D0E2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6310:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5B0F8ED6-EAE7-44EA-A8C6-F5AD408261F0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6320_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "886CF046-E1D9-4FD4-AC02-EAB61C3F70FD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6320:-:*:*:*:*:*:*:*", - "matchCriteriaId": "059486E9-3F99-4C65-A763-470564EDAF2C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6420_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7E16994A-6DBA-426C-ADD2-B1E8B49FEDBF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6420:-:*:*:*:*:*:*:*", - "matchCriteriaId": "47E674DE-55AB-44E5-8E00-C804FC9D4DC0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6430_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "95AFC483-1468-43FC-96FA-A56165C290E0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6430:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0A963FDF-6FF4-4F48-834E-2A14D241716D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6554a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0B1397F3-8CCF-4BBA-9F0F-A12E4F045754" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6554a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F5888224-567D-4C84-BE6D-17B636BF506C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6564au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B59672A0-2FA6-46CC-B75A-C599B842AFB9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6564au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3847F4A5-90A5-4C84-B43F-0DDD81BD79CE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6574_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9B828AC8-4A01-4537-B2BD-8180C99F5C32" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6574:-:*:*:*:*:*:*:*", - "matchCriteriaId": "66C16E1E-9D4A-4F20-B697-833FDCCA86FB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6574a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "828CFB37-76A6-4927-9D00-AF9A1C432DD6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6574a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "11405993-5903-4716-B452-370281034B42" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6574au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D527E2B1-2A46-4FBA-9F7A-F5543677C8FB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6574au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8374DDB3-D484-4141-AE0C-42333D2721F6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6584au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C3DDA896-576C-44B8-85B6-F71F473F776B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6584au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "51A87BDA-5B24-4212-BAB3-D2BBB2F4162E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6595_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "643EC76D-2836-48E6-81DA-78C4883C33CA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6595:-:*:*:*:*:*:*:*", - "matchCriteriaId": "477F6529-4CE1-44FC-B6EE-D24D44C71AE7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6595au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "288F637F-22F8-47CF-B67F-C798A730A1BD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6595au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D0996EA3-1C92-4933-BE34-9CF625E59FE7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6696_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0AE207DB-9770-40ED-961D-FDA75965826F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6696:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0E23922D-C37F-476F-A623-4C1458A9156F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6698aq_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5FA1F8F4-EAF2-4704-A8A6-19AD3CA1B577" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6698aq:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B3F7853D-09EE-476F-B48D-BB30AEB4A67D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6797aq_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "797295C2-535C-46A9-A725-E1A5405F0436" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6797aq:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8BFC575E-594E-4711-94B1-2DC8D03B9AC4" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcm4325_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F2D8044B-D4E5-4174-A0FB-478F8434EE8F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcm4325:-:*:*:*:*:*:*:*", - "matchCriteriaId": "163FE96E-DF5B-4B67-8EDE-44A5B9A8492D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcm4490_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DA506489-4338-44DF-8F92-12E60AF0048C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcm4490:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A8718C37-A82A-4A08-A887-3F22B37601A9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs410_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DC43BB27-0516-4750-A4C2-C45298441398" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs410:-:*:*:*:*:*:*:*", - "matchCriteriaId": "969585DE-93D6-4406-A632-D838ECD4D5AD" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs4490_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3336CDD7-9E7B-4FFB-A5CE-594B19B63A6C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs4490:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1197E229-1E27-4CA3-A386-B77FAE5DFE1A" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs610_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E634F59C-6817-4898-A141-082044E66836" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs610:-:*:*:*:*:*:*:*", - "matchCriteriaId": "29762819-EC90-499C-A8C6-1423DE3FE6B9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs8550_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FFF23DDB-98A0-4343-ADD3-5AB9C2383E7E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs8550:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5ACB8AFB-5B91-4AA1-BA3A-1AF0B3503080" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa4150p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0DC99C0C-8AE3-4918-B91D-2C26990FE931" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa4150p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A558A868-1B67-48D2-8A94-FDEA7126FAE7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6155p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8DC40C14-3B2D-4E00-9E0F-86E6BDBF2D81" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6155p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0514D433-162C-4680-8912-721D19BE6201" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8155p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C8648B38-2597-401A-8F53-D582FA911569" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8155p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A01CD59B-8F21-4CD6-8A1A-7B37547A8715" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8195p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "51BC0A66-493B-43BE-B51F-640BDF2FF32E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8195p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D8DA4D12-7ABF-4A04-B44E-E1D68C8E58AB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8255p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EC6E268D-C4AF-4950-9223-39EA36D538A8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8255p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "073C1A81-D02B-4F2F-9378-CD1B2DCE0E5B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8295p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2A19659B-A0C3-44B7-8D54-BA21729873A4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8295p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F978041A-CE28-4BDF-A7DB-F0360F1A5F14" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd_8_gen1_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "76910884-45D9-4EA2-BA30-44A8C7CC1339" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd_8_gen1_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "33D393A6-4586-4416-86EB-F9D86DC3DED8" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd835_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9DA605FD-B801-43BB-B52D-879013F7F57E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd835:-:*:*:*:*:*:*:*", - "matchCriteriaId": "908BFD96-0423-4AFC-B8F3-105B2D5B4C73" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd855_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "42B30014-95AB-4F24-A7A5-60A907502609" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd855:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F562ED3D-CBE3-4DCC-BFBB-DE0AD2425A9C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sg4150p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9279F02F-6C30-4891-8941-97003DE9C8C7" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sg4150p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FFA7BB42-305C-451F-92D8-0718DF68A012" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm4450_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8F57DB5E-863C-4CA1-B7C0-DD8FCA50F835" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm4450:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6E3F3930-3C47-4A0D-ADC2-2641AE1CC02C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_680_4g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A7C981FE-CD14-4DA0-86FE-94C34B490A36" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_680_4g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CC7A9678-01AD-4CCE-BD3E-DD0FDD7E246A" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_685_4g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CD0989BA-DEBC-4B45-AC3A-F2033C17B93A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_685_4g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5CF03844-5ECE-4738-9DD3-E7F690679A06" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_8_gen_1_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "985A7570-846E-4ED8-8EF0-E529231CE0B1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_8_gen_1:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2BB1B4D9-EAE6-4395-8B8A-C97F15A64DFA" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_8\\+_gen_1_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A7504F41-E4C8-4C43-AA65-C7F67C01E105" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_8\\+_gen_1:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5435FC83-8EA3-4F96-B109-4A6DC9CF952B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_835_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D712ED25-1364-40C4-94F8-DC18D1DDCC66" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_835:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4FE45292-C833-4461-97CE-6A039A29901D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_855_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B5501670-56E2-48B6-ACFC-67F908D5ECCA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_855:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C3AB9254-8202-411C-9700-C2739D9C317C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_855\\+_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "06165461-2AA0-4306-8F72-C8F6A9D5113A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_855\\+:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D95A0D7F-8A18-46A1-B420-2DF65E03B60C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_860_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "47D193F3-8369-4253-B46A-07DC2D4CC19D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_860:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DCAFB57B-87C0-45EA-9F8D-1818AF187D35" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_ar2_gen_1_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7BB4A33E-6647-447E-BDA3-24246D49C5DD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_ar2_gen_1:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1046CC3E-FB12-4527-9978-DCC40EEE8938" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_auto_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "901F9968-53C6-4A19-87C8-5FC90A74DF30" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_auto_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E57A7FD9-3849-4420-95BD-905C701E6213" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_auto_4g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BDDA8319-911D-4689-A28B-AD70EBB23BB2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_auto_4g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1E3EAFB7-3581-45F8-81F6-3EBFDD12D842" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ssg2115p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A146E52D-4AFC-47B4-920F-DAC76077DF25" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ssg2115p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2BA4BA00-C8D1-4DAC-8030-CB5EEC7D4591" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ssg2125p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EA41907C-1CDE-42F3-B21D-5D53B2F06AF7" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ssg2125p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EDC270A7-205C-41EB-A2E5-2A381A16BFBB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sxr1230p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BE3236D6-0D01-4D05-B580-8888B99BAA5D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sxr1230p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7E1753FC-F3CD-4B50-886D-8E16D9301A84" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sxr2230p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CD6444F6-A477-4B4C-8A09-C22C47CCE45B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sxr2230p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F3E20681-4FC4-46E2-AF77-BCF03BC8E77E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9335_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "28717583-463A-468A-8073-ECF0F90585F6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9335:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4D1A7188-7D5D-4D46-AEAB-08BA84FFF539" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9340_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8BA28CC6-C8BB-4F50-BFE3-A59F664A4F54" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9340:-:*:*:*:*:*:*:*", - "matchCriteriaId": "94D2BDF1-764C-48BA-8944-3275E8768078" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9341_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CE852339-1CAE-4983-9757-8F00EDEF1141" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9341:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4D9E96B3-F1BB-46F8-B715-7DF90180F1E1" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1295D869-F4DD-4766-B4AA-3513752F43B4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9370:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B98784DC-3143-4D38-AD28-DBBDCCAB4272" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9375_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "34143ABA-7D09-429F-A65C-3A33438BF62C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9375:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9D56DFE3-5EF1-4B23-BBD5-0203FBF9CCEC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "70292B01-617F-44AD-AF77-1AFC1450523D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FA94C6D6-85DB-4031-AAF4-C399019AE16D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "92B17201-8185-47F1-9720-5AB4ECD11B22" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E1FA2EB9-416F-4D69-8786-386CC73978AE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3950_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3FEF2DB6-00F5-4B07-953B-EF58B31267F1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3950:-:*:*:*:*:*:*:*", - "matchCriteriaId": "120E8F0F-EBEB-4565-9927-2D473F783EF7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9C6E9038-9B18-4958-BE1E-215901C9B4B2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3980:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B36D3274-F8D0-49C5-A6D5-95F5DC6D1950" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3988_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E4BFB25F-013B-48E3-99FF-3E8687F94423" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3988:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BF676C5B-838B-446C-A689-6A25AB8A87E2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3990_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2744A053-5BD9-45A9-A2FC-791BCA0CCD4C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3990:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D5F28E29-520F-469E-B048-62DE2EF07ADD" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn6740_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FB5DB2B8-25E1-4C0F-8AFB-7627FF9A04E1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn6740:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9BB21B3F-6D07-4B45-8A71-DC5490176296" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "15307882-7039-43E9-9BA3-035045988B99" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA85B322-E593-4499-829A-CC6D70BAE884" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E839A0B9-64C3-4C7A-82B7-D2AAF65928F8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7E870D82-DE3B-4199-A730-C8FB545BAA98" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "11B69595-E488-4590-A150-CE5BE08B5E13" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BF680174-5FA6-47D9-8EAB-CC2A37A7BD42" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7ACAD26E-B79E-4659-91A5-D301281F7D36" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8832:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F0E46DA6-9494-4D92-A4AE-A272AF6ACCCC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F80BC68E-7476-4A40-9F48-53722FE9A5BF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6B36F4B2-BAA3-45AD-9967-0EB482C99708" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.qualcomm.com\/company\/product-security\/bulletins\/september-2023-bulletin", - "source": "product-security@qualcomm.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-33015", - "sourceIdentifier": "product-security@qualcomm.com", - "published": "2023-09-05T07:15:14.407", - "lastModified": "2024-04-12T17:17:12.467", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Transient DOS in WLAN Firmware while interpreting MBSSID IE of a received beacon frame." - }, - { - "lang": "es", - "value": "Un ataque de denegación de servicio (DOS) en el firmware WLAN mientras interpreta MBSSID IE de un beacon frame recibido." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:N\/I:N\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "availabilityImpact": "HIGH", - "baseScore": 7.5, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - }, - { - "source": "product-security@qualcomm.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:N\/I:N\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "availabilityImpact": "HIGH", - "baseScore": 7.5, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-125" - } - ] - }, - { - "source": "product-security@qualcomm.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-126" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:315_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7B0FA784-622C-4574-B8B1-7DF484E51C21" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:315_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9AC069C0-C60F-4AF8-8EEF-0959C5A52BEA" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:aqt1000_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EC6FCE91-BF38-49ED-8FFB-429BAFEE7832" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:aqt1000:-:*:*:*:*:*:*:*", - "matchCriteriaId": "715A9F94-5F9E-45E5-B07B-699410C01478" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ar8035_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C88B9C86-2E8E-4DCE-A30C-02977CC00F00" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ar8035:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EE473A5A-5CFC-4F08-A173-30717F8BD0D7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ar9380_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B032F871-3EC2-427D-A06F-681A58075925" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ar9380:-:*:*:*:*:*:*:*", - "matchCriteriaId": "73286FFB-C267-46B7-8FEF-C96534656AF9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:csr8811_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D4CAA848-413D-4C63-823B-BFCE95C7740C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:csr8811:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1AA32CC0-DE30-4B15-8EC6-1FAF14C5C4E2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:csrb31024_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1EBF42F8-50BA-4172-A3A0-7FD1BA4B3ED3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:csrb31024:-:*:*:*:*:*:*:*", - "matchCriteriaId": "770F3924-BE27-4BDE-B922-680B3C9753EB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:fastconnect_6200_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CDE1CBDE-3D28-463C-B215-AA7DF373EF09" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:fastconnect_6200:-:*:*:*:*:*:*:*", - "matchCriteriaId": "66BD3B88-7CF9-482D-A2DD-67F6ACF4CC57" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:fastconnect_6700_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "82B82E87-F3F4-466F-A76B-C8809121FF6F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:fastconnect_6700:-:*:*:*:*:*:*:*", - "matchCriteriaId": "419A132E-E42C-4395-B74B-788A39DF1D13" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:fastconnect_6800_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D89F035A-2388-48FC-AEBB-8429C6880F4A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:fastconnect_6800:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CA13EF4E-AAE6-45F4-9E41-78310E37CE81" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E670F500-9B71-4BBE-B5DA-221D35803C89" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:fastconnect_6900:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9ADEB5C5-B79A-4F45-B7D3-75945B38DB6C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B3053D68-C5D8-4D47-A4F0-9F3AF2289E1D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:fastconnect_7800:-:*:*:*:*:*:*:*", - "matchCriteriaId": "638DBC7F-456F-487D-BED2-2214DFF8BEE2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:flight_rb5_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AD5C60F1-5B7F-4AB0-9863-720A1972563E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:flight_rb5_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C43A4F08-1E8A-4CEF-8E61-4152ED78E600" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:immersive_home_214_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8C7CEC6E-D316-4A89-BB58-003C2E3369FD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:immersive_home_214:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA5A801F-F95E-4E6F-AE6A-9F3D112FA69C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:immersive_home_216_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "779827C5-93CF-45BE-827C-F8B4443AE302" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:immersive_home_216:-:*:*:*:*:*:*:*", - "matchCriteriaId": "30EB0454-57C1-4054-BB62-ADC31817D254" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:immersive_home_316_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C7FCC903-A4B0-4462-9D1D-9B7B767D4607" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:immersive_home_316:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E1725FFF-665F-4569-996C-31A0BB094D4F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:immersive_home_318_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "87655E53-09B3-4BC0-8BB4-1E4F0FFAE15F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:immersive_home_318:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BA1B1C6F-9195-4B94-9AAB-7E3EA6275F62" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq4018_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1D65E62B-95CA-4229-A61B-F4FB70466B6E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq4018:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1339CEEF-34C9-426E-864B-6C7B68E72CAA" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq4028_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3525CD2A-CE43-4B42-B8C2-9B19B2551214" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq4028:-:*:*:*:*:*:*:*", - "matchCriteriaId": "010DBDB1-F1A3-4805-BDD2-84CBFA0A0BE1" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq4029_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3D21F293-B9C7-46CB-8D83-BEE27E899BC3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq4029:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C4BA4D00-D7B2-4152-BD82-E6F572655AF3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq5010_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8543C671-054B-489F-ACFE-B7D7BEC1DEE6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq5010:-:*:*:*:*:*:*:*", - "matchCriteriaId": "15C5F8CB-3291-4E13-94F0-680FC85A9669" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq5028_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5AE3085F-59BE-46A0-9A96-65CFAB7DFEAE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq5028:-:*:*:*:*:*:*:*", - "matchCriteriaId": "825524E0-BB01-4CAD-9F65-95E096467D28" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq6010_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A5CF970F-17AE-4C59-89A5-5B41A41E1DE0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq6010:-:*:*:*:*:*:*:*", - "matchCriteriaId": "71C54A70-AAA8-4B5E-AC1B-471A5C7E79B0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq6018_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B04589FF-F299-4EF6-A57B-1AD145372DBB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq6018:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FDC1ADAD-DA77-47EF-8DB9-C36961C560C2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq6028_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "06126F30-D081-4A11-92FB-4074A451FAF9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq6028:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E2550040-CCC7-4B52-8D3E-7948B3E3C62B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8064_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7A1CC1C1-F2CA-4C43-B9E9-1288C3496C7B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8064:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AC82552A-9E7C-4A13-B7A5-43CEA218675C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8065_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9F37542D-35FD-4B15-8882-DD7543FF4E3D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8065:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1A7A9919-4B34-4960-ADC7-04A176579B80" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8068_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A3CB8796-7976-4077-BFF3-04DAEF5C8DDF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8068:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E848E5C5-F6C6-4FA1-93A6-C7737D69BB15" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8069_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C818E621-4286-485B-96E3-AB485F16BD8D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8069:-:*:*:*:*:*:*:*", - "matchCriteriaId": "87CFC07B-1F10-4AC8-85D8-5BE76FE35FB3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8070_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C670A4C5-1F17-4F1E-91DC-A33A9BA8878A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8070:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ACC9F136-90A7-486F-AF2A-EC60125E5AF8" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8070a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "711FC14F-4DED-4F90-9BA5-0036537E6DCF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8070a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "302F06C0-4835-4CD6-B745-BF7B704C3C86" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8071a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "623ED6A2-EE37-458E-BEFA-8BAD08256AE8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8071a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "53449B68-4C58-4AEB-82B7-72726ADE0E2C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8072a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "93E5DB9B-F388-49F3-ABD5-CE773FC4B045" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8072a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0137E60A-1869-479C-9B4B-378E5FCCBA1D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8074_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2914BF98-E69C-4C8D-8B10-759642ADD7B4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8074:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2118C404-402F-463C-8160-3CC3B703DF30" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8074a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5C7691C2-C4F8-4F23-9B5F-5E8FE0E2293E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8074a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "02BF2E50-E2A4-44FF-9748-ED96C0C1AB5F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8076_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "966392A8-DD8E-4AA1-B407-5BF2D937139E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8076:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A211C022-8EDF-4B76-89D6-599812900446" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8076a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EF245F8E-C056-4BEF-982E-9616F8C65CD6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8076a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CE302EF9-165F-47F9-B0D6-BE1E3D8C6C65" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8078_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A24951FD-C4AB-4988-A1DD-019412430AC6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8078:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EFEC5D65-C1E3-40ED-9FE3-8DF888CA2654" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8078a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DF609C6C-CD50-423A-A75E-83C730296089" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8078a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B8B35C18-9A01-41E1-8CE9-D8FA7E4A25ED" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8173_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8890C528-C2A3-4148-A397-85B63FB920C4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8173:-:*:*:*:*:*:*:*", - "matchCriteriaId": "81494D75-1D4D-4DC5-AF67-F83FD562DBB9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8174_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6BB84228-3083-4048-8E83-E1F30B537223" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8174:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EB58F259-62BA-40B9-BD71-960F25D20BED" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:pmp8074_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F9B58B4E-86B7-4EB2-B78A-5E35FBA4A4FF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:pmp8074:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0EF03806-39CD-4B54-BA5C-D1C808E46621" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qam8255p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3723C7B1-A7E2-401F-8D6D-189350F6BCA5" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qam8255p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B12B89EF-7B12-481E-BCBC-F12B9D16321A" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qam8295p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C2D9E281-B382-41AC-84CB-5B1063E5AC51" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qam8295p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "44EBEBD5-98C3-493B-A108-FD4DE6FFBE97" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca1062_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7B3F80BD-90EA-4207-BCB2-5E5CE80B599A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca1062:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AEB9196D-4EE0-4978-8A80-C21B5DC0CF21" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca1064_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CBC2C38C-5D5F-49CB-8DF5-35974D13B40B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca1064:-:*:*:*:*:*:*:*", - "matchCriteriaId": "365FE873-2311-44B8-B699-4B2F3459B0B2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca2062_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "54C350AB-526B-4681-9C37-DD508EFFB143" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca2062:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1ACBDBFC-796A-428E-9570-77E488FA1CB3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca2064_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E73670B4-1055-4C65-AD34-EB978ABB19A6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca2064:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C774D66F-60C9-46B8-BE1D-B8D61EE5E844" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca2065_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8C68AE99-4C8C-43AE-94AA-82632FD2BBE4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca2065:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E255A21F-EC50-436F-81D9-8B2AC56D9BCE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca2066_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6366F2ED-C6B7-4579-B304-C5B6DF951EB4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca2066:-:*:*:*:*:*:*:*", - "matchCriteriaId": "09B688AF-E1A4-496C-924C-D6B725CBBE26" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca4024_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C359D1E7-6E0A-41B5-ABE5-B55598960700" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca4024:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B4DC3CE7-0C4A-458B-A42E-8F80C062DD5F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6310_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "62DC4FBB-D9CB-43EB-829E-0A892306D0E2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6310:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5B0F8ED6-EAE7-44EA-A8C6-F5AD408261F0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6335_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "966CDA56-809F-4FF4-909D-0DD92F44CF67" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6335:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C90747B4-2CC0-4816-A994-58E00F5ADA05" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6391_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "83B53119-1B2F-4978-B7F5-33B84BE73B68" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6391:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6FEBC0C5-CAA1-475C-96C2-B8D24B2E4536" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6420_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7E16994A-6DBA-426C-ADD2-B1E8B49FEDBF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6420:-:*:*:*:*:*:*:*", - "matchCriteriaId": "47E674DE-55AB-44E5-8E00-C804FC9D4DC0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6421_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "503CEDEF-99D0-4432-88A0-295340743606" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6421:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CE9115A0-0D87-49BE-9A9B-091DBF8D9E6E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6426_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A344E78F-D15A-460E-8EF8-7C6FC39F2D5E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6426:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8FF5EC23-4884-4C2B-8E77-50B1E8E28A3D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6428_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8B9382B5-AEB1-41E6-9F25-B0EDC95363C9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6428:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BDFC0DFF-F13A-4804-890C-99AFA0C56D62" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6430_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "95AFC483-1468-43FC-96FA-A56165C290E0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6430:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0A963FDF-6FF4-4F48-834E-2A14D241716D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6431_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "76FD6A24-B6F4-4C65-968F-AFF90A1A60B8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6431:-:*:*:*:*:*:*:*", - "matchCriteriaId": "34661A30-92C3-4F0D-ABD1-8DA8E928DFF9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6436_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "04F574BC-9AB2-4B83-A466-556ECEBBD3DF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6436:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A34D021D-C043-4EFD-9AB3-B2174528CBA3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6438_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F8D7658D-692D-4873-8D41-7682E9ECAEB3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6438:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DB8993C2-1E06-4ACF-B1E8-A62D89EBF4A0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6554a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0B1397F3-8CCF-4BBA-9F0F-A12E4F045754" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6554a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F5888224-567D-4C84-BE6D-17B636BF506C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6564au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B59672A0-2FA6-46CC-B75A-C599B842AFB9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6564au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3847F4A5-90A5-4C84-B43F-0DDD81BD79CE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6574_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9B828AC8-4A01-4537-B2BD-8180C99F5C32" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6574:-:*:*:*:*:*:*:*", - "matchCriteriaId": "66C16E1E-9D4A-4F20-B697-833FDCCA86FB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6574a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "828CFB37-76A6-4927-9D00-AF9A1C432DD6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6574a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "11405993-5903-4716-B452-370281034B42" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6574au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D527E2B1-2A46-4FBA-9F7A-F5543677C8FB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6574au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8374DDB3-D484-4141-AE0C-42333D2721F6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6584au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C3DDA896-576C-44B8-85B6-F71F473F776B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6584au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "51A87BDA-5B24-4212-BAB3-D2BBB2F4162E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6595_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "643EC76D-2836-48E6-81DA-78C4883C33CA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6595:-:*:*:*:*:*:*:*", - "matchCriteriaId": "477F6529-4CE1-44FC-B6EE-D24D44C71AE7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6595au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "288F637F-22F8-47CF-B67F-C798A730A1BD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6595au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D0996EA3-1C92-4933-BE34-9CF625E59FE7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6678aq_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D001127D-8160-42F0-B8B9-2FAA2976B530" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6678aq:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C9EB615F-FD4C-450B-AB25-E936FD9816C4" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6696_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0AE207DB-9770-40ED-961D-FDA75965826F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6696:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0E23922D-C37F-476F-A623-4C1458A9156F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6698aq_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5FA1F8F4-EAF2-4704-A8A6-19AD3CA1B577" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6698aq:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B3F7853D-09EE-476F-B48D-BB30AEB4A67D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6797aq_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "797295C2-535C-46A9-A725-E1A5405F0436" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6797aq:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8BFC575E-594E-4711-94B1-2DC8D03B9AC4" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8072_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1F4012FC-F0D9-41DE-BC2A-FBDD1B212540" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8072:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B16C4C53-F8BA-48D2-A7EE-90A06499722D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8075_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CC8A5A87-7D62-4EB7-962A-0F160DE3E889" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8075:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7B68D126-7F49-4FFA-8AF8-78120973D78E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8081_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1D1C53DC-D2F3-4C92-9725-9A85340AF026" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8081:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ED0585FF-E390-46E8-8701-70964A4057BB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8337_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2FA8F9DA-1386-4961-B9B2-484E4347852A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8337:-:*:*:*:*:*:*:*", - "matchCriteriaId": "117289C8-7484-4EAE-8F35-A25768F00EED" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9886_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "311229F9-4A32-462D-AE8D-E5E2B2C416CE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9886:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5A523C3F-FB62-4728-8173-4C117C28AC5A" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9888_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EF227702-EEFC-43CC-AC80-81EA6E4927E0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9888:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AE5DFEA5-EA29-40B6-83DB-883B276E8245" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9889_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "728CCD27-ED06-49FD-AECD-9B0856813EDF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9889:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1D181868-AE93-4116-B45F-81D94F537227" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9898_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "49882EDE-598D-40B2-8A65-D258241E669F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9898:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F1572D87-4EC2-4B95-826A-B03FDD4985AE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9980_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DCBC53AC-E040-40E0-B09B-4117E641C9D4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9980:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7AE49086-E95B-4852-8A09-16A83DD63EC9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9984_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "93BA2DC9-5B4F-4F8F-8B3D-8DA01043B9BD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9984:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8FA8880F-E513-4390-B839-C5D86E7A89EB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9985_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ED6C33CE-635A-415F-9F4E-70E2D86A06D3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9985:-:*:*:*:*:*:*:*", - "matchCriteriaId": "124FF4F3-0490-4CB8-8689-5F0FA6D9230F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9986_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "70DBC461-DFD7-419E-8241-B55913315D45" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9986:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4E9EC919-0F83-49F3-807B-CD4B27AAE741" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9990_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "991D9592-D61E-4777-8B59-EB004F09998E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9990:-:*:*:*:*:*:*:*", - "matchCriteriaId": "37A829C8-5BA3-4B13-9033-30FCD5B78B70" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9992_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5D8FB66C-5616-4C3A-9CAE-7610519ACA1A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9992:-:*:*:*:*:*:*:*", - "matchCriteriaId": "408C8494-E7D8-4F99-9B04-7E84A31C799B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9994_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BD5B18AA-0699-4F21-9D3E-C45B071B4903" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9994:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DDC4C800-C9E3-4DB0-AE99-3F75D3660DEC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcm4490_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DA506489-4338-44DF-8F92-12E60AF0048C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcm4490:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A8718C37-A82A-4A08-A887-3F22B37601A9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcm6490_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ADD6D51E-5787-42A6-8A02-4EBBAFFF9C94" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcm6490:-:*:*:*:*:*:*:*", - "matchCriteriaId": "99AA0291-B822-4CAD-BA17-81B632FC3FEF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5021_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B0F7D48A-7D06-46C5-A093-FAA12666A666" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5021:-:*:*:*:*:*:*:*", - "matchCriteriaId": "58DF7FA9-72B4-454D-AED7-ED9531B118BC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5022_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "478B79F0-D257-41B2-965B-3E251A584D45" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5022:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8B6D2C9D-1BF9-4D78-90FB-B7633DD87E67" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5024_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "63965F19-033E-4755-B9CA-EF409EC339A3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5024:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CCA0E68F-6D5F-4C20-AABC-26CA6867D3D6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5052_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "85740DB4-3B08-48A4-ACAF-7BBB2612009A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5052:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8A0BD404-5EBA-4988-91B6-ECE8FCF4F041" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5054_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2D6190FE-17A6-48CE-AA34-5DCF01362E9F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5054:-:*:*:*:*:*:*:*", - "matchCriteriaId": "09AB1C26-7ED2-431E-8EA4-8ACB16857A01" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5122_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "290BFC8A-0D76-4BCD-B059-2DAFD368A10C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5122:-:*:*:*:*:*:*:*", - "matchCriteriaId": "936A308A-92B9-468C-9BC6-8FD71C7C2315" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5124_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2A9F76FF-96D3-4BCE-918D-B3B0ADA3E8E0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5124:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2908A543-EFE4-477D-9CF3-76534B2E6CF6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5152_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0EAE1EBF-AD14-4C07-99B5-2547A5196B20" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5152:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D4829FF9-C0BA-4E40-A01A-3EF179462029" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5154_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0ED3ED74-C2D0-4A84-A2F8-392818E5CD20" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5154:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4F1CA219-959D-481A-8622-69F1825832FB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5164_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5F6EAD64-D133-42C4-92ED-90C49938C0F1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5164:-:*:*:*:*:*:*:*", - "matchCriteriaId": "93E7ED58-C5A7-4F78-8233-750780CCAB16" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6023_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "63FF89C5-3BBF-4A13-8A3B-F490C2FA1A95" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6023:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6784EC5F-2C26-49C5-9A03-6FD2056C04EF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6024_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A49DBE04-E2EA-4DA1-B774-A878A71524AC" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6024:-:*:*:*:*:*:*:*", - "matchCriteriaId": "69E98386-3BB2-4E8C-AD00-E05123608439" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6122_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1A988BD3-71D8-4F2B-9EC2-8E385B114114" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6122:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1E7049A3-9F35-465F-9B2E-96788E54EC63" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6132_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A59FBBDC-0495-422C-B25A-FFDF94D33C34" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6132:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F6E55C06-45EE-4144-8CBC-4D41DDE4D899" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn7605_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9C9D1966-30F0-414D-BE75-0A14B12A1457" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn7605:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CD28C87D-1D28-4C84-BFE4-56EE3BF2C6B0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn7606_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F466A5BD-1912-4811-9A93-81555F101D46" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn7606:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0F92914E-16F6-4A25-9FEF-FB7CB3377132" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9000_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5BCCFF8B-4857-439D-BD4A-EB35672F474B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9000:-:*:*:*:*:*:*:*", - "matchCriteriaId": "86896D55-89F5-440B-9082-916E486B65D9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9011_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9306C34D-47E4-40CF-89F4-BA5263655D13" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9011:-:*:*:*:*:*:*:*", - "matchCriteriaId": "02BA009F-24E1-4953-BA95-2A5BC1CDBDBB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9012_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "61F34DD2-9DC0-49E5-BC85-1543EA199477" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9012:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1A06879F-6FE9-448A-8186-8347D76F872B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9022_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "36A10EB2-E7A2-461F-836E-FC38B9428C98" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9022:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A457C1D6-A026-4B5F-9CB1-FA795785A515" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9024_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A64CDA49-19BF-413F-A0E0-2B9729E45E25" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9024:-:*:*:*:*:*:*:*", - "matchCriteriaId": "345CCD64-C09E-407D-AAA2-311C4CCFE24F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9070_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2C10CAAC-FD93-4116-9F0C-E983B3693FAF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9070:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9FEC2402-BA39-49BB-A34C-FF32ED44A158" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9072_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "809FD84D-11C5-4EE3-B830-62CF5F6CB1BC" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9072:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DFD77A52-D53C-424F-9E17-160B710469C3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9074_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "65303C2D-C6BF-47CB-8146-E240CB8BBE42" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9074:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A6B03022-497A-4F42-BB4D-5624EA7DF1B9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9100_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B31EEE9E-CDEC-4E88-B950-3413205E483E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9100:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3E1E341A-7DDD-47E5-BB5F-0666482B41C0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs4490_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3336CDD7-9E7B-4FFB-A5CE-594B19B63A6C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs4490:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1197E229-1E27-4CA3-A386-B77FAE5DFE1A" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs6490_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "403AE561-6C9E-49F3-A5D6-C48DDD51D663" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs6490:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6FAC140F-FC5E-4C88-B777-7F5EBF49A695" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs8250_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1CDDD37F-4C3A-4955-9AFB-7774021A0198" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs8250:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2D13E375-0562-4263-8452-53E117F14E83" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs8550_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FFF23DDB-98A0-4343-ADD3-5AB9C2383E7E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs8550:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5ACB8AFB-5B91-4AA1-BA3A-1AF0B3503080" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qrb5165m_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D9CC1C8B-F642-4068-B9E3-ECE027486E45" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qrb5165m:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A60F8378-B827-4557-B891-A8A02F8F2A25" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qrb5165n_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "97BB1EB7-D194-4FE2-B4F6-A7A52F344DDE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qrb5165n:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA2C90E7-0F3A-43BB-ABF7-63CEA7A85ADA" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qsm8250_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8C194363-7FDE-43C9-B6FE-2BD6B474816F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qsm8250:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B8CC9433-6B33-4B9C-8EC3-BBBB43897E5C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qsm8350_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1894F6B9-31DA-44E8-AA28-064F73EBEE8D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qsm8350:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8AA23845-D9F5-4035-8A93-F475D865586F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:robotics_rb5_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "71CFA659-DE2C-4AA0-8AAD-75033B2F4663" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:robotics_rb5:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0C3E952A-9CA6-4A41-820C-9756B453DECF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa4150p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0DC99C0C-8AE3-4918-B91D-2C26990FE931" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa4150p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A558A868-1B67-48D2-8A94-FDEA7126FAE7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6145p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C66671C1-AE1A-44BE-9DB2-0B09FF4417DB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6145p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "74AA3929-3F80-4D54-B13A-9B070D5C03BB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6150p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "054F77D6-FC66-4151-9005-DC7ECDB5C722" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6150p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8ED3F589-16D9-46A7-A539-C9862473EE0D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6155_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4C40544E-B040-491C-8DF3-50225E70B50C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6155:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A2DAC85C-CDC9-4784-A69A-147A2CE8A8B2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6155p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8DC40C14-3B2D-4E00-9E0F-86E6BDBF2D81" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6155p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0514D433-162C-4680-8912-721D19BE6201" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8145p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A71D74B0-0963-49FD-8E97-148C8993B263" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8145p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "910CBFA4-50F7-4C7A-B9B9-B88C8A919827" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8150p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "69C1B02F-8D2D-42E7-B70D-41F4D9844FD1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8150p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3FEACAA9-C061-4713-9A54-37D8BFC0B00B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8155_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F33EB594-B0D3-42F2-B1CA-B0E6C9D82C6B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8155:-:*:*:*:*:*:*:*", - "matchCriteriaId": "50EF47E5-2875-412F-815D-44804BB3A739" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8155p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C8648B38-2597-401A-8F53-D582FA911569" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8155p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A01CD59B-8F21-4CD6-8A1A-7B37547A8715" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8195p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "51BC0A66-493B-43BE-B51F-640BDF2FF32E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8195p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D8DA4D12-7ABF-4A04-B44E-E1D68C8E58AB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8255p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EC6E268D-C4AF-4950-9223-39EA36D538A8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8255p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "073C1A81-D02B-4F2F-9378-CD1B2DCE0E5B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8295p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2A19659B-A0C3-44B7-8D54-BA21729873A4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8295p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F978041A-CE28-4BDF-A7DB-F0360F1A5F14" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180x\\+sdx55_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C751ABFE-3B9B-472B-A10C-277270790D95" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180x\\+sdx55:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C819454D-D413-478A-B78D-CFF6994803A1" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd_8_gen1_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "76910884-45D9-4EA2-BA30-44A8C7CC1339" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd_8_gen1_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "33D393A6-4586-4416-86EB-F9D86DC3DED8" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd865_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "72433485-B229-46A6-BCA4-394AA4EEA683" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd865_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "04D40EC4-BF31-4BFD-8D0A-8193F541AF02" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd888_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "79219DA5-0D09-4CEF-AEFD-917F269AE7DF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd888:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4D30BACF-71C1-4A6D-8811-9AD708A98307" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sdx55_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E93FB34B-3674-404D-9687-E092E9A246AB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sdx55:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F3FF5A9A-A34A-499C-B6E0-D67B496C5454" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm7315_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A4508742-7D97-43D8-B8F5-041F4C588723" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm7315:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CF8C63E8-169F-4164-BD49-348ED894813F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm7325p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4BEC725F-19B1-4078-B13D-CE624BE23344" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm7325p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4EA43E38-A12D-49C3-B05C-A2AF07ED2710" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_778g_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EB958799-6C95-4066-A564-2440B94EA064" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_778g_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3AEA9DD8-681B-48A9-A2E9-8F81DA4C5276" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_778g\\+_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "60CB441C-DCC6-4AF9-B3E6-6DE6305D3AAE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_778g\\+_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "44884D15-3D35-4D97-BEFE-995C573F12E8" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_780g_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "481E3382-E1DB-45A6-9FF7-B86712DFBF0D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_780g_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CF847CB8-B3E7-4371-B531-BA82B686AA1F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_782g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9D264E36-5E39-4ABD-B05D-153C852CE40B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_782g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "80322365-61A2-4B55-932E-F2B678F8C3C6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_7c\\+_gen_3_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9749871B-A555-4FAA-82F8-E46B95AC0F25" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_7c\\+_gen_3:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E0318A41-2E92-4C83-BB9D-68BC68E574BC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_8_gen_1_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "985A7570-846E-4ED8-8EF0-E529231CE0B1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_8_gen_1:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2BB1B4D9-EAE6-4395-8B8A-C97F15A64DFA" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_8\\+_gen_1_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A7504F41-E4C8-4C43-AA65-C7F67C01E105" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_8\\+_gen_1:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5435FC83-8EA3-4F96-B109-4A6DC9CF952B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_865_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "713B1CB7-985F-49F4-A5A7-23DFD0F4EA04" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_865_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1D7467AE-2EC2-4D9C-9D9C-83BAE7AE48CD" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_865\\+_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7F15FC88-6366-4210-A949-75A3890476B2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_865\\+_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "711C5A1C-F67B-4BE2-BFE7-C86E716F85E2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_870_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B6D89373-04BA-4DD4-A0D0-A45AF93FA7AB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_870_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FE485ADB-9A68-41AE-BBA8-242AC27263DD" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_888_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4DB133AD-4616-4B0E-82D3-6F579F871D84" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_888_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C5C49373-6BDA-4465-B2A3-D0E9C29452BD" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_888\\+_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5C520263-AE1E-42FF-8F93-9BB2ACC2882B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_888\\+_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "01316BA6-3E0F-470B-A675-6AC22D2E408D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180x-ad_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2802A422-CCEA-4634-B164-09AC35C00C2F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180x-ad:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8AB65F7E-6921-44AA-8B2C-C4814BD51A7F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180xp-ad_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E7EB4CA4-CEAF-4D8C-AE28-5373CC5E46D7" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180xp-ad:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9B12A03C-20D1-452A-99E6-BA94C02BA982" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180x-aa_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "89811F0E-0226-4657-B0E0-5C03FAAEE0AF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180x-aa:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FD6A5576-6766-4E65-A8C1-7215DC0EC128" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180x-ab_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "797F1912-4F43-4CA6-83DA-620C4623CB94" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180x-ab:-:*:*:*:*:*:*:*", - "matchCriteriaId": "419CEB14-21A1-4B9B-A2E7-C5F76FED07D8" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180xp-ac_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "61C77656-153F-4DA8-9C7C-BCAAFD25E0A7" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180xp-ac:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0DFDC9D5-81AB-4B4E-AB78-691B8A389C86" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180xp-af_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3B7DFFD6-92C7-4042-BD8F-D3E6FDB7958C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180xp-af:-:*:*:*:*:*:*:*", - "matchCriteriaId": "007B494C-4AAD-4E74-BD16-C62A643BC241" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180x-ac_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EEC4BF9B-2B98-44FF-9B81-25C10AB71E24" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180x-ac:-:*:*:*:*:*:*:*", - "matchCriteriaId": "02C5409B-4D98-4F3D-9902-41A5394342C9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180x-af_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1B66319C-184B-4417-85D6-4F8AB51B578E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180x-af:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F7C8DA78-9E96-4140-961F-B2BD80ACCE54" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180xp-aa_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "53AE3110-9F78-45E8-BAD9-2C63ACD7489B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180xp-aa:-:*:*:*:*:*:*:*", - "matchCriteriaId": "819D5879-EE22-4E6B-B401-D02F7FC68679" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8180xp-ab_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6EBD06A6-7156-4363-AECB-6CA872008B54" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8180xp-ab:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FFEBF216-405D-462B-9345-3146315F6744" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8280xp-ab_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CD602832-D779-4A1E-9CE6-5E720FB1C509" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8280xp-ab:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6E162204-0481-4508-96A0-BCD8D9954E46" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sc8280xp-bb_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "30FD02EE-E958-4189-AF2C-1691DABA7810" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sc8280xp-bb:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6C28135D-DA47-4815-9240-EEEE4D42A101" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_ar2_gen_1_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7BB4A33E-6647-447E-BDA3-24246D49C5DD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_ar2_gen_1:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1046CC3E-FB12-4527-9978-DCC40EEE8938" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_auto_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "901F9968-53C6-4A19-87C8-5FC90A74DF30" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_auto_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E57A7FD9-3849-4420-95BD-905C701E6213" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_x55_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "50081C21-0E3C-451C-B5D9-BFA6763FC92A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_x55_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F8D443BF-15A5-4984-972B-0BC5BEDC835B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_x65_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "193DA42A-82EE-4536-A4B4-B6ED03F0D0D8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_x65_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "38044A2F-02C8-458A-AA28-42FE87ED6F8A" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_xr2_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "665811D8-F648-4F32-A375-FAF9C9E928B3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_xr2_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2A537932-6EAD-411B-83FF-48CF050F603A" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_xr2\\+_gen_1_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FD779739-5919-43A9-B949-D1FB4A46FA11" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_xr2\\+_gen_1:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BDA3083D-C664-45C7-98CD-E90223F887A8" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_auto_4g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BDDA8319-911D-4689-A28B-AD70EBB23BB2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_auto_4g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1E3EAFB7-3581-45F8-81F6-3EBFDD12D842" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ssg2115p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A146E52D-4AFC-47B4-920F-DAC76077DF25" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ssg2115p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2BA4BA00-C8D1-4DAC-8030-CB5EEC7D4591" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ssg2125p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EA41907C-1CDE-42F3-B21D-5D53B2F06AF7" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ssg2125p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EDC270A7-205C-41EB-A2E5-2A381A16BFBB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sxr1230p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BE3236D6-0D01-4D05-B580-8888B99BAA5D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sxr1230p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7E1753FC-F3CD-4B50-886D-8E16D9301A84" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sxr2130_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9F9FA3B1-E4E4-4D9B-A99C-7BF958D4B993" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sxr2130:-:*:*:*:*:*:*:*", - "matchCriteriaId": "95762B01-2762-45BD-8388-5DB77EA6139C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sxr2230p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CD6444F6-A477-4B4C-8A09-C22C47CCE45B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sxr2230p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F3E20681-4FC4-46E2-AF77-BCF03BC8E77E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9340_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8BA28CC6-C8BB-4F50-BFE3-A59F664A4F54" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9340:-:*:*:*:*:*:*:*", - "matchCriteriaId": "94D2BDF1-764C-48BA-8944-3275E8768078" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9341_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CE852339-1CAE-4983-9757-8F00EDEF1141" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9341:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4D9E96B3-F1BB-46F8-B715-7DF90180F1E1" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9360_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C4D6C6B2-36DC-4D0D-AFF8-2108A090A78D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9360:-:*:*:*:*:*:*:*", - "matchCriteriaId": "28FEB3B1-F641-436D-AC4F-3304C37167C4" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1295D869-F4DD-4766-B4AA-3513752F43B4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9370:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B98784DC-3143-4D38-AD28-DBBDCCAB4272" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9375_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "34143ABA-7D09-429F-A65C-3A33438BF62C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9375:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9D56DFE3-5EF1-4B23-BBD5-0203FBF9CCEC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "70292B01-617F-44AD-AF77-1AFC1450523D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FA94C6D6-85DB-4031-AAF4-C399019AE16D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "92B17201-8185-47F1-9720-5AB4ECD11B22" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E1FA2EB9-416F-4D69-8786-386CC73978AE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3950_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3FEF2DB6-00F5-4B07-953B-EF58B31267F1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3950:-:*:*:*:*:*:*:*", - "matchCriteriaId": "120E8F0F-EBEB-4565-9927-2D473F783EF7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9C6E9038-9B18-4958-BE1E-215901C9B4B2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3980:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B36D3274-F8D0-49C5-A6D5-95F5DC6D1950" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn6740_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FB5DB2B8-25E1-4C0F-8AFB-7627FF9A04E1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn6740:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9BB21B3F-6D07-4B45-8A71-DC5490176296" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "15307882-7039-43E9-9BA3-035045988B99" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA85B322-E593-4499-829A-CC6D70BAE884" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E839A0B9-64C3-4C7A-82B7-D2AAF65928F8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7E870D82-DE3B-4199-A730-C8FB545BAA98" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "11B69595-E488-4590-A150-CE5BE08B5E13" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BF680174-5FA6-47D9-8EAB-CC2A37A7BD42" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7ACAD26E-B79E-4659-91A5-D301281F7D36" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8832:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F0E46DA6-9494-4D92-A4AE-A272AF6ACCCC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F80BC68E-7476-4A40-9F48-53722FE9A5BF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6B36F4B2-BAA3-45AD-9967-0EB482C99708" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.qualcomm.com\/company\/product-security\/bulletins\/september-2023-bulletin", - "source": "product-security@qualcomm.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-33016", - "sourceIdentifier": "product-security@qualcomm.com", - "published": "2023-09-05T07:15:14.487", - "lastModified": "2024-04-12T17:17:14.697", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Transient DOS in WLAN firmware while parsing MLO (multi-link operation)." - }, - { - "lang": "es", - "value": "Un ataque de denegación de servicio (DOS) en el firmware WLAN al analizar MLO (operación multienlace)." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:N\/I:N\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "availabilityImpact": "HIGH", - "baseScore": 7.5, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - }, - { - "source": "product-security@qualcomm.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:N\/I:N\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "availabilityImpact": "HIGH", - "baseScore": 7.5, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-125" - } - ] - }, - { - "source": "product-security@qualcomm.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-126" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:csr8811_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D4CAA848-413D-4C63-823B-BFCE95C7740C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:csr8811:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1AA32CC0-DE30-4B15-8EC6-1FAF14C5C4E2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E670F500-9B71-4BBE-B5DA-221D35803C89" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:fastconnect_6900:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9ADEB5C5-B79A-4F45-B7D3-75945B38DB6C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B3053D68-C5D8-4D47-A4F0-9F3AF2289E1D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:fastconnect_7800:-:*:*:*:*:*:*:*", - "matchCriteriaId": "638DBC7F-456F-487D-BED2-2214DFF8BEE2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:immersive_home_214_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8C7CEC6E-D316-4A89-BB58-003C2E3369FD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:immersive_home_214:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA5A801F-F95E-4E6F-AE6A-9F3D112FA69C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:immersive_home_216_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "779827C5-93CF-45BE-827C-F8B4443AE302" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:immersive_home_216:-:*:*:*:*:*:*:*", - "matchCriteriaId": "30EB0454-57C1-4054-BB62-ADC31817D254" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:immersive_home_316_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C7FCC903-A4B0-4462-9D1D-9B7B767D4607" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:immersive_home_316:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E1725FFF-665F-4569-996C-31A0BB094D4F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:immersive_home_318_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "87655E53-09B3-4BC0-8BB4-1E4F0FFAE15F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:immersive_home_318:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BA1B1C6F-9195-4B94-9AAB-7E3EA6275F62" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq5010_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8543C671-054B-489F-ACFE-B7D7BEC1DEE6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq5010:-:*:*:*:*:*:*:*", - "matchCriteriaId": "15C5F8CB-3291-4E13-94F0-680FC85A9669" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq5028_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5AE3085F-59BE-46A0-9A96-65CFAB7DFEAE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq5028:-:*:*:*:*:*:*:*", - "matchCriteriaId": "825524E0-BB01-4CAD-9F65-95E096467D28" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq6000_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA7A5C46-48BF-42A9-A477-A660C6D7B437" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq6000:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EDB79382-19D6-4A67-9013-7099A9C58829" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq6010_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A5CF970F-17AE-4C59-89A5-5B41A41E1DE0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq6010:-:*:*:*:*:*:*:*", - "matchCriteriaId": "71C54A70-AAA8-4B5E-AC1B-471A5C7E79B0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq6018_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B04589FF-F299-4EF6-A57B-1AD145372DBB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq6018:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FDC1ADAD-DA77-47EF-8DB9-C36961C560C2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq6028_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "06126F30-D081-4A11-92FB-4074A451FAF9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq6028:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E2550040-CCC7-4B52-8D3E-7948B3E3C62B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8070a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "711FC14F-4DED-4F90-9BA5-0036537E6DCF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8070a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "302F06C0-4835-4CD6-B745-BF7B704C3C86" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8071a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "623ED6A2-EE37-458E-BEFA-8BAD08256AE8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8071a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "53449B68-4C58-4AEB-82B7-72726ADE0E2C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8072a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "93E5DB9B-F388-49F3-ABD5-CE773FC4B045" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8072a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0137E60A-1869-479C-9B4B-378E5FCCBA1D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8074a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5C7691C2-C4F8-4F23-9B5F-5E8FE0E2293E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8074a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "02BF2E50-E2A4-44FF-9748-ED96C0C1AB5F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8076_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "966392A8-DD8E-4AA1-B407-5BF2D937139E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8076:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A211C022-8EDF-4B76-89D6-599812900446" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8076a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EF245F8E-C056-4BEF-982E-9616F8C65CD6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8076a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CE302EF9-165F-47F9-B0D6-BE1E3D8C6C65" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8078_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A24951FD-C4AB-4988-A1DD-019412430AC6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8078:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EFEC5D65-C1E3-40ED-9FE3-8DF888CA2654" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8078a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DF609C6C-CD50-423A-A75E-83C730296089" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8078a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B8B35C18-9A01-41E1-8CE9-D8FA7E4A25ED" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8173_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8890C528-C2A3-4148-A397-85B63FB920C4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8173:-:*:*:*:*:*:*:*", - "matchCriteriaId": "81494D75-1D4D-4DC5-AF67-F83FD562DBB9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq8174_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6BB84228-3083-4048-8E83-E1F30B537223" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq8174:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EB58F259-62BA-40B9-BD71-960F25D20BED" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ipq9574_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0327D8C9-DD6B-4831-BBD4-2EE57A351493" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ipq9574:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0C866E83-23ED-495C-AA5A-0B01973674BF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca4024_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C359D1E7-6E0A-41B5-ABE5-B55598960700" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca4024:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B4DC3CE7-0C4A-458B-A42E-8F80C062DD5F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8075_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CC8A5A87-7D62-4EB7-962A-0F160DE3E889" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8075:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7B68D126-7F49-4FFA-8AF8-78120973D78E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8081_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1D1C53DC-D2F3-4C92-9725-9A85340AF026" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8081:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ED0585FF-E390-46E8-8701-70964A4057BB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8082_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EB1F2E8B-1ED2-473D-AFD8-F2590F6BD414" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8082:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FBDA9657-7D30-41FD-8112-F53E6C69D53A" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8084_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1B9045A8-BA53-43C4-B24D-5EF320DE7A4A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8084:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3D6E8939-AFA3-41AC-B811-BCC282A43106" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8085_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B87335A8-DC52-478E-B19F-0C4CC63132EA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8085:-:*:*:*:*:*:*:*", - "matchCriteriaId": "99C34523-FE2A-4DDC-9A8A-D9072F3D0FD3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8386_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "08E9E6CB-2216-4AF2-81C2-D482598298BE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8386:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4774FAA6-6141-4B08-819C-58D4D9A2B69F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9888_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EF227702-EEFC-43CC-AC80-81EA6E4927E0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9888:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AE5DFEA5-EA29-40B6-83DB-883B276E8245" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9889_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "728CCD27-ED06-49FD-AECD-9B0856813EDF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9889:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1D181868-AE93-4116-B45F-81D94F537227" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5022_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "478B79F0-D257-41B2-965B-3E251A584D45" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5022:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8B6D2C9D-1BF9-4D78-90FB-B7633DD87E67" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5024_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "63965F19-033E-4755-B9CA-EF409EC339A3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5024:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CCA0E68F-6D5F-4C20-AABC-26CA6867D3D6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5052_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "85740DB4-3B08-48A4-ACAF-7BBB2612009A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5052:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8A0BD404-5EBA-4988-91B6-ECE8FCF4F041" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5122_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "290BFC8A-0D76-4BCD-B059-2DAFD368A10C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5122:-:*:*:*:*:*:*:*", - "matchCriteriaId": "936A308A-92B9-468C-9BC6-8FD71C7C2315" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5124_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2A9F76FF-96D3-4BCE-918D-B3B0ADA3E8E0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5124:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2908A543-EFE4-477D-9CF3-76534B2E6CF6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5152_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0EAE1EBF-AD14-4C07-99B5-2547A5196B20" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5152:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D4829FF9-C0BA-4E40-A01A-3EF179462029" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5154_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0ED3ED74-C2D0-4A84-A2F8-392818E5CD20" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5154:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4F1CA219-959D-481A-8622-69F1825832FB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn5164_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5F6EAD64-D133-42C4-92ED-90C49938C0F1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn5164:-:*:*:*:*:*:*:*", - "matchCriteriaId": "93E7ED58-C5A7-4F78-8233-750780CCAB16" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6023_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "63FF89C5-3BBF-4A13-8A3B-F490C2FA1A95" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6023:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6784EC5F-2C26-49C5-9A03-6FD2056C04EF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6024_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A49DBE04-E2EA-4DA1-B774-A878A71524AC" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6024:-:*:*:*:*:*:*:*", - "matchCriteriaId": "69E98386-3BB2-4E8C-AD00-E05123608439" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6122_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1A988BD3-71D8-4F2B-9EC2-8E385B114114" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6122:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1E7049A3-9F35-465F-9B2E-96788E54EC63" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6132_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A59FBBDC-0495-422C-B25A-FFDF94D33C34" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6132:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F6E55C06-45EE-4144-8CBC-4D41DDE4D899" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9000_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5BCCFF8B-4857-439D-BD4A-EB35672F474B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9000:-:*:*:*:*:*:*:*", - "matchCriteriaId": "86896D55-89F5-440B-9082-916E486B65D9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9022_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "36A10EB2-E7A2-461F-836E-FC38B9428C98" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9022:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A457C1D6-A026-4B5F-9CB1-FA795785A515" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9024_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A64CDA49-19BF-413F-A0E0-2B9729E45E25" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9024:-:*:*:*:*:*:*:*", - "matchCriteriaId": "345CCD64-C09E-407D-AAA2-311C4CCFE24F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9070_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2C10CAAC-FD93-4116-9F0C-E983B3693FAF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9070:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9FEC2402-BA39-49BB-A34C-FF32ED44A158" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9072_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "809FD84D-11C5-4EE3-B830-62CF5F6CB1BC" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9072:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DFD77A52-D53C-424F-9E17-160B710469C3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9074_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "65303C2D-C6BF-47CB-8146-E240CB8BBE42" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9074:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A6B03022-497A-4F42-BB4D-5624EA7DF1B9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9100_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B31EEE9E-CDEC-4E88-B950-3413205E483E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9100:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3E1E341A-7DDD-47E5-BB5F-0666482B41C0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9274_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9129A244-AB8C-4AA4-BFBB-37F84D66BD3E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9274:-:*:*:*:*:*:*:*", - "matchCriteriaId": "41F243A1-3C0B-4780-95BF-69A4E1A91F18" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs8550_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FFF23DDB-98A0-4343-ADD3-5AB9C2383E7E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs8550:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5ACB8AFB-5B91-4AA1-BA3A-1AF0B3503080" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd_8_gen1_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "76910884-45D9-4EA2-BA30-44A8C7CC1339" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd_8_gen1_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "33D393A6-4586-4416-86EB-F9D86DC3DED8" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_8_gen_1_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "985A7570-846E-4ED8-8EF0-E529231CE0B1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_8_gen_1:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2BB1B4D9-EAE6-4395-8B8A-C97F15A64DFA" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_ar2_gen_1_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7BB4A33E-6647-447E-BDA3-24246D49C5DD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_ar2_gen_1:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1046CC3E-FB12-4527-9978-DCC40EEE8938" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ssg2115p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A146E52D-4AFC-47B4-920F-DAC76077DF25" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ssg2115p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2BA4BA00-C8D1-4DAC-8030-CB5EEC7D4591" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ssg2125p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EA41907C-1CDE-42F3-B21D-5D53B2F06AF7" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ssg2125p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EDC270A7-205C-41EB-A2E5-2A381A16BFBB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sxr1230p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BE3236D6-0D01-4D05-B580-8888B99BAA5D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sxr1230p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7E1753FC-F3CD-4B50-886D-8E16D9301A84" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sxr2230p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CD6444F6-A477-4B4C-8A09-C22C47CCE45B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sxr2230p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F3E20681-4FC4-46E2-AF77-BCF03BC8E77E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "70292B01-617F-44AD-AF77-1AFC1450523D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FA94C6D6-85DB-4031-AAF4-C399019AE16D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "92B17201-8185-47F1-9720-5AB4ECD11B22" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E1FA2EB9-416F-4D69-8786-386CC73978AE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "11B69595-E488-4590-A150-CE5BE08B5E13" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BF680174-5FA6-47D9-8EAB-CC2A37A7BD42" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7ACAD26E-B79E-4659-91A5-D301281F7D36" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8832:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F0E46DA6-9494-4D92-A4AE-A272AF6ACCCC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F80BC68E-7476-4A40-9F48-53722FE9A5BF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6B36F4B2-BAA3-45AD-9967-0EB482C99708" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.qualcomm.com\/company\/product-security\/bulletins\/september-2023-bulletin", - "source": "product-security@qualcomm.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-33019", - "sourceIdentifier": "product-security@qualcomm.com", - "published": "2023-09-05T07:15:14.560", - "lastModified": "2024-04-12T17:17:15.060", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Transient DOS in WLAN Host while doing channel switch announcement (CSA), when a mobile station receives invalid channel in CSA IE." - }, - { - "lang": "es", - "value": "Un ataque de denegación de servicios (DOS) transitorio en el componente WLAN Host mientras realiza el anuncio de cambio de canal (CSA), cuando una estación móvil recibe un canal no válido en CSA IE." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:N\/I:N\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "availabilityImpact": "HIGH", - "baseScore": 7.5, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - }, - { - "source": "product-security@qualcomm.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:N\/I:N\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "availabilityImpact": "HIGH", - "baseScore": 7.5, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "NVD-CWE-noinfo" - } - ] - }, - { - "source": "product-security@qualcomm.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-285" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:9206_lte_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7513D486-2E22-4AA7-A0C3-321B561F5E47" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:9206_lte:-:*:*:*:*:*:*:*", - "matchCriteriaId": "76402C58-BA33-4371-B69A-DA144B2F0BED" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:apq8017_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6FEDA6CA-A0FD-4A72-B856-C8E65AC86902" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:apq8017:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8D29295A-7183-46BE-B4EE-F891D1C17ED9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:apq8052_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AFE1790F-48DF-4426-96D3-E249D09D96BA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:apq8052:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2DAAA479-0381-43F7-BF03-B21BCBD87EA6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:apq8056_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CF26A582-CE43-4571-9815-2A789C5B065B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:apq8056:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E30004FD-C2FB-4C77-8489-D7A7EE9A9575" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:apq8076_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9A4CAA77-CC4D-49CF-9696-6C2542B31415" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:apq8076:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E19E8B60-4C5C-4D1C-B9F0-AB1FC1F58949" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ar8031_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FCE1ADA9-8042-4CDE-A2B9-E96665CB41BE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ar8031:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BB1DE046-DD70-4ACA-9DF4-59939DAC1889" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:c-v2x_9150_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4A725088-FC3B-4439-9189-72AA10954721" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:c-v2x_9150:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B80D6366-4C0C-4C0D-9A38-769C66D62F0F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:csra6620_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FA42F2EA-5D00-42B8-B020-C27675B72915" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:csra6620:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BFCF207D-B8C8-4860-89C7-673C821F0237" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:csra6640_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A8A35ECF-B12E-42DE-A74B-2C3BE03639A4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:csra6640:-:*:*:*:*:*:*:*", - "matchCriteriaId": "65B283D6-B2D2-49B6-98A8-08EDB54C1F15" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:fastconnect_6200_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CDE1CBDE-3D28-463C-B215-AA7DF373EF09" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:fastconnect_6200:-:*:*:*:*:*:*:*", - "matchCriteriaId": "66BD3B88-7CF9-482D-A2DD-67F6ACF4CC57" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:home_hub_100_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4EFFEA50-D8F0-49DB-AF22-EBC2DA8C634D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:home_hub_100:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D57A69BF-7FBF-4519-94DA-A2C1766B48EC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:mdm9250_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BA44E1D7-C4B5-4A1C-8D89-C080856104EE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:mdm9250:-:*:*:*:*:*:*:*", - "matchCriteriaId": "268F94E5-15A2-4BCA-BE1B-0B6A7179B9C9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:mdm9628_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ADC6FBEE-D2FA-4660-A078-D6CE2097653D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:mdm9628:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F6BD8A1C-D9AB-4BE7-A855-31E58631879C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:mdm9650_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "35B7E25E-FA92-4C36-883C-CFF36F4B3507" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:mdm9650:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ECD99C6F-2444-4A5E-A517-0C8023DDF23D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:msm8108_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2C8807E9-5972-47E7-8B39-2E4D68C7B79E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:msm8108:-:*:*:*:*:*:*:*", - "matchCriteriaId": "57963412-14B9-4C0D-AA0D-6928445DB808" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:msm8209_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "29F64FA7-5EA1-4C91-B409-4A0E966FBD26" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:msm8209:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1FBCA5AB-07E4-404E-A278-28F6004D2126" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:msm8608_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "99AE9AEA-4D9F-4879-85F7-405279EFE5ED" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:msm8608:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BDED3AA7-576C-4437-A466-D627698F4242" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:msm8909w_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FE28A59C-7AA6-4B85-84E8-07852B96108E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:msm8909w:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5DEE828B-09A7-4AC1-8134-491A7C87C118" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:msm8996au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8CA1E7B0-782B-4757-B118-802943798984" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:msm8996au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "95CB08EC-AE12-4A54-AA3C-998F01FC8763" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6174a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4FF653D0-15CF-4A10-8D8E-BE56F4DAB890" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6174a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C31FA74C-6659-4457-BC32-257624F43C66" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6175a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "08811FE5-AEF1-4D3C-8916-DABB7969BA93" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6175a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F8A94CD9-E084-4772-B173-91B6A0F46291" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6554a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0B1397F3-8CCF-4BBA-9F0F-A12E4F045754" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6554a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F5888224-567D-4C84-BE6D-17B636BF506C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6564a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "886124F6-B397-4EB6-8E01-6012E468ABE9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6564a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "93ED74CE-6BF2-4983-8780-07D5336745B3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6564au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B59672A0-2FA6-46CC-B75A-C599B842AFB9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6564au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3847F4A5-90A5-4C84-B43F-0DDD81BD79CE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6574_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9B828AC8-4A01-4537-B2BD-8180C99F5C32" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6574:-:*:*:*:*:*:*:*", - "matchCriteriaId": "66C16E1E-9D4A-4F20-B697-833FDCCA86FB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6574a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "828CFB37-76A6-4927-9D00-AF9A1C432DD6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6574a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "11405993-5903-4716-B452-370281034B42" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6574au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D527E2B1-2A46-4FBA-9F7A-F5543677C8FB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6574au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8374DDB3-D484-4141-AE0C-42333D2721F6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6584_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "95CFB656-804A-453C-A39B-1B08C0A16BB9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6584:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7F0C9ED5-27E3-48EC-9A05-862715EE2034" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6584au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C3DDA896-576C-44B8-85B6-F71F473F776B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6584au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "51A87BDA-5B24-4212-BAB3-D2BBB2F4162E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6595_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "643EC76D-2836-48E6-81DA-78C4883C33CA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6595:-:*:*:*:*:*:*:*", - "matchCriteriaId": "477F6529-4CE1-44FC-B6EE-D24D44C71AE7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6595au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "288F637F-22F8-47CF-B67F-C798A730A1BD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6595au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D0996EA3-1C92-4933-BE34-9CF625E59FE7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6696_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0AE207DB-9770-40ED-961D-FDA75965826F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6696:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0E23922D-C37F-476F-A623-4C1458A9156F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9367_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2AD0E09B-92EC-4974-BC5F-66C3AAF586B1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9367:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3FBA48AB-85F4-4D6C-B811-87756B80FFB8" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9377_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C4D2B46E-3996-42FD-B932-09E92C02EC8A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9377:-:*:*:*:*:*:*:*", - "matchCriteriaId": "98E58C63-F253-4DCC-8A14-48FEB64B4C3D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9379_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "25565FDA-651D-4A05-8B1E-2188B6921253" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9379:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B8D49750-BBEA-4A3D-9898-28B7A50A7F42" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:205_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2E9FB225-819E-44FD-B6B9-8A49909750B8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:205:-:*:*:*:*:*:*:*", - "matchCriteriaId": "57A101BE-894F-40F6-A8FD-9E8DF21076DB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:215_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A3667862-8469-4B33-9B2D-939EA07497E6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:215:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C8673678-1EAD-421D-8450-3BE522D75A5F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd626_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D9043720-6B49-4305-BB4F-C88CCB6D89E9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd626:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FC8F19D3-F322-4CDC-83C5-A9F7F1777DAD" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sdm429w_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C7E52771-4FB7-45DB-A349-4DD911F53752" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sdm429w:-:*:*:*:*:*:*:*", - "matchCriteriaId": "72F6CE39-9299-4FC3-BC48-11F79034F2E4" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sdx20m_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4079EC4E-ACCF-4BC4-BC3F-D7951C4B6496" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sdx20m:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5765D9F4-4090-4470-A90A-7E72A50881AF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:smart_audio_200_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AB60C259-9FA1-41E0-BE4C-8D073A202E77" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:smart_audio_200:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5805AC43-57A8-4E29-B09C-E9FFA96C76B0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:smart_audio_400_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BF7A6EE4-D951-480F-8F68-D49983C911D6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:smart_audio_400:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6FD155BC-1157-4DEA-940A-FB8BD117D4C6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:smart_display_200_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "13B56F26-ABA3-453C-8B69-2D9B044A3ECB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:smart_display_200:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E01002F4-2FB0-46A9-A007-F6EA347E6CE2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_1200_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8F8CABCB-7EF0-43CC-BEA0-0AE3B6FDF438" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_1200:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B399BDBB-D40A-47F8-8B86-15AFC7792021" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_208_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "23BDA737-41EE-4571-9F56-9714668D026A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_208:-:*:*:*:*:*:*:*", - "matchCriteriaId": "36E06420-91AB-44C6-BE6E-E9822B2A880D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_210_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "15838699-2BA0-4CF1-B3E6-0F80581C8DDD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_210:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F9FCAFCB-58C7-4588-A823-3AEBEF0A3710" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_212_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3495C094-A59C-42B4-B4EB-E45DEF5BEAC6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_212:-:*:*:*:*:*:*:*", - "matchCriteriaId": "70D7D23F-9EEA-4180-8C02-FB5F9F4EC12E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_425_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6114FD60-45DE-421A-8EF9-AE2D6E089A9B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_425:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C5A8A307-7AD1-4496-B9DD-B0A267C22DAD" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_429_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4D0C530E-53E7-482B-8522-C632E98E756B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_429:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2942BDD8-5542-430C-B566-245758DC2329" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_439_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5009631F-3632-4AF8-AC1B-A0570778B6D8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_439:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D7A741F7-D151-4133-989D-8654BAB560CA" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_450_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1CE9BB2A-1878-4AD4-B307-E9752F87DDA7" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_450:-:*:*:*:*:*:*:*", - "matchCriteriaId": "80521060-D7E0-4E00-B14E-6F3144107A89" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_617_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "856F211B-526F-4D20-A364-930766241AC3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_617:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8CF348B8-D73F-4B4A-B628-9C38A772F017" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_625_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5B11ABF4-351F-4BE8-A786-27EF880EF928" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_625:-:*:*:*:*:*:*:*", - "matchCriteriaId": "53D8F2F4-4125-49A9-BD9D-3164D2855C44" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_626_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "936AC2BB-818B-4319-A6C1-8331DF44C52F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_626:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D1A80E6E-CACA-425A-805F-82720C5D7B70" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_632_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7CED510F-D50F-4093-9215-00EF84F99AE3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_632:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0397BAC5-EF34-43E8-8847-D15DA32218E8" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_650_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B65E36BF-FD6D-486A-854F-C192308AE4ED" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_650:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C956BEAB-6AD1-4DCA-825F-DF5EBD2CCE2C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_652_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4F5097FB-0487-4A4F-B99E-E52CFD9906D4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_652:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F7578B00-89BA-48FF-978B-6F89569CACA3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_653_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FCFFCE3C-C48A-4E7F-A2B4-AAE7C6F53461" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_653:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E9110813-3AD6-44CB-B9D7-04853D8EC4B4" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_820_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "87D8DD02-AAAB-4EAE-BB23-C8DA64A2ADF4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_820:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4034D942-52BC-4DEB-93CD-AF7CDC30C5C5" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_auto_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "901F9968-53C6-4A19-87C8-5FC90A74DF30" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_auto_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E57A7FD9-3849-4420-95BD-905C701E6213" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_wear_2100_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AE035D37-DC98-432B-9DB9-C065C7AAADDE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_wear_2100:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A87D8C69-4706-452D-A158-E89F062BBAE0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_wear_2500_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C07C7CE0-2ABF-4E24-B121-C7B82CD804B9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_wear_2500:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FBF25029-ABB1-43BE-B2D7-4273A578A49C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_wear_3100_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "63C00A09-B369-4BCC-9936-0ED26604BA05" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_wear_3100:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0C6571A0-BE1F-4385-8501-648F0F92F392" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_wear_4100\\+_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EA1AEB2C-F420-46A6-8804-A35870153BAA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_wear_4100\\+:-:*:*:*:*:*:*:*", - "matchCriteriaId": "20746D0A-8D06-4483-AE84-2E0232259171" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_x12_lte_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AD477FCB-4FDE-43AD-8CA9-E64D8C95F8E3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_x12_lte:-:*:*:*:*:*:*:*", - "matchCriteriaId": "19A717FE-A546-4AC9-973F-7CB4AB7F766E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_x20_lte_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D2E3E2AE-E933-4230-8E12-5FD378A33284" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_x20_lte:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E2AFFA75-3E6D-46FB-A5DC-27D1E0A3A8B7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_x5_lte_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "03F7EED4-ACB6-4874-8849-D8B43373DC2A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_x5_lte:-:*:*:*:*:*:*:*", - "matchCriteriaId": "727E9B7F-99DE-4862-8BC6-5E72EA50EBB4" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:vision_intelligence_100_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7950993A-8669-479E-9531-B8FBF6AF6EB2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:vision_intelligence_100:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B34E6D81-1585-4CAF-9A94-BD14500A1E67" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:vision_intelligence_200_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4535EF79-92F4-484B-B84B-5927FF07F3CD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:vision_intelligence_200:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5D8B89D9-12BD-44B5-95A6-DBAAB5B0745B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9326_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3A2FAD34-B7C5-400A-8575-A12CDE65ACBE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9326:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5A39A2E5-6D8D-4F6E-98CB-96DB1975A4BC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9330_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "43A90019-4E96-40B5-9E4D-CCBDD51ACA34" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9330:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BC3D23FE-B3D5-4EC3-8268-98F12181966D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9335_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "28717583-463A-468A-8073-ECF0F90585F6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9335:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4D1A7188-7D5D-4D46-AEAB-08BA84FFF539" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3610_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DAFD64E7-3F13-4DCA-8C46-6E8FE0C6F798" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3610:-:*:*:*:*:*:*:*", - "matchCriteriaId": "044A14FB-64F6-4200-AC85-8DC91C31BD16" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3615_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9590EF1F-E821-4525-943B-4A315ACAEFFC" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3615:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7A7D32B3-325E-4B1F-8649-3D0071396BBA" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3620_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D99CA230-0694-4898-A06E-9C522CCB86CE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3620:-:*:*:*:*:*:*:*", - "matchCriteriaId": "62B00662-139A-4E36-98FA-D4F7D101D4AB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3660_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7B2669D0-81C0-4F3C-B9AF-1453815C68B1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3660:-:*:*:*:*:*:*:*", - "matchCriteriaId": "34D7240B-DCB4-4BF4-94C7-13EBECA62D6C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3660b_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FB37B5DB-2493-4082-B2BF-60385B7E027C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3660b:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6BCD2FE2-11F2-4B2A-9BD7-EB26718139DA" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3680_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0F66A898-3C7A-4D44-86BD-89129F04E654" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3680:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B612B044-C7D1-4662-AB2A-5400E34A3CA7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3680b_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0755F669-6D7E-454A-95DA-D60FA0696FD9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3680b:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BE861CE7-B530-4698-A9BC-43A159647BF2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9C6E9038-9B18-4958-BE1E-215901C9B4B2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3980:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B36D3274-F8D0-49C5-A6D5-95F5DC6D1950" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "15307882-7039-43E9-9BA3-035045988B99" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA85B322-E593-4499-829A-CC6D70BAE884" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E839A0B9-64C3-4C7A-82B7-D2AAF65928F8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7E870D82-DE3B-4199-A730-C8FB545BAA98" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.qualcomm.com\/company\/product-security\/bulletins\/september-2023-bulletin", - "source": "product-security@qualcomm.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-33020", - "sourceIdentifier": "product-security@qualcomm.com", - "published": "2023-09-05T07:15:14.640", - "lastModified": "2024-04-12T17:17:15.340", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Transient DOS in WLAN Host when an invalid channel (like channel out of range) is received in STA during CSA IE." - }, - { - "lang": "es", - "value": "Un ataque de denegación de servicios (DOS) transitorio en el componente WLAN Host es posible cuando se recibe un canal no válido (como canal fuera de rango) en STA durante CSA IE. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:N\/I:N\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "availabilityImpact": "HIGH", - "baseScore": 7.5, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - }, - { - "source": "product-security@qualcomm.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:N\/I:N\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "availabilityImpact": "HIGH", - "baseScore": 7.5, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "NVD-CWE-noinfo" - } - ] - }, - { - "source": "product-security@qualcomm.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-285" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:9206_lte_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7513D486-2E22-4AA7-A0C3-321B561F5E47" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:9206_lte:-:*:*:*:*:*:*:*", - "matchCriteriaId": "76402C58-BA33-4371-B69A-DA144B2F0BED" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:apq8017_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6FEDA6CA-A0FD-4A72-B856-C8E65AC86902" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:apq8017:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8D29295A-7183-46BE-B4EE-F891D1C17ED9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:apq8052_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AFE1790F-48DF-4426-96D3-E249D09D96BA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:apq8052:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2DAAA479-0381-43F7-BF03-B21BCBD87EA6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:apq8056_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CF26A582-CE43-4571-9815-2A789C5B065B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:apq8056:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E30004FD-C2FB-4C77-8489-D7A7EE9A9575" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:apq8076_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9A4CAA77-CC4D-49CF-9696-6C2542B31415" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:apq8076:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E19E8B60-4C5C-4D1C-B9F0-AB1FC1F58949" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ar8031_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FCE1ADA9-8042-4CDE-A2B9-E96665CB41BE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ar8031:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BB1DE046-DD70-4ACA-9DF4-59939DAC1889" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:c-v2x_9150_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4A725088-FC3B-4439-9189-72AA10954721" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:c-v2x_9150:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B80D6366-4C0C-4C0D-9A38-769C66D62F0F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:csra6620_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FA42F2EA-5D00-42B8-B020-C27675B72915" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:csra6620:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BFCF207D-B8C8-4860-89C7-673C821F0237" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:csra6640_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A8A35ECF-B12E-42DE-A74B-2C3BE03639A4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:csra6640:-:*:*:*:*:*:*:*", - "matchCriteriaId": "65B283D6-B2D2-49B6-98A8-08EDB54C1F15" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:fastconnect_6200_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CDE1CBDE-3D28-463C-B215-AA7DF373EF09" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:fastconnect_6200:-:*:*:*:*:*:*:*", - "matchCriteriaId": "66BD3B88-7CF9-482D-A2DD-67F6ACF4CC57" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:home_hub_100_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4EFFEA50-D8F0-49DB-AF22-EBC2DA8C634D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:home_hub_100:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D57A69BF-7FBF-4519-94DA-A2C1766B48EC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:mdm9250_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BA44E1D7-C4B5-4A1C-8D89-C080856104EE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:mdm9250:-:*:*:*:*:*:*:*", - "matchCriteriaId": "268F94E5-15A2-4BCA-BE1B-0B6A7179B9C9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:mdm9628_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ADC6FBEE-D2FA-4660-A078-D6CE2097653D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:mdm9628:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F6BD8A1C-D9AB-4BE7-A855-31E58631879C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:mdm9650_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "35B7E25E-FA92-4C36-883C-CFF36F4B3507" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:mdm9650:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ECD99C6F-2444-4A5E-A517-0C8023DDF23D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:msm8108_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2C8807E9-5972-47E7-8B39-2E4D68C7B79E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:msm8108:-:*:*:*:*:*:*:*", - "matchCriteriaId": "57963412-14B9-4C0D-AA0D-6928445DB808" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:msm8209_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "29F64FA7-5EA1-4C91-B409-4A0E966FBD26" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:msm8209:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1FBCA5AB-07E4-404E-A278-28F6004D2126" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:msm8608_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "99AE9AEA-4D9F-4879-85F7-405279EFE5ED" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:msm8608:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BDED3AA7-576C-4437-A466-D627698F4242" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:msm8909w_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FE28A59C-7AA6-4B85-84E8-07852B96108E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:msm8909w:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5DEE828B-09A7-4AC1-8134-491A7C87C118" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:msm8996au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8CA1E7B0-782B-4757-B118-802943798984" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:msm8996au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "95CB08EC-AE12-4A54-AA3C-998F01FC8763" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6174a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4FF653D0-15CF-4A10-8D8E-BE56F4DAB890" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6174a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C31FA74C-6659-4457-BC32-257624F43C66" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6175a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "08811FE5-AEF1-4D3C-8916-DABB7969BA93" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6175a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F8A94CD9-E084-4772-B173-91B6A0F46291" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6554a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0B1397F3-8CCF-4BBA-9F0F-A12E4F045754" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6554a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F5888224-567D-4C84-BE6D-17B636BF506C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6564a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "886124F6-B397-4EB6-8E01-6012E468ABE9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6564a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "93ED74CE-6BF2-4983-8780-07D5336745B3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6564au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B59672A0-2FA6-46CC-B75A-C599B842AFB9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6564au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3847F4A5-90A5-4C84-B43F-0DDD81BD79CE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6574_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9B828AC8-4A01-4537-B2BD-8180C99F5C32" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6574:-:*:*:*:*:*:*:*", - "matchCriteriaId": "66C16E1E-9D4A-4F20-B697-833FDCCA86FB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6574a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "828CFB37-76A6-4927-9D00-AF9A1C432DD6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6574a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "11405993-5903-4716-B452-370281034B42" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6574au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D527E2B1-2A46-4FBA-9F7A-F5543677C8FB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6574au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8374DDB3-D484-4141-AE0C-42333D2721F6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6584_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "95CFB656-804A-453C-A39B-1B08C0A16BB9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6584:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7F0C9ED5-27E3-48EC-9A05-862715EE2034" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6584au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C3DDA896-576C-44B8-85B6-F71F473F776B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6584au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "51A87BDA-5B24-4212-BAB3-D2BBB2F4162E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6595_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "643EC76D-2836-48E6-81DA-78C4883C33CA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6595:-:*:*:*:*:*:*:*", - "matchCriteriaId": "477F6529-4CE1-44FC-B6EE-D24D44C71AE7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6595au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "288F637F-22F8-47CF-B67F-C798A730A1BD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6595au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D0996EA3-1C92-4933-BE34-9CF625E59FE7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6696_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0AE207DB-9770-40ED-961D-FDA75965826F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6696:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0E23922D-C37F-476F-A623-4C1458A9156F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9367_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2AD0E09B-92EC-4974-BC5F-66C3AAF586B1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9367:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3FBA48AB-85F4-4D6C-B811-87756B80FFB8" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9377_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C4D2B46E-3996-42FD-B932-09E92C02EC8A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9377:-:*:*:*:*:*:*:*", - "matchCriteriaId": "98E58C63-F253-4DCC-8A14-48FEB64B4C3D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9379_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "25565FDA-651D-4A05-8B1E-2188B6921253" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9379:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B8D49750-BBEA-4A3D-9898-28B7A50A7F42" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:205_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2E9FB225-819E-44FD-B6B9-8A49909750B8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:205:-:*:*:*:*:*:*:*", - "matchCriteriaId": "57A101BE-894F-40F6-A8FD-9E8DF21076DB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:215_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A3667862-8469-4B33-9B2D-939EA07497E6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:215:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C8673678-1EAD-421D-8450-3BE522D75A5F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd626_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D9043720-6B49-4305-BB4F-C88CCB6D89E9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd626:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FC8F19D3-F322-4CDC-83C5-A9F7F1777DAD" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sdm429w_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C7E52771-4FB7-45DB-A349-4DD911F53752" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sdm429w:-:*:*:*:*:*:*:*", - "matchCriteriaId": "72F6CE39-9299-4FC3-BC48-11F79034F2E4" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sdx20m_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4079EC4E-ACCF-4BC4-BC3F-D7951C4B6496" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sdx20m:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5765D9F4-4090-4470-A90A-7E72A50881AF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:smart_audio_200_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AB60C259-9FA1-41E0-BE4C-8D073A202E77" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:smart_audio_200:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5805AC43-57A8-4E29-B09C-E9FFA96C76B0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:smart_audio_400_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BF7A6EE4-D951-480F-8F68-D49983C911D6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:smart_audio_400:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6FD155BC-1157-4DEA-940A-FB8BD117D4C6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:smart_display_200_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "13B56F26-ABA3-453C-8B69-2D9B044A3ECB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:smart_display_200:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E01002F4-2FB0-46A9-A007-F6EA347E6CE2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_1200_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8F8CABCB-7EF0-43CC-BEA0-0AE3B6FDF438" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_1200:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B399BDBB-D40A-47F8-8B86-15AFC7792021" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_208_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "23BDA737-41EE-4571-9F56-9714668D026A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_208:-:*:*:*:*:*:*:*", - "matchCriteriaId": "36E06420-91AB-44C6-BE6E-E9822B2A880D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_210_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "15838699-2BA0-4CF1-B3E6-0F80581C8DDD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_210:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F9FCAFCB-58C7-4588-A823-3AEBEF0A3710" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_212_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3495C094-A59C-42B4-B4EB-E45DEF5BEAC6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_212:-:*:*:*:*:*:*:*", - "matchCriteriaId": "70D7D23F-9EEA-4180-8C02-FB5F9F4EC12E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_425_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6114FD60-45DE-421A-8EF9-AE2D6E089A9B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_425:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C5A8A307-7AD1-4496-B9DD-B0A267C22DAD" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_429_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4D0C530E-53E7-482B-8522-C632E98E756B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_429:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2942BDD8-5542-430C-B566-245758DC2329" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_439_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5009631F-3632-4AF8-AC1B-A0570778B6D8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_439:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D7A741F7-D151-4133-989D-8654BAB560CA" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_450_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1CE9BB2A-1878-4AD4-B307-E9752F87DDA7" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_450:-:*:*:*:*:*:*:*", - "matchCriteriaId": "80521060-D7E0-4E00-B14E-6F3144107A89" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_617_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "856F211B-526F-4D20-A364-930766241AC3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_617:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8CF348B8-D73F-4B4A-B628-9C38A772F017" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_625_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5B11ABF4-351F-4BE8-A786-27EF880EF928" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_625:-:*:*:*:*:*:*:*", - "matchCriteriaId": "53D8F2F4-4125-49A9-BD9D-3164D2855C44" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_626_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "936AC2BB-818B-4319-A6C1-8331DF44C52F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_626:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D1A80E6E-CACA-425A-805F-82720C5D7B70" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_632_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7CED510F-D50F-4093-9215-00EF84F99AE3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_632:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0397BAC5-EF34-43E8-8847-D15DA32218E8" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_650_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B65E36BF-FD6D-486A-854F-C192308AE4ED" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_650:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C956BEAB-6AD1-4DCA-825F-DF5EBD2CCE2C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_652_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4F5097FB-0487-4A4F-B99E-E52CFD9906D4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_652:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F7578B00-89BA-48FF-978B-6F89569CACA3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_653_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FCFFCE3C-C48A-4E7F-A2B4-AAE7C6F53461" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_653:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E9110813-3AD6-44CB-B9D7-04853D8EC4B4" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_820_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "87D8DD02-AAAB-4EAE-BB23-C8DA64A2ADF4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_820:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4034D942-52BC-4DEB-93CD-AF7CDC30C5C5" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_auto_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "901F9968-53C6-4A19-87C8-5FC90A74DF30" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_auto_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E57A7FD9-3849-4420-95BD-905C701E6213" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_wear_2100_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AE035D37-DC98-432B-9DB9-C065C7AAADDE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_wear_2100:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A87D8C69-4706-452D-A158-E89F062BBAE0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_wear_2500_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C07C7CE0-2ABF-4E24-B121-C7B82CD804B9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_wear_2500:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FBF25029-ABB1-43BE-B2D7-4273A578A49C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_wear_3100_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "63C00A09-B369-4BCC-9936-0ED26604BA05" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_wear_3100:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0C6571A0-BE1F-4385-8501-648F0F92F392" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_wear_4100\\+_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EA1AEB2C-F420-46A6-8804-A35870153BAA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_wear_4100\\+:-:*:*:*:*:*:*:*", - "matchCriteriaId": "20746D0A-8D06-4483-AE84-2E0232259171" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_x12_lte_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AD477FCB-4FDE-43AD-8CA9-E64D8C95F8E3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_x12_lte:-:*:*:*:*:*:*:*", - "matchCriteriaId": "19A717FE-A546-4AC9-973F-7CB4AB7F766E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_x20_lte_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D2E3E2AE-E933-4230-8E12-5FD378A33284" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_x20_lte:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E2AFFA75-3E6D-46FB-A5DC-27D1E0A3A8B7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_x5_lte_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "03F7EED4-ACB6-4874-8849-D8B43373DC2A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_x5_lte:-:*:*:*:*:*:*:*", - "matchCriteriaId": "727E9B7F-99DE-4862-8BC6-5E72EA50EBB4" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:vision_intelligence_100_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7950993A-8669-479E-9531-B8FBF6AF6EB2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:vision_intelligence_100:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B34E6D81-1585-4CAF-9A94-BD14500A1E67" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:vision_intelligence_200_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4535EF79-92F4-484B-B84B-5927FF07F3CD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:vision_intelligence_200:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5D8B89D9-12BD-44B5-95A6-DBAAB5B0745B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9326_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3A2FAD34-B7C5-400A-8575-A12CDE65ACBE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9326:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5A39A2E5-6D8D-4F6E-98CB-96DB1975A4BC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9330_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "43A90019-4E96-40B5-9E4D-CCBDD51ACA34" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9330:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BC3D23FE-B3D5-4EC3-8268-98F12181966D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9335_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "28717583-463A-468A-8073-ECF0F90585F6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9335:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4D1A7188-7D5D-4D46-AEAB-08BA84FFF539" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3610_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DAFD64E7-3F13-4DCA-8C46-6E8FE0C6F798" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3610:-:*:*:*:*:*:*:*", - "matchCriteriaId": "044A14FB-64F6-4200-AC85-8DC91C31BD16" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3615_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9590EF1F-E821-4525-943B-4A315ACAEFFC" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3615:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7A7D32B3-325E-4B1F-8649-3D0071396BBA" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3620_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D99CA230-0694-4898-A06E-9C522CCB86CE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3620:-:*:*:*:*:*:*:*", - "matchCriteriaId": "62B00662-139A-4E36-98FA-D4F7D101D4AB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3660_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7B2669D0-81C0-4F3C-B9AF-1453815C68B1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3660:-:*:*:*:*:*:*:*", - "matchCriteriaId": "34D7240B-DCB4-4BF4-94C7-13EBECA62D6C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3660b_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FB37B5DB-2493-4082-B2BF-60385B7E027C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3660b:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6BCD2FE2-11F2-4B2A-9BD7-EB26718139DA" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3680_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0F66A898-3C7A-4D44-86BD-89129F04E654" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3680:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B612B044-C7D1-4662-AB2A-5400E34A3CA7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3680b_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0755F669-6D7E-454A-95DA-D60FA0696FD9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3680b:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BE861CE7-B530-4698-A9BC-43A159647BF2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9C6E9038-9B18-4958-BE1E-215901C9B4B2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3980:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B36D3274-F8D0-49C5-A6D5-95F5DC6D1950" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "15307882-7039-43E9-9BA3-035045988B99" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA85B322-E593-4499-829A-CC6D70BAE884" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E839A0B9-64C3-4C7A-82B7-D2AAF65928F8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7E870D82-DE3B-4199-A730-C8FB545BAA98" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.qualcomm.com\/company\/product-security\/bulletins\/september-2023-bulletin", - "source": "product-security@qualcomm.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-33021", - "sourceIdentifier": "product-security@qualcomm.com", - "published": "2023-09-05T07:15:14.717", - "lastModified": "2024-04-12T17:17:15.697", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Memory corruption in Graphics while processing user packets for command submission." - }, - { - "lang": "es", - "value": "Corrupción de la memoria en Graphics al procesar paquetes de usuario para el envío de comandos." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - }, - { - "source": "product-security@qualcomm.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.4, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.5, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-416" - } - ] - }, - { - "source": "product-security@qualcomm.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-416" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:apq8064au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CDCB8499-A096-4633-8506-63C0A227A958" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:apq8064au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BEE2C7C3-E928-4466-B537-0D1826E2223C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:aqt1000_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EC6FCE91-BF38-49ED-8FFB-429BAFEE7832" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:aqt1000:-:*:*:*:*:*:*:*", - "matchCriteriaId": "715A9F94-5F9E-45E5-B07B-699410C01478" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:ar8035_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C88B9C86-2E8E-4DCE-A30C-02977CC00F00" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:ar8035:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EE473A5A-5CFC-4F08-A173-30717F8BD0D7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:csra6620_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FA42F2EA-5D00-42B8-B020-C27675B72915" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:csra6620:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BFCF207D-B8C8-4860-89C7-673C821F0237" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:csra6640_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A8A35ECF-B12E-42DE-A74B-2C3BE03639A4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:csra6640:-:*:*:*:*:*:*:*", - "matchCriteriaId": "65B283D6-B2D2-49B6-98A8-08EDB54C1F15" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:fastconnect_6200_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CDE1CBDE-3D28-463C-B215-AA7DF373EF09" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:fastconnect_6200:-:*:*:*:*:*:*:*", - "matchCriteriaId": "66BD3B88-7CF9-482D-A2DD-67F6ACF4CC57" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:fastconnect_6700_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "82B82E87-F3F4-466F-A76B-C8809121FF6F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:fastconnect_6700:-:*:*:*:*:*:*:*", - "matchCriteriaId": "419A132E-E42C-4395-B74B-788A39DF1D13" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:fastconnect_6800_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D89F035A-2388-48FC-AEBB-8429C6880F4A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:fastconnect_6800:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CA13EF4E-AAE6-45F4-9E41-78310E37CE81" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E670F500-9B71-4BBE-B5DA-221D35803C89" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:fastconnect_6900:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9ADEB5C5-B79A-4F45-B7D3-75945B38DB6C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B3053D68-C5D8-4D47-A4F0-9F3AF2289E1D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:fastconnect_7800:-:*:*:*:*:*:*:*", - "matchCriteriaId": "638DBC7F-456F-487D-BED2-2214DFF8BEE2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:flight_rb5_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AD5C60F1-5B7F-4AB0-9863-720A1972563E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:flight_rb5_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C43A4F08-1E8A-4CEF-8E61-4152ED78E600" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:home_hub_100_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4EFFEA50-D8F0-49DB-AF22-EBC2DA8C634D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:home_hub_100:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D57A69BF-7FBF-4519-94DA-A2C1766B48EC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:mdm9650_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "35B7E25E-FA92-4C36-883C-CFF36F4B3507" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:mdm9650:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ECD99C6F-2444-4A5E-A517-0C8023DDF23D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:msm8996au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8CA1E7B0-782B-4757-B118-802943798984" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:msm8996au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "95CB08EC-AE12-4A54-AA3C-998F01FC8763" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qam8255p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3723C7B1-A7E2-401F-8D6D-189350F6BCA5" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qam8255p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B12B89EF-7B12-481E-BCBC-F12B9D16321A" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qam8295p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C2D9E281-B382-41AC-84CB-5B1063E5AC51" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qam8295p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "44EBEBD5-98C3-493B-A108-FD4DE6FFBE97" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6174a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4FF653D0-15CF-4A10-8D8E-BE56F4DAB890" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6174a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C31FA74C-6659-4457-BC32-257624F43C66" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6310_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "62DC4FBB-D9CB-43EB-829E-0A892306D0E2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6310:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5B0F8ED6-EAE7-44EA-A8C6-F5AD408261F0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6320_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "886CF046-E1D9-4FD4-AC02-EAB61C3F70FD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6320:-:*:*:*:*:*:*:*", - "matchCriteriaId": "059486E9-3F99-4C65-A763-470564EDAF2C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6391_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "83B53119-1B2F-4978-B7F5-33B84BE73B68" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6391:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6FEBC0C5-CAA1-475C-96C2-B8D24B2E4536" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6420_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7E16994A-6DBA-426C-ADD2-B1E8B49FEDBF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6420:-:*:*:*:*:*:*:*", - "matchCriteriaId": "47E674DE-55AB-44E5-8E00-C804FC9D4DC0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6421_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "503CEDEF-99D0-4432-88A0-295340743606" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6421:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CE9115A0-0D87-49BE-9A9B-091DBF8D9E6E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6426_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A344E78F-D15A-460E-8EF8-7C6FC39F2D5E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6426:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8FF5EC23-4884-4C2B-8E77-50B1E8E28A3D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6430_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "95AFC483-1468-43FC-96FA-A56165C290E0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6430:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0A963FDF-6FF4-4F48-834E-2A14D241716D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6431_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "76FD6A24-B6F4-4C65-968F-AFF90A1A60B8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6431:-:*:*:*:*:*:*:*", - "matchCriteriaId": "34661A30-92C3-4F0D-ABD1-8DA8E928DFF9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6436_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "04F574BC-9AB2-4B83-A466-556ECEBBD3DF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6436:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A34D021D-C043-4EFD-9AB3-B2174528CBA3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6564_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "00FE294D-4BE0-4436-9273-507E760884EC" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6564:-:*:*:*:*:*:*:*", - "matchCriteriaId": "424CB795-58E5-43A4-A2EC-C563D93C5E72" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6564a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "886124F6-B397-4EB6-8E01-6012E468ABE9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6564a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "93ED74CE-6BF2-4983-8780-07D5336745B3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6564au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B59672A0-2FA6-46CC-B75A-C599B842AFB9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6564au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3847F4A5-90A5-4C84-B43F-0DDD81BD79CE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6574_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9B828AC8-4A01-4537-B2BD-8180C99F5C32" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6574:-:*:*:*:*:*:*:*", - "matchCriteriaId": "66C16E1E-9D4A-4F20-B697-833FDCCA86FB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6574a_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "828CFB37-76A6-4927-9D00-AF9A1C432DD6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6574a:-:*:*:*:*:*:*:*", - "matchCriteriaId": "11405993-5903-4716-B452-370281034B42" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6574au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D527E2B1-2A46-4FBA-9F7A-F5543677C8FB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6574au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8374DDB3-D484-4141-AE0C-42333D2721F6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6584au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C3DDA896-576C-44B8-85B6-F71F473F776B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6584au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "51A87BDA-5B24-4212-BAB3-D2BBB2F4162E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6595_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "643EC76D-2836-48E6-81DA-78C4883C33CA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6595:-:*:*:*:*:*:*:*", - "matchCriteriaId": "477F6529-4CE1-44FC-B6EE-D24D44C71AE7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6595au_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "288F637F-22F8-47CF-B67F-C798A730A1BD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6595au:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D0996EA3-1C92-4933-BE34-9CF625E59FE7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6696_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0AE207DB-9770-40ED-961D-FDA75965826F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6696:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0E23922D-C37F-476F-A623-4C1458A9156F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6698aq_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5FA1F8F4-EAF2-4704-A8A6-19AD3CA1B577" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6698aq:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B3F7853D-09EE-476F-B48D-BB30AEB4A67D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca6797aq_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "797295C2-535C-46A9-A725-E1A5405F0436" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca6797aq:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8BFC575E-594E-4711-94B1-2DC8D03B9AC4" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8081_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1D1C53DC-D2F3-4C92-9725-9A85340AF026" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8081:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ED0585FF-E390-46E8-8701-70964A4057BB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca8337_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2FA8F9DA-1386-4961-B9B2-484E4347852A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca8337:-:*:*:*:*:*:*:*", - "matchCriteriaId": "117289C8-7484-4EAE-8F35-A25768F00EED" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9377_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C4D2B46E-3996-42FD-B932-09E92C02EC8A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9377:-:*:*:*:*:*:*:*", - "matchCriteriaId": "98E58C63-F253-4DCC-8A14-48FEB64B4C3D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qca9379_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "25565FDA-651D-4A05-8B1E-2188B6921253" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qca9379:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B8D49750-BBEA-4A3D-9898-28B7A50A7F42" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcm4325_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F2D8044B-D4E5-4174-A0FB-478F8434EE8F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcm4325:-:*:*:*:*:*:*:*", - "matchCriteriaId": "163FE96E-DF5B-4B67-8EDE-44A5B9A8492D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcm6490_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ADD6D51E-5787-42A6-8A02-4EBBAFFF9C94" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcm6490:-:*:*:*:*:*:*:*", - "matchCriteriaId": "99AA0291-B822-4CAD-BA17-81B632FC3FEF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn6024_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A49DBE04-E2EA-4DA1-B774-A878A71524AC" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn6024:-:*:*:*:*:*:*:*", - "matchCriteriaId": "69E98386-3BB2-4E8C-AD00-E05123608439" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9011_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9306C34D-47E4-40CF-89F4-BA5263655D13" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9011:-:*:*:*:*:*:*:*", - "matchCriteriaId": "02BA009F-24E1-4953-BA95-2A5BC1CDBDBB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9012_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "61F34DD2-9DC0-49E5-BC85-1543EA199477" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9012:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1A06879F-6FE9-448A-8186-8347D76F872B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcn9024_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A64CDA49-19BF-413F-A0E0-2B9729E45E25" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcn9024:-:*:*:*:*:*:*:*", - "matchCriteriaId": "345CCD64-C09E-407D-AAA2-311C4CCFE24F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs410_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DC43BB27-0516-4750-A4C2-C45298441398" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs410:-:*:*:*:*:*:*:*", - "matchCriteriaId": "969585DE-93D6-4406-A632-D838ECD4D5AD" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs610_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E634F59C-6817-4898-A141-082044E66836" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs610:-:*:*:*:*:*:*:*", - "matchCriteriaId": "29762819-EC90-499C-A8C6-1423DE3FE6B9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qcs6490_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "403AE561-6C9E-49F3-A5D6-C48DDD51D663" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qcs6490:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6FAC140F-FC5E-4C88-B777-7F5EBF49A695" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qrb5165m_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D9CC1C8B-F642-4068-B9E3-ECE027486E45" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qrb5165m:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A60F8378-B827-4557-B891-A8A02F8F2A25" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:qrb5165n_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "97BB1EB7-D194-4FE2-B4F6-A7A52F344DDE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:qrb5165n:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA2C90E7-0F3A-43BB-ABF7-63CEA7A85ADA" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:robotics_rb5_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "71CFA659-DE2C-4AA0-8AAD-75033B2F4663" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:robotics_rb5:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0C3E952A-9CA6-4A41-820C-9756B453DECF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa4150p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0DC99C0C-8AE3-4918-B91D-2C26990FE931" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa4150p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A558A868-1B67-48D2-8A94-FDEA7126FAE7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa4155p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D8D28764-EF4F-4FB3-B936-B42397450EFD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa4155p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7964A762-467B-47D7-865F-30D48A0AE47C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6145p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C66671C1-AE1A-44BE-9DB2-0B09FF4417DB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6145p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "74AA3929-3F80-4D54-B13A-9B070D5C03BB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6150p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "054F77D6-FC66-4151-9005-DC7ECDB5C722" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6150p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8ED3F589-16D9-46A7-A539-C9862473EE0D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6155_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4C40544E-B040-491C-8DF3-50225E70B50C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6155:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A2DAC85C-CDC9-4784-A69A-147A2CE8A8B2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa6155p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8DC40C14-3B2D-4E00-9E0F-86E6BDBF2D81" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa6155p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0514D433-162C-4680-8912-721D19BE6201" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8145p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A71D74B0-0963-49FD-8E97-148C8993B263" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8145p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "910CBFA4-50F7-4C7A-B9B9-B88C8A919827" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8150p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "69C1B02F-8D2D-42E7-B70D-41F4D9844FD1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8150p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3FEACAA9-C061-4713-9A54-37D8BFC0B00B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8155_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F33EB594-B0D3-42F2-B1CA-B0E6C9D82C6B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8155:-:*:*:*:*:*:*:*", - "matchCriteriaId": "50EF47E5-2875-412F-815D-44804BB3A739" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8155p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C8648B38-2597-401A-8F53-D582FA911569" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8155p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A01CD59B-8F21-4CD6-8A1A-7B37547A8715" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8195p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "51BC0A66-493B-43BE-B51F-640BDF2FF32E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8195p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D8DA4D12-7ABF-4A04-B44E-E1D68C8E58AB" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8255p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EC6E268D-C4AF-4950-9223-39EA36D538A8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8255p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "073C1A81-D02B-4F2F-9378-CD1B2DCE0E5B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sa8295p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2A19659B-A0C3-44B7-8D54-BA21729873A4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sa8295p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F978041A-CE28-4BDF-A7DB-F0360F1A5F14" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd_675_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3F900C8F-9763-441A-B97E-E5394A68A08A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd_675:-:*:*:*:*:*:*:*", - "matchCriteriaId": "589C1001-E9F6-41A6-BCC8-A94A3C97F2E6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd626_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D9043720-6B49-4305-BB4F-C88CCB6D89E9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd626:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FC8F19D3-F322-4CDC-83C5-A9F7F1777DAD" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd660_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3991C516-4FBE-43D8-835F-413FE45BF73E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd660:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D9CF5EBB-B25A-4A76-B522-951F108263CC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd670_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5B8DA94C-23A0-4C99-9F05-144B9B5224B3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd670:-:*:*:*:*:*:*:*", - "matchCriteriaId": "39E10E22-E7CC-41D6-80F3-030083F45645" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd675_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1497D052-884E-496B-BEF8-6904A25125ED" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd675:-:*:*:*:*:*:*:*", - "matchCriteriaId": "589F4888-28F6-4ECA-860E-8054C2A8C419" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd730_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EC4DA7EA-DB81-4C71-A875-2612D8D7D726" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd730:-:*:*:*:*:*:*:*", - "matchCriteriaId": "48F26F64-98D4-420A-8918-E5E56ABA1D47" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd835_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9DA605FD-B801-43BB-B52D-879013F7F57E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd835:-:*:*:*:*:*:*:*", - "matchCriteriaId": "908BFD96-0423-4AFC-B8F3-105B2D5B4C73" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd855_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "42B30014-95AB-4F24-A7A5-60A907502609" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd855:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F562ED3D-CBE3-4DCC-BFBB-DE0AD2425A9C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd865_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "72433485-B229-46A6-BCA4-394AA4EEA683" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd865_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "04D40EC4-BF31-4BFD-8D0A-8193F541AF02" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sd888_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "79219DA5-0D09-4CEF-AEFD-917F269AE7DF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sd888:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4D30BACF-71C1-4A6D-8811-9AD708A98307" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sdx55_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E93FB34B-3674-404D-9687-E092E9A246AB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sdx55:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F3FF5A9A-A34A-499C-B6E0-D67B496C5454" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm6250_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FACA2BF1-85D3-447F-A08D-B90330A22550" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm6250:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C2ABA18D-82C1-4366-B1D7-DED42DD3D5C5" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm6250p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E3FB2972-94B6-4716-BA96-4B452BA3990F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm6250p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "57F4F872-094E-4E27-BB89-D8251FAFB713" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm7250p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "76DB5472-DF51-4144-8A69-9B231CF782DA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm7250p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1D395018-251C-45AA-9EE8-A638CAB0B508" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm7315_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A4508742-7D97-43D8-B8F5-041F4C588723" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm7315:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CF8C63E8-169F-4164-BD49-348ED894813F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sm7325p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4BEC725F-19B1-4078-B13D-CE624BE23344" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sm7325p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4EA43E38-A12D-49C3-B05C-A2AF07ED2710" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:smart_audio_200_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AB60C259-9FA1-41E0-BE4C-8D073A202E77" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:smart_audio_200:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5805AC43-57A8-4E29-B09C-E9FFA96C76B0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:smart_audio_400_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BF7A6EE4-D951-480F-8F68-D49983C911D6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:smart_audio_400:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6FD155BC-1157-4DEA-940A-FB8BD117D4C6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:smart_display_200_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "13B56F26-ABA3-453C-8B69-2D9B044A3ECB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:smart_display_200:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E01002F4-2FB0-46A9-A007-F6EA347E6CE2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_4_gen_1_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C57BEA9E-2DAD-47E5-9777-DF835C83FC89" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_4_gen_1:-:*:*:*:*:*:*:*", - "matchCriteriaId": "67E8D5A1-0C4F-4ADE-902E-1768F9C84EDA" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_429_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4D0C530E-53E7-482B-8522-C632E98E756B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_429:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2942BDD8-5542-430C-B566-245758DC2329" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_439_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5009631F-3632-4AF8-AC1B-A0570778B6D8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_439:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D7A741F7-D151-4133-989D-8654BAB560CA" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_450_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1CE9BB2A-1878-4AD4-B307-E9752F87DDA7" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_450:-:*:*:*:*:*:*:*", - "matchCriteriaId": "80521060-D7E0-4E00-B14E-6F3144107A89" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_480_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "04DAFFC1-9038-4CEB-B181-C555BC0A3CF7" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_480_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "70A8B62B-DA3A-416E-96D8-4E5AAD197631" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_480\\+_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8BE024DC-38BD-4AD5-8505-C3218C5FCF06" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_480\\+_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A5F6C78C-33F5-40D8-9D2C-52D0FEC6DCA8" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_625_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5B11ABF4-351F-4BE8-A786-27EF880EF928" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_625:-:*:*:*:*:*:*:*", - "matchCriteriaId": "53D8F2F4-4125-49A9-BD9D-3164D2855C44" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_626_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "936AC2BB-818B-4319-A6C1-8331DF44C52F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_626:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D1A80E6E-CACA-425A-805F-82720C5D7B70" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_630_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B2E368C7-0696-466E-9FAC-0C9A58275787" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_630:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7FBF4F78-DCD9-4554-85F2-540979546ED7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_632_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7CED510F-D50F-4093-9215-00EF84F99AE3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_632:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0397BAC5-EF34-43E8-8847-D15DA32218E8" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_636_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F32168D9-3A1C-40FD-BD46-941D5A1F02EE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_636:-:*:*:*:*:*:*:*", - "matchCriteriaId": "20F4EB92-9FD7-4FD9-9FDE-A48D7AF83510" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_660_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FF33DF89-CD83-4003-B3E2-F399A61B71AF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_660:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7D84D667-1939-4891-87E3-F8A77433252E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_670_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6D675A8D-0FB3-4B2F-9D60-0DBB521820D5" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_670:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C1E4FC24-7BB8-4E16-8ADA-C54FE94C2CE7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_675_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EC6976CA-9019-4B8A-84B1-58F73A0E2673" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_675:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B11CD214-B46D-43A9-A170-CBC40BFED199" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_678_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "63FDD354-0044-4BD2-B1B9-B89BE040070D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_678:-:*:*:*:*:*:*:*", - "matchCriteriaId": "52CFA50A-F846-4C91-83ED-B52B8B5C9781" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_680_4g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A7C981FE-CD14-4DA0-86FE-94C34B490A36" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_680_4g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CC7A9678-01AD-4CCE-BD3E-DD0FDD7E246A" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_685_4g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CD0989BA-DEBC-4B45-AC3A-F2033C17B93A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_685_4g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5CF03844-5ECE-4738-9DD3-E7F690679A06" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_690_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1DCF8439-B259-43FE-B797-57C2D62A35E5" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_690_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F97A345D-4024-4C48-A7C5-BF2F13D3B2BE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_695_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "624349A3-DAD6-4C93-A694-AB4CDC0F00EC" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_695_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3E265840-94AC-4462-853D-29098B2CD746" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_710_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9937F60D-3325-41F8-8F7D-99C1A07016F9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_710:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A7E3CAB2-09FB-459E-8219-66283C59B6CF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_720g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0EDCFF2B-1713-46E2-AA4A-419FB63ED8A0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_720g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5E87C169-AC6C-41FB-878C-748517AB40BF" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_730_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5CB628D4-566E-454D-B2B9-04A5533C6737" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_730:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E726FE28-3CEB-48DC-8C4E-7DB56D9567C0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_730g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B7A5B684-09BB-4DD0-9F16-D3761EA37D34" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_730g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E6A01340-72E8-4811-A24A-D359C8B63611" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_732g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B8C1A76A-AD97-4A08-B45A-F9994D5455DE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_732g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6E07087B-C0E3-431E-A03A-0255B3EC73A3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_750g_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A1DF0CA5-9874-4C25-8357-7E5D9AABACD1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_750g_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C4D5549F-053A-4EF0-BB43-CAD84E0BBF98" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_765_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5D8D5607-F0BC-46C9-A94F-1D28EE5A3F0E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_765_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "17D19361-1C7D-44F2-B007-36097947B352" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_765g_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9F4659B0-547B-4492-9338-90B45B0462FC" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_765g_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B52D8884-D1E4-45F7-86F6-D882DF099611" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_768g_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CE9D188A-2029-431E-A225-302C7795B891" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_768g_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E0D216C8-92CF-4C54-8D44-5E1BBAB76C92" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_778g_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EB958799-6C95-4066-A564-2440B94EA064" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_778g_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3AEA9DD8-681B-48A9-A2E9-8F81DA4C5276" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_778g\\+_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "60CB441C-DCC6-4AF9-B3E6-6DE6305D3AAE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_778g\\+_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "44884D15-3D35-4D97-BEFE-995C573F12E8" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_780g_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "481E3382-E1DB-45A6-9FF7-B86712DFBF0D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_780g_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CF847CB8-B3E7-4371-B531-BA82B686AA1F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_782g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9D264E36-5E39-4ABD-B05D-153C852CE40B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_782g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "80322365-61A2-4B55-932E-F2B678F8C3C6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_7c\\+_gen_3_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9749871B-A555-4FAA-82F8-E46B95AC0F25" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_7c\\+_gen_3:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E0318A41-2E92-4C83-BB9D-68BC68E574BC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_8_gen_1_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "985A7570-846E-4ED8-8EF0-E529231CE0B1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_8_gen_1:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2BB1B4D9-EAE6-4395-8B8A-C97F15A64DFA" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_820_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "87D8DD02-AAAB-4EAE-BB23-C8DA64A2ADF4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_820:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4034D942-52BC-4DEB-93CD-AF7CDC30C5C5" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_835_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D712ED25-1364-40C4-94F8-DC18D1DDCC66" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_835:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4FE45292-C833-4461-97CE-6A039A29901D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_855_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B5501670-56E2-48B6-ACFC-67F908D5ECCA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_855:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C3AB9254-8202-411C-9700-C2739D9C317C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_855\\+_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "06165461-2AA0-4306-8F72-C8F6A9D5113A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_855\\+:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D95A0D7F-8A18-46A1-B420-2DF65E03B60C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_860_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "47D193F3-8369-4253-B46A-07DC2D4CC19D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_860:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DCAFB57B-87C0-45EA-9F8D-1818AF187D35" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_865_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "713B1CB7-985F-49F4-A5A7-23DFD0F4EA04" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_865_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1D7467AE-2EC2-4D9C-9D9C-83BAE7AE48CD" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_865\\+_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7F15FC88-6366-4210-A949-75A3890476B2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_865\\+_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "711C5A1C-F67B-4BE2-BFE7-C86E716F85E2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_870_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B6D89373-04BA-4DD4-A0D0-A45AF93FA7AB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_870_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FE485ADB-9A68-41AE-BBA8-242AC27263DD" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_888_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4DB133AD-4616-4B0E-82D3-6F579F871D84" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_888_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C5C49373-6BDA-4465-B2A3-D0E9C29452BD" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_888\\+_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5C520263-AE1E-42FF-8F93-9BB2ACC2882B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_888\\+_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "01316BA6-3E0F-470B-A675-6AC22D2E408D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_auto_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "901F9968-53C6-4A19-87C8-5FC90A74DF30" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_auto_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E57A7FD9-3849-4420-95BD-905C701E6213" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_w5\\+_gen_1_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "158F6ED7-FB30-47BF-BDAE-91BED7A58157" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_w5\\+_gen_1:-:*:*:*:*:*:*:*", - "matchCriteriaId": "89A06BE0-4F54-4591-836D-4D70D9976BBE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_x12_lte_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AD477FCB-4FDE-43AD-8CA9-E64D8C95F8E3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_x12_lte:-:*:*:*:*:*:*:*", - "matchCriteriaId": "19A717FE-A546-4AC9-973F-7CB4AB7F766E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_x24_lte_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "16777702-41D2-40FC-9DF5-611E69A68E7F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_x24_lte:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6C798979-4CF2-4D18-B785-4EA87563A45C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_x50_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C9C56B06-3D58-4720-835F-103C404D109E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_x50_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "80CF44A8-24C9-4625-B538-93721C348438" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_x55_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "50081C21-0E3C-451C-B5D9-BFA6763FC92A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_x55_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F8D443BF-15A5-4984-972B-0BC5BEDC835B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_x65_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "193DA42A-82EE-4536-A4B4-B6ED03F0D0D8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_x65_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "38044A2F-02C8-458A-AA28-42FE87ED6F8A" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_xr1_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "ED623126-9BE8-441A-8F5D-397F588FFC48" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_xr1:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8A55B55F-D25A-455D-8CC2-415A677393F6" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:snapdragon_xr2_5g_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "665811D8-F648-4F32-A375-FAF9C9E928B3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:snapdragon_xr2_5g:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2A537932-6EAD-411B-83FF-48CF050F603A" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sw5100_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA1BF9BB-AF11-46A7-A71C-F7D289E76E3F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sw5100:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7B8455D6-287D-4934-8E4D-F4127A9C0449" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sw5100p_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DB599A9F-0305-4FE4-8623-0F86630FEDCB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sw5100p:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EEB883BF-68B2-4C25-84DC-5DA953BFAA2F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sxr1120_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CF839E24-6542-4C5D-A1B7-FD3BA00683CB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sxr1120:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E9F12284-93E0-482D-9D35-EB38BA7D6C6D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:sxr2130_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9F9FA3B1-E4E4-4D9B-A99C-7BF958D4B993" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:sxr2130:-:*:*:*:*:*:*:*", - "matchCriteriaId": "95762B01-2762-45BD-8388-5DB77EA6139C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:vision_intelligence_100_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7950993A-8669-479E-9531-B8FBF6AF6EB2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:vision_intelligence_100:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B34E6D81-1585-4CAF-9A94-BD14500A1E67" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:vision_intelligence_200_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4535EF79-92F4-484B-B84B-5927FF07F3CD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:vision_intelligence_200:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5D8B89D9-12BD-44B5-95A6-DBAAB5B0745B" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9326_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3A2FAD34-B7C5-400A-8575-A12CDE65ACBE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9326:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5A39A2E5-6D8D-4F6E-98CB-96DB1975A4BC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9335_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "28717583-463A-468A-8073-ECF0F90585F6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9335:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4D1A7188-7D5D-4D46-AEAB-08BA84FFF539" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9340_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8BA28CC6-C8BB-4F50-BFE3-A59F664A4F54" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9340:-:*:*:*:*:*:*:*", - "matchCriteriaId": "94D2BDF1-764C-48BA-8944-3275E8768078" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9341_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CE852339-1CAE-4983-9757-8F00EDEF1141" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9341:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4D9E96B3-F1BB-46F8-B715-7DF90180F1E1" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1295D869-F4DD-4766-B4AA-3513752F43B4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9370:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B98784DC-3143-4D38-AD28-DBBDCCAB4272" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9371_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2503805B-B2A6-4AEE-8AB1-2B8A040702BD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9371:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D3AD370C-2ED0-43CF-83D9-50DC92A01CA5" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9375_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "34143ABA-7D09-429F-A65C-3A33438BF62C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9375:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9D56DFE3-5EF1-4B23-BBD5-0203FBF9CCEC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "70292B01-617F-44AD-AF77-1AFC1450523D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FA94C6D6-85DB-4031-AAF4-C399019AE16D" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "92B17201-8185-47F1-9720-5AB4ECD11B22" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E1FA2EB9-416F-4D69-8786-386CC73978AE" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3610_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DAFD64E7-3F13-4DCA-8C46-6E8FE0C6F798" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3610:-:*:*:*:*:*:*:*", - "matchCriteriaId": "044A14FB-64F6-4200-AC85-8DC91C31BD16" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3615_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9590EF1F-E821-4525-943B-4A315ACAEFFC" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3615:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7A7D32B3-325E-4B1F-8649-3D0071396BBA" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3660_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7B2669D0-81C0-4F3C-B9AF-1453815C68B1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3660:-:*:*:*:*:*:*:*", - "matchCriteriaId": "34D7240B-DCB4-4BF4-94C7-13EBECA62D6C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3660b_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FB37B5DB-2493-4082-B2BF-60385B7E027C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3660b:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6BCD2FE2-11F2-4B2A-9BD7-EB26718139DA" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3680b_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0755F669-6D7E-454A-95DA-D60FA0696FD9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3680b:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BE861CE7-B530-4698-A9BC-43A159647BF2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3950_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "3FEF2DB6-00F5-4B07-953B-EF58B31267F1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3950:-:*:*:*:*:*:*:*", - "matchCriteriaId": "120E8F0F-EBEB-4565-9927-2D473F783EF7" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9C6E9038-9B18-4958-BE1E-215901C9B4B2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3980:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B36D3274-F8D0-49C5-A6D5-95F5DC6D1950" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3988_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E4BFB25F-013B-48E3-99FF-3E8687F94423" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3988:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BF676C5B-838B-446C-A689-6A25AB8A87E2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn3990_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2744A053-5BD9-45A9-A2FC-791BCA0CCD4C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn3990:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D5F28E29-520F-469E-B048-62DE2EF07ADD" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wcn6740_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FB5DB2B8-25E1-4C0F-8AFB-7627FF9A04E1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wcn6740:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9BB21B3F-6D07-4B45-8A71-DC5490176296" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "15307882-7039-43E9-9BA3-035045988B99" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA85B322-E593-4499-829A-CC6D70BAE884" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E839A0B9-64C3-4C7A-82B7-D2AAF65928F8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7E870D82-DE3B-4199-A730-C8FB545BAA98" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "11B69595-E488-4590-A150-CE5BE08B5E13" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BF680174-5FA6-47D9-8EAB-CC2A37A7BD42" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F80BC68E-7476-4A40-9F48-53722FE9A5BF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6B36F4B2-BAA3-45AD-9967-0EB482C99708" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.qualcomm.com\/company\/product-security\/bulletins\/september-2023-bulletin", - "source": "product-security@qualcomm.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-41908", - "sourceIdentifier": "cve@mitre.org", - "published": "2023-09-05T07:15:14.810", - "lastModified": "2023-09-08T14:26:28.263", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Cerebrate before 1.15 lacks the Secure attribute for the session cookie." - }, - { - "lang": "es", - "value": "Cerebrate antes de la versión 1.15 carece del atributo \"Secure\" para la cookie de sesión. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:L\/I:N\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 5.3, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 3.9, - "impactScore": 1.4 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-862" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cerebrate-project:cerebrate:*:*:*:*:*:*:*:*", - "versionEndExcluding": "1.15", - "matchCriteriaId": "DE11F1CF-0968-4E5C-B646-1F5C2BCB9B1E" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/github.com\/cerebrate-project\/cerebrate\/commit\/9be81055651649658243b5aa274b175064bfc6db", - "source": "cve@mitre.org", - "tags": [ - "Patch" - ] - }, - { - "url": "https:\/\/github.com\/cerebrate-project\/cerebrate\/compare\/v1.14...v1.15", - "source": "cve@mitre.org", - "tags": [ - "Patch" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-41909", - "sourceIdentifier": "cve@mitre.org", - "published": "2023-09-05T07:15:14.877", - "lastModified": "2023-12-22T21:17:24.600", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "An issue was discovered in FRRouting FRR through 9.0. bgp_nlri_parse_flowspec in bgpd\/bgp_flowspec.c processes malformed requests with no attributes, leading to a NULL pointer dereference." - }, - { - "lang": "es", - "value": "Se descubrió un problema en FRRouting FRR hasta 9.0. bgp_nlri_parse_flowspec en bgpd\/bgp_flowspec.c. Procesa solicitudes con formato incorrecto sin atributos, conllevando una desreferencia de puntero NULL." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:N\/I:N\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "availabilityImpact": "HIGH", - "baseScore": 7.5, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-476" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:frrouting:frrouting:*:*:*:*:*:*:*:*", - "versionEndIncluding": "9.0", - "matchCriteriaId": "21743BBD-2224-414A-9ECE-DDB43CCCD919" - } - ] - } - ] - }, - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", - "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73" - } - ] - } - ] - }, - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", - "matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*", - "matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*", - "matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/github.com\/FRRouting\/frr\/pull\/13222\/commits\/cfd04dcb3e689754a72507d086ba3b9709fc5ed8", - "source": "cve@mitre.org", - "tags": [ - "Patch" - ] - }, - { - "url": "https:\/\/lists.debian.org\/debian-lts-announce\/2023\/09\/msg00020.html", - "source": "cve@mitre.org", - "tags": [ - "Mailing List", - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce%40lists.fedoraproject.org\/message\/JLG64IF3FU7V76K4TKCCXVNEE6P2VUDO\/", - "source": "cve@mitre.org", - "tags": [ - "Mailing List" - ] - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce%40lists.fedoraproject.org\/message\/LMJNX44SMJM25JZO7XWHDQCOB4SNJPIE\/", - "source": "cve@mitre.org", - "tags": [ - "Mailing List" - ] - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce%40lists.fedoraproject.org\/message\/WXR6PIVY4SWO7HDT4EY733H4X32SCPM4\/", - "source": "cve@mitre.org", - "tags": [ - "Mailing List" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-41910", - "sourceIdentifier": "cve@mitre.org", - "published": "2023-09-05T07:15:14.927", - "lastModified": "2023-09-27T15:19:31.200", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "An issue was discovered in lldpd before 1.0.17. By crafting a CDP PDU packet with specific CDP_TLV_ADDRESSES TLVs, a malicious actor can remotely force the lldpd daemon to perform an out-of-bounds read on heap memory. This occurs in cdp_decode in daemon\/protocols\/cdp.c." - }, - { - "lang": "es", - "value": "Se descubrió un problema en lldpd antes de la versión 1.0.17. Al manipular un paquete CDP PDU con TLVs CDP_TLV_ADDRESSES específicos, un actor malicioso puede forzar remotamente al demonio lldpd a realizar una lecutra fuera de límites en la memoria heap. Esto ocurre en cdp_decode in daemon\/protocols\/cdp.c." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL" - }, - "exploitabilityScore": 3.9, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-125" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:lldpd_project:lldpd:*:*:*:*:*:*:*:*", - "versionEndExcluding": "1.0.17", - "matchCriteriaId": "591FC9F7-7E51-49D8-97B9-513D515C0204" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/github.com\/lldpd\/lldpd\/commit\/a9aeabdf879c25c584852a0bb5523837632f099b", - "source": "cve@mitre.org", - "tags": [ - "Patch" - ] - }, - { - "url": "https:\/\/github.com\/lldpd\/lldpd\/releases\/tag\/1.0.17", - "source": "cve@mitre.org", - "tags": [ - "Release Notes" - ] - }, - { - "url": "https:\/\/lists.debian.org\/debian-lts-announce\/2023\/09\/msg00025.html", - "source": "cve@mitre.org" - }, - { - "url": "https:\/\/www.debian.org\/security\/2023\/dsa-5505", - "source": "cve@mitre.org" - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-4540", - "sourceIdentifier": "cvd@cert.pl", - "published": "2023-09-05T08:15:40.017", - "lastModified": "2023-10-13T01:30:13.930", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Improper Handling of Exceptional Conditions vulnerability in Daurnimator lua-http library allows Excessive Allocation and a denial of service (DoS) attack to be executed by sending a properly crafted request to the server. \n\nThis issue affects lua-http: all versions before commit ddab283." - }, - { - "lang": "es", - "value": "Una vulnerabilidad de Manejo Inadecuado de Condiciones Excepcionales en la librería lua-http de Daurnimator permite la asignación excesiva y la ejecución de un ataque de Denegación de Servicio (DoS) mediante el envío de una petición correctamente manipulada al servidor. Este problema afecta a lua-http: todas las versiones anteriores al commit ddab283. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:N\/I:N\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "availabilityImpact": "HIGH", - "baseScore": 7.5, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-755" - } - ] - }, - { - "source": "cvd@cert.pl", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-755" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:daurnimator:lua-http:0.4:*:*:*:*:lua:*:*", - "matchCriteriaId": "D337EBD6-A704-44C0-8533-1EA9B5366780" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/cert.pl\/posts\/2023\/09\/CVE-2023-4540\/", - "source": "cvd@cert.pl", - "tags": [ - "Patch", - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/github.com\/daurnimator\/lua-http\/commit\/ddab2835c583d45dec62680ca8d3cbde55e0bae6", - "source": "cvd@cert.pl", - "tags": [ - "Patch" - ] - }, - { - "url": "https:\/\/https:\/\/cert.pl\/en\/posts\/2023\/09\/CVE-2023-4540\/", - "source": "cvd@cert.pl", - "tags": [ - "Broken Link" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-38574", - "sourceIdentifier": "vultures@jpcert.or.jp", - "published": "2023-09-05T09:15:08.037", - "lastModified": "2023-09-11T12:50:00.413", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Open redirect vulnerability in VI Web Client prior to 7.9.6 allows a remote unauthenticated attacker to redirect users to arbitrary web sites and conduct phishing attacks via a specially crafted URL." - }, - { - "lang": "es", - "value": "Vulnerabilidad de redireccionamiento abierto en VI Web Client anterior a 7.9.6 permite que un atacante remoto no autenticado redirija a los usuarios a sitios web arbitrarios y realice ataques de phishing a través de una URL especialmente manipulada." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 6.1, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 2.7 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-601" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:i-pro:video_insight:*:*:*:*:*:*:*:*", - "versionEndExcluding": "7.9.6", - "matchCriteriaId": "823D3E01-7D44-4F00-B770-4E1FB0F5AA19" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/downloadvi.com\/downloads\/IPServer\/v7.9\/796232\/v796232RN.pdf", - "source": "vultures@jpcert.or.jp", - "tags": [ - "Release Notes" - ] - }, - { - "url": "https:\/\/jvn.jp\/en\/jp\/JVN60140221\/", - "source": "vultures@jpcert.or.jp", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-39448", - "sourceIdentifier": "vultures@jpcert.or.jp", - "published": "2023-09-05T09:15:08.803", - "lastModified": "2023-09-08T16:48:17.617", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Path traversal vulnerability in SHIRASAGI prior to v1.18.0 allows a remote authenticated attacker to alter or create arbitrary files on the server, resulting in arbitrary code execution." - }, - { - "lang": "es", - "value": "La vulnerabilidad de Path Traversal en SHIRASAGI anterior a v1.18.0 permite a un atacante remoto autenticado alterar o crear archivos arbitrarios en el servidor, resultando en la ejecución de código arbitrario. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-22" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:ss-proj:shirasagi:*:*:*:*:*:*:*:*", - "versionEndExcluding": "1.18.0", - "matchCriteriaId": "96B19CE9-B96E-4A30-9053-7532F1EF6684" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/jvn.jp\/en\/jp\/JVN82758000\/", - "source": "vultures@jpcert.or.jp", - "tags": [ - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/www.ss-proj.org\/support\/954.html", - "source": "vultures@jpcert.or.jp", - "tags": [ - "Patch", - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-39938", - "sourceIdentifier": "vultures@jpcert.or.jp", - "published": "2023-09-05T09:15:09.053", - "lastModified": "2023-09-08T18:45:56.717", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Reflected cross-site scripting vulnerability in VI Web Client prior to 7.9.6 allows a remote unauthenticated attacker to inject an arbitrary script." - }, - { - "lang": "es", - "value": "reflejada la vulnerabilidad de Cross-Site Scripting (XSS) en VI Web Client anterior a la versión 7.9.6 permite a un atacante remoto autenticado inyectar una secuencia de comandos arbitraria." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 6.1, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 2.7 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-79" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:i-pro:video_insight:*:*:*:*:*:*:*:*", - "versionEndExcluding": "7.9.6", - "matchCriteriaId": "823D3E01-7D44-4F00-B770-4E1FB0F5AA19" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/downloadvi.com\/downloads\/IPServer\/v7.9\/796232\/v796232RN.pdf", - "source": "vultures@jpcert.or.jp", - "tags": [ - "Release Notes" - ] - }, - { - "url": "https:\/\/jvn.jp\/en\/jp\/JVN60140221\/", - "source": "vultures@jpcert.or.jp", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-40535", - "sourceIdentifier": "vultures@jpcert.or.jp", - "published": "2023-09-05T09:15:09.213", - "lastModified": "2023-09-08T18:49:20.803", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Stored cross-site scripting vulnerability in View setting page of VI Web Client prior to 7.9.6 allows a remote authenticated attacker to inject an arbitrary script." - }, - { - "lang": "es", - "value": "La vulnerabilidad de Cross-Site Scripting (XSS) almacenado en la página \"View setting\" de VI Web Client anterior a la versión 7.9.6 permite a un atacante remoto autenticado inyectar una secuencia de comandos arbitraria. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:R\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 5.4, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.3, - "impactScore": 2.7 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-79" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:i-pro:video_insight:*:*:*:*:*:*:*:*", - "versionEndExcluding": "7.9.6", - "matchCriteriaId": "823D3E01-7D44-4F00-B770-4E1FB0F5AA19" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/downloadvi.com\/downloads\/IPServer\/v7.9\/796232\/v796232RN.pdf", - "source": "vultures@jpcert.or.jp", - "tags": [ - "Release Notes" - ] - }, - { - "url": "https:\/\/jvn.jp\/en\/jp\/JVN60140221\/", - "source": "vultures@jpcert.or.jp", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-40705", - "sourceIdentifier": "vultures@jpcert.or.jp", - "published": "2023-09-05T09:15:09.340", - "lastModified": "2023-09-08T18:48:31.770", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Stored cross-site scripting vulnerability in Map setting page of VI Web Client prior to 7.9.6 allows a remote authenticated attacker to inject an arbitrary script." - }, - { - "lang": "es", - "value": "La vulnerabilidad de Cross-Site Scripting (XSS) almacenado en la página \"Map setting\" de VI Web Client anterior a la versión 7.9.6 permite a un atacante remoto autenticado inyectar una secuencia de comandos arbitraria." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:R\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 5.4, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.3, - "impactScore": 2.7 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-79" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:i-pro:video_insight:*:*:*:*:*:*:*:*", - "versionEndExcluding": "7.9.6", - "matchCriteriaId": "823D3E01-7D44-4F00-B770-4E1FB0F5AA19" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/downloadvi.com\/downloads\/IPServer\/v7.9\/796232\/v796232RN.pdf", - "source": "vultures@jpcert.or.jp", - "tags": [ - "Release Notes" - ] - }, - { - "url": "https:\/\/jvn.jp\/en\/jp\/JVN60140221\/", - "source": "vultures@jpcert.or.jp", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-36492", - "sourceIdentifier": "vultures@jpcert.or.jp", - "published": "2023-09-05T10:15:07.463", - "lastModified": "2023-09-08T16:48:06.590", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Reflected cross-site scripting vulnerability in SHIRASAGI prior to v1.18.0 allows a remote unauthenticated attacker to execute an arbitrary script on the web browser of the user who is logging in to the product." - }, - { - "lang": "es", - "value": "Reflejada una vulnerabilidad de Cross-Site Scripting en SHIRASAGI anterior a la versión 1.18.0 permite a un atacante remoto no autenticado ejecutar un script arbitrario en el navegador web del usuario que inicia sesión en el producto." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 6.1, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 2.7 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-79" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:ss-proj:shirasagi:*:*:*:*:*:*:*:*", - "versionEndExcluding": "1.18.0", - "matchCriteriaId": "96B19CE9-B96E-4A30-9053-7532F1EF6684" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/jvn.jp\/en\/jp\/JVN82758000\/", - "source": "vultures@jpcert.or.jp", - "tags": [ - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/www.ss-proj.org\/support\/954.html", - "source": "vultures@jpcert.or.jp", - "tags": [ - "Patch", - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-38569", - "sourceIdentifier": "vultures@jpcert.or.jp", - "published": "2023-09-05T10:15:07.643", - "lastModified": "2023-09-08T16:47:59.860", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Stored cross-site scripting vulnerability in SHIRASAGI prior to v1.18.0 allows a remote authenticated attacker to execute an arbitrary script on the web browser of the user who is logging in to the product." - }, - { - "lang": "es", - "value": "Una vulnerabilidad de Cross-Site Scripting (XSS) almacenado en SHIRASAGI anterior a la versión 1.18.0 permite a un atacante remoto autenticado ejecutar un script arbitrario en el navegador web del usuario que está iniciando sesión en el producto. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:R\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 5.4, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.3, - "impactScore": 2.7 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-79" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:ss-proj:shirasagi:*:*:*:*:*:*:*:*", - "versionEndExcluding": "1.18.0", - "matchCriteriaId": "96B19CE9-B96E-4A30-9053-7532F1EF6684" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/jvn.jp\/en\/jp\/JVN82758000\/", - "source": "vultures@jpcert.or.jp", - "tags": [ - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/www.ss-proj.org\/support\/954.html", - "source": "vultures@jpcert.or.jp", - "tags": [ - "Patch", - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-20897", - "sourceIdentifier": "security@vmware.com", - "published": "2023-09-05T11:15:32.973", - "lastModified": "2023-09-14T03:15:08.073", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Salt masters prior to 3005.2 or 3006.2 contain a DOS in minion return. After receiving several bad packets on the request server equal to the number of worker threads, the master will become unresponsive to return requests until restarted.\n" - }, - { - "lang": "es", - "value": "Salt masters anteriores a 3005.2 o 3006.2 contienen un DOS en retorno minion. Después de recibir varios paquetes incorrectos en el servidor de solicitudes igual al número de subprocesos de trabajo, el master dejará de responder a las solicitudes de devolución hasta que se reinicie." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:N\/I:N\/A:L", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "availabilityImpact": "LOW", - "baseScore": 5.3, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 3.9, - "impactScore": 1.4 - }, - { - "source": "security@vmware.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:N\/I:N\/A:L", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "availabilityImpact": "LOW", - "baseScore": 5.3, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 3.9, - "impactScore": 1.4 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-404" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", - "versionEndExcluding": "3005.2", - "matchCriteriaId": "B70F6397-8CB9-47B6-A4BF-C7E4A1017F6A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", - "versionStartIncluding": "3006.0", - "versionEndExcluding": "3006.2", - "matchCriteriaId": "A22FBD43-AC7E-45B9-9EC5-340CF735773E" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/OMWJIHQZXHK6FH2E3IWAZCYIRI7FLVOL\/", - "source": "security@vmware.com" - }, - { - "url": "https:\/\/saltproject.io\/security-announcements\/2023-08-10-advisory\/", - "source": "security@vmware.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-20898", - "sourceIdentifier": "security@vmware.com", - "published": "2023-09-05T11:15:33.300", - "lastModified": "2023-09-14T03:15:08.180", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Git Providers can read from the wrong environment because they get the same cache directory base name in Salt masters prior to 3005.2 or 3006.2. Anything that uses Git Providers with different environments can get garbage data or the wrong data, which can lead to wrongful data disclosure, wrongful executions, data corruption and\/or crash.\n" - }, - { - "lang": "es", - "value": "Git Providers pueden leer desde el entorno incorrecto porque obtienen el mismo nombre base de directorio de caché en los Salt Masters anteriores a 3005.2 o 3006.2. Cualquier cosa que use proveedores de Git con diferentes entornos puede obtener datos basura o datos incorrectos, lo que puede conducir a la divulgación de datos incorrecta, ejecuciones incorrectas, corrupción de datos y \/ o bloqueo." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:H\/PR:L\/UI:N\/S:C\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "HIGH", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "CHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.1, - "impactScore": 6.0 - }, - { - "source": "security@vmware.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:H\/PR:L\/UI:N\/S:C\/C:L\/I:L\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "HIGH", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 4.2, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.1, - "impactScore": 2.7 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "NVD-CWE-noinfo" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", - "versionEndExcluding": "3005.2", - "matchCriteriaId": "B70F6397-8CB9-47B6-A4BF-C7E4A1017F6A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", - "versionStartIncluding": "3006.0", - "versionEndExcluding": "3006.2", - "matchCriteriaId": "A22FBD43-AC7E-45B9-9EC5-340CF735773E" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/OMWJIHQZXHK6FH2E3IWAZCYIRI7FLVOL\/", - "source": "security@vmware.com" - }, - { - "url": "https:\/\/saltproject.io\/security-announcements\/2023-08-10-advisory\/", - "source": "security@vmware.com", - "tags": [ - "Mitigation", - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2022-41763", - "sourceIdentifier": "cve@mitre.org", - "published": "2023-09-05T13:15:07.717", - "lastModified": "2023-09-08T13:14:00.017", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "An issue was discovered in NOKIA AMS 9.7.05. Remote Code Execution exists via the debugger of the ipAddress variable. A remote user, authenticated to the AMS server, could inject code in the PING function. The privileges of the command executed depend on the user that runs the service." - }, - { - "lang": "es", - "value": "Se ha descubierto un problema en NOKIA AMS v9.7.05. Existe ejecución remota de código a través del depurador de la variable \"ipAddress\". Un usuario remoto autenticado en el servidor AMS, podría inyectar código en la función PING. Los privilegios del comando ejecutado depende del usuario que ejecuta el servicio. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-94" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:nokia:access_management_system:9.7.05:*:*:*:*:*:*:*", - "matchCriteriaId": "1E5A3717-77A8-476F-939F-530FACD43166" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.gruppotim.it\/it\/footer\/red-team.html", - "source": "cve@mitre.org", - "tags": [ - "Exploit", - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-2453", - "sourceIdentifier": "disclosure@synopsys.com", - "published": "2023-09-05T15:15:42.377", - "lastModified": "2023-09-08T17:27:41.190", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "There is insufficient sanitization of tainted file names that are directly concatenated with a path that is subsequently passed to a ‘require_once’ statement. This allows arbitrary files with the ‘.php’ extension for which the absolute path is known to be included and executed. There are no known means in PHPFusion through which an attacker can upload and target a ‘.php’ file payload." - }, - { - "lang": "es", - "value": "La limpieza de nombres de archivo contaminados que se concatenan directamente con una ruta que posteriormente se pasa a una sentencia 'require_once' es insuficiente. Esto permite que se incluyan y ejecuten archivos arbitrarios con la extensión '.php' cuya ruta absoluta se conoce. No hay medios conocidos en PHPFusion a través de los cuales un atacante pueda cargar y apuntar a una carga útil de archivo '.php'." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.8, - "impactScore": 5.9 - }, - { - "source": "disclosure@synopsys.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-829" - } - ] - }, - { - "source": "disclosure@synopsys.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-829" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:php-fusion:phpfusion:*:*:*:*:*:*:*:*", - "versionEndIncluding": "9.10.30", - "matchCriteriaId": "593D7CFA-FF94-4476-98CF-C83A17292E94" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.synopsys.com\/blogs\/software-security\/cyrc-vulnerability-advisory-cve-2023-2453\/", - "source": "disclosure@synopsys.com", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-32086", - "sourceIdentifier": "security@pega.com", - "published": "2023-09-05T15:15:42.600", - "lastModified": "2023-11-07T04:14:28.530", - "vulnStatus": "Rejected", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority." - } - ], - "metrics": {}, - "references": [] - } - }, - { - "cve": { - "id": "CVE-2023-40743", - "sourceIdentifier": "security@apache.org", - "published": "2023-09-05T15:15:42.687", - "lastModified": "2024-05-17T02:28:18.713", - "vulnStatus": "Modified", - "cveTags": [ - { - "sourceIdentifier": "security@apache.org", - "tags": [ - "unsupported-when-assigned" - ] - } - ], - "descriptions": [ - { - "lang": "en", - "value": "** UNSUPPORTED WHEN ASSIGNED ** When integrating Apache Axis 1.x in an application, it may not have been obvious that looking up a service through \"ServiceFactory.getService\" allows potentially dangerous lookup mechanisms such as LDAP. When passing untrusted input to this API method, this could expose the application to DoS, SSRF and even attacks leading to RCE.\n\nAs Axis 1 has been EOL we recommend you migrate to a different SOAP engine, such as Apache Axis 2\/Java. As a workaround, you may review your code to verify no untrusted or unsanitized input is passed to \"ServiceFactory.getService\", or by applying the patch from https:\/\/github.com\/apache\/axis-axis1-java\/commit\/7e66753427466590d6def0125e448d2791723210 . The Apache Axis project does not expect to create an Axis 1.x release fixing this problem, though contributors that would like to work towards this are welcome.\n\n" - }, - { - "lang": "es", - "value": "** NO SOPORTADO CUANDO ESTÉ ASIGNADO ** ** NO SOPORTADO CUANDO ESTÉ ASIGNADO ** Al integrar Apache Axis 1.x en una aplicación, puede que no haya sido obvio que buscar un servicio a través de \"ServiceFactory.getService\" permita mecanismos de búsqueda potencialmente peligrosos como LDAP . Al pasar entradas que no son de confianza a este método API, esto podría exponer la aplicación a DoS, SSRF e incluso ataques que conduzcan a RCE. Como Axis 1 ha estado en EOL, le recomendamos migrar a un motor SOAP diferente, como Apache Axis 2\/Java. Como workaround, puede revisar su código para verificar que no se pase ninguna entrada que no sea de confianza o no sanitizada a \"ServiceFactory.getService\", o aplicando el parche desde https:\/\/github.com\/apache\/axis-axis1-java\/commit\/7e66753427466590d6def0125e448d2791723210. El proyecto Apache Axis no espera crear una versión Axis 1.x que solucione este problema, aunque los contribuyentes que deseen trabajar para lograrlo son bienvenidos." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL" - }, - "exploitabilityScore": 3.9, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "security@apache.org", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-20" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apache:axis:*:*:*:*:*:*:*:*", - "versionEndExcluding": "2023-08-01", - "matchCriteriaId": "28772E39-4100-404C-8274-8A4FF7DDF588" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/github.com\/apache\/axis-axis1-java\/commit\/7e66753427466590d6def0125e448d2791723210", - "source": "security@apache.org", - "tags": [ - "Patch" - ] - }, - { - "url": "https:\/\/lists.apache.org\/thread\/gs0qgk2mgss7zfhzdd6ftfjvm4kp7v82", - "source": "security@apache.org", - "tags": [ - "Issue Tracking", - "Patch", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/lists.debian.org\/debian-lts-announce\/2023\/10\/msg00025.html", - "source": "security@apache.org" - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-4480", - "sourceIdentifier": "disclosure@synopsys.com", - "published": "2023-09-05T15:15:42.883", - "lastModified": "2023-09-08T17:26:45.223", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "\nDue to an out-of-date dependency in the “Fusion File Manager” component accessible through the admin panel, an attacker can send a crafted request that allows them to read the contents of files on the system accessible within the privileges of the running process. Additionally, they may write files to arbitrary locations, provided the files pass the application’s mime-type and file extension validation. \n\n" - }, - { - "lang": "es", - "value": "Debido a una dependencia desactualizada en el componente \"Fusion File Manager\" accesible a través del panel de administración, un atacante puede enviar una petición crafteada que le permita leer el contenido de archivos del sistema accesibles dentro de los privilegios del proceso en ejecución. Además, pueden escribir archivos en ubicaciones arbitrarias, siempre que los archivos pasen la validación de extensión de archivo y el mime-type de la aplicación." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:N\/S:U\/C:H\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 5.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.2, - "impactScore": 4.2 - }, - { - "source": "disclosure@synopsys.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:N\/S:U\/C:H\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 5.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.2, - "impactScore": 4.2 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-22" - } - ] - }, - { - "source": "disclosure@synopsys.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-538" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:php-fusion:phpfusion:*:*:*:*:*:*:*:*", - "versionEndIncluding": "9.10.30", - "matchCriteriaId": "593D7CFA-FF94-4476-98CF-C83A17292E94" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.synopsys.com\/blogs\/software-security\/cyrc-vulnerability-advisory-cve-2023-2453\/", - "source": "disclosure@synopsys.com", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-36361", - "sourceIdentifier": "cve@mitre.org", - "published": "2023-09-05T16:15:07.567", - "lastModified": "2023-09-08T16:47:42.827", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Audimexee v14.1.7 was discovered to contain a SQL injection vulnerability via the p_table_name parameter." - }, - { - "lang": "es", - "value": "Se ha descubierto que Audimexee v14.1.7 contiene una vulnerabilidad de inyección SQL a través del parámetro \"p_table_name\". " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL" - }, - "exploitabilityScore": 3.9, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-89" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:web-audimex:audimexee:14.1.7:*:*:*:*:*:*:*", - "matchCriteriaId": "44E11B64-AAD9-4BBD-9CAC-8FC30C9CF102" - } - ] - } - ] - } - ], - "references": [ - { - "url": "http:\/\/audimex.com", - "source": "cve@mitre.org", - "tags": [ - "Product" - ] - }, - { - "url": "http:\/\/audimexee.com", - "source": "cve@mitre.org", - "tags": [ - "Broken Link" - ] - }, - { - "url": "https:\/\/gist.github.com\/Cameleon037\/40b3b6f6729d1d0984d6ce5b6837c46b", - "source": "cve@mitre.org", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-41012", - "sourceIdentifier": "cve@mitre.org", - "published": "2023-09-05T16:15:07.990", - "lastModified": "2023-09-11T17:32:47.030", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "An issue in China Mobile Communications China Mobile Intelligent Home Gateway v.HG6543C4 allows a remote attacker to execute arbitrary code via the authentication mechanism." - }, - { - "lang": "es", - "value": "Un problema en China Mobile Communications China Mobile Intelligent Home Gateway v.HG6543C4 permite a un atacante remoto ejecutar código arbitrario a través del mecanismo de autenticación.\n" - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL" - }, - "exploitabilityScore": 3.9, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-384" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:chinamobile:intelligent_home_gateway_firmware:hg6543c4:*:*:*:*:*:*:*", - "matchCriteriaId": "3E2533ED-388E-43E7-BF0B-E6BB76790671" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:chinamobile:intelligent_home_gateway:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4DB451CE-0E86-4524-8FF5-C0A3F9FAB9A2" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/github.com\/te5tb99\/For-submitting\/wiki\/Command-Execution-Vulnerability-in-China-Mobile-Intelligent-Home-Gateway-HG6543C4-Identity-verification-has-design-flaws", - "source": "cve@mitre.org", - "tags": [ - "Exploit", - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-41107", - "sourceIdentifier": "cve@mitre.org", - "published": "2023-09-05T16:15:08.050", - "lastModified": "2023-09-11T18:15:44.003", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "TEF portal 2023-07-17 is vulnerable to a persistent cross site scripting (XSS)attack." - }, - { - "lang": "es", - "value": "El portal TEF 2023-07-17 es vulnerable a un ataque de Cross-Site Scripting (XSS) persistente. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:R\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 5.4, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.3, - "impactScore": 2.7 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-79" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:tef:tef_portal:2023-07-17:*:*:*:*:*:*:*", - "matchCriteriaId": "29E8FC8A-0F2E-43B3-A9C8-40C703D5BD70" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.syss.de\/fileadmin\/dokumente\/Publikationen\/Advisories\/SYSS-2023-020.txt", - "source": "cve@mitre.org", - "tags": [ - "Exploit", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/www.syss.de\/pentest-blog\/sicherheitsschwachstellen-im-tef-haendlerportal-syss-2023-020\/-021", - "source": "cve@mitre.org", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-41108", - "sourceIdentifier": "cve@mitre.org", - "published": "2023-09-05T16:15:08.110", - "lastModified": "2023-09-11T18:17:05.207", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "TEF portal 2023-07-17 is vulnerable to authenticated remote code execution." - }, - { - "lang": "es", - "value": "TEF portal 2023-07-17 es vulnerable a la ejecución remota de código autenticado." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-434" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:tef:tef_portal:2023-07-17:*:*:*:*:*:*:*", - "matchCriteriaId": "29E8FC8A-0F2E-43B3-A9C8-40C703D5BD70" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.syss.de\/fileadmin\/dokumente\/Publikationen\/Advisories\/SYSS-2023-021.txt", - "source": "cve@mitre.org", - "tags": [ - "Exploit", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/www.syss.de\/pentest-blog\/sicherheitsschwachstellen-im-tef-haendlerportal-syss-2023-020\/-021", - "source": "cve@mitre.org", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-4778", - "sourceIdentifier": "security@huntr.dev", - "published": "2023-09-05T16:15:08.207", - "lastModified": "2023-09-07T19:34:34.170", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Out-of-bounds Read in GitHub repository gpac\/gpac prior to 2.3-DEV." - }, - { - "lang": "es", - "value": "Lectura fuera de límites en el repositorio de GitHub gpac\/gpac anterior a la versión 2.3-DEV. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:N\/I:N\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "availabilityImpact": "HIGH", - "baseScore": 5.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.8, - "impactScore": 3.6 - } - ], - "cvssMetricV30": [ - { - "source": "security@huntr.dev", - "type": "Secondary", - "cvssData": { - "version": "3.0", - "vectorString": "CVSS:3.0\/AV:L\/AC:L\/PR:N\/UI:N\/S:U\/C:L\/I:L\/A:L", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "LOW", - "baseScore": 5.9, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.5, - "impactScore": 3.4 - } - ] - }, - "weaknesses": [ - { - "source": "security@huntr.dev", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-125" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:gpac:gpac:*:*:*:*:*:*:*:*", - "versionEndExcluding": "2.3-dev", - "matchCriteriaId": "F76B0068-AE98-4B7C-885D-B083842F6521" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/github.com\/gpac\/gpac\/commit\/d553698050af478049e1a09e44a15ac884f223ed", - "source": "security@huntr.dev", - "tags": [ - "Patch" - ] - }, - { - "url": "https:\/\/huntr.dev\/bounties\/abb450fb-4ab2-49b0-90da-3d878eea5397", - "source": "security@huntr.dev", - "tags": [ - "Exploit", - "Issue Tracking", - "Patch", - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-31242", - "sourceIdentifier": "talos-cna@cisco.com", - "published": "2023-09-05T17:15:08.517", - "lastModified": "2023-09-08T17:25:21.893", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "An authentication bypass vulnerability exists in the OAS Engine functionality of Open Automation Software OAS Platform v18.00.0072. A specially-crafted series of network requests can lead to arbitrary authentication. An attacker can send a sequence of requests to trigger this vulnerability." - }, - { - "lang": "es", - "value": "Existe una vulnerabilidad de omisión de autenticación en la funcionalidad del motor OAS de Open Automation Software OAS Platform v18.00.0072. Una serie de solicitudes de red especialmente diseñadas pueden conducir a una autenticación arbitraria. Un atacante puede enviar una secuencia de solicitudes para desencadenar esta vulnerabilidad." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL" - }, - "exploitabilityScore": 3.9, - "impactScore": 5.9 - }, - { - "source": "talos-cna@cisco.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:H\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "HIGH", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.1, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.2, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-287" - } - ] - }, - { - "source": "talos-cna@cisco.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-284" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:openautomationsoftware:oas_platform:18.00.0072:*:*:*:*:*:*:*", - "matchCriteriaId": "42650183-88E5-4F14-A46F-A6215E98B081" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/talosintelligence.com\/vulnerability_reports\/TALOS-2023-1769", - "source": "talos-cna@cisco.com", - "tags": [ - "Exploit", - "Technical Description", - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/www.talosintelligence.com\/vulnerability_reports\/TALOS-2023-1769", - "source": "talos-cna@cisco.com", - "tags": [ - "Exploit", - "Technical Description", - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-32271", - "sourceIdentifier": "talos-cna@cisco.com", - "published": "2023-09-05T17:15:08.670", - "lastModified": "2023-09-08T17:23:52.430", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "An information disclosure vulnerability exists in the OAS Engine configuration management functionality of Open Automation Software OAS Platform v18.00.0072. A specially crafted series of network requests can lead to a disclosure of sensitive information. An attacker can send a sequence of requests to trigger this vulnerability." - }, - { - "lang": "es", - "value": "Existe una vulnerabilidad de divulgación de información en la funcionalidad de gestión de configuración de OAS Engine de Open Automation Software OAS Platform v18.00.0072. Una serie de peticiones de red especialmente manipuladas puede conducir a la divulgación de información sensible. Un atacante puede enviar una secuencia de peticiones para activar esta vulnerabilidad. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:N\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 6.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 3.6 - }, - { - "source": "talos-cna@cisco.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:N\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 6.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "talos-cna@cisco.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-200" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:openautomationsoftware:oas_platform:18.00.0072:*:*:*:*:*:*:*", - "matchCriteriaId": "42650183-88E5-4F14-A46F-A6215E98B081" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/talosintelligence.com\/vulnerability_reports\/TALOS-2023-1774", - "source": "talos-cna@cisco.com", - "tags": [ - "Exploit", - "Technical Description", - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/www.talosintelligence.com\/vulnerability_reports\/TALOS-2023-1774", - "source": "talos-cna@cisco.com", - "tags": [ - "Exploit", - "Technical Description", - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-32615", - "sourceIdentifier": "talos-cna@cisco.com", - "published": "2023-09-05T17:15:08.777", - "lastModified": "2023-09-08T17:23:31.060", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "A file write vulnerability exists in the OAS Engine configuration functionality of Open Automation Software OAS Platform v18.00.0072. A specially crafted series of network requests can lead to arbitrary file creation or overwrite. An attacker can send a sequence of requests to trigger this vulnerability." - }, - { - "lang": "es", - "value": "Existe una vulnerabilidad de escritura de archivos en la funcionalidad de configuración del motor OAS de Open Automation Software OAS Platform v18.00.0072. Una serie de solicitudes de red especialmente diseñadas pueden provocar la creación o sobrescritura de archivos arbitrarios. Un atacante puede enviar una secuencia de solicitudes para desencadenar esta vulnerabilidad." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:N\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.1, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.8, - "impactScore": 5.2 - }, - { - "source": "talos-cna@cisco.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:N\/I:H\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "HIGH", - "availabilityImpact": "NONE", - "baseScore": 6.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-610" - } - ] - }, - { - "source": "talos-cna@cisco.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-73" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:openautomationsoftware:oas_platform:18.00.0072:*:*:*:*:*:*:*", - "matchCriteriaId": "42650183-88E5-4F14-A46F-A6215E98B081" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/talosintelligence.com\/vulnerability_reports\/TALOS-2023-1771", - "source": "talos-cna@cisco.com", - "tags": [ - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/www.talosintelligence.com\/vulnerability_reports\/TALOS-2023-1771", - "source": "talos-cna@cisco.com", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-34317", - "sourceIdentifier": "talos-cna@cisco.com", - "published": "2023-09-05T17:15:08.877", - "lastModified": "2023-09-08T17:36:00.593", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "An improper input validation vulnerability exists in the OAS Engine User Creation functionality of Open Automation Software OAS Platform v18.00.0072. A specially crafted series of network requests can lead to unexpected data in the configuration. An attacker can send a sequence of requests to trigger this vulnerability." - }, - { - "lang": "es", - "value": "Existe una vulnerabilidad de validación de entrada inadecuada en la funcionalidad OAS Engine User Creation de Open Automation Software OAS Platform v18.00.0072. Una serie de solicitudes de red especialmente manipuladas puede generar datos inesperados en la configuración. Un atacante puede enviar una secuencia de peticiones para activar esta vulnerabilidad. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:N\/I:H\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "HIGH", - "availabilityImpact": "NONE", - "baseScore": 6.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 3.6 - }, - { - "source": "talos-cna@cisco.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:N\/I:H\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "HIGH", - "availabilityImpact": "NONE", - "baseScore": 6.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "talos-cna@cisco.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-20" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:openautomationsoftware:oas_platform:18.00.0072:*:*:*:*:*:*:*", - "matchCriteriaId": "42650183-88E5-4F14-A46F-A6215E98B081" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/talosintelligence.com\/vulnerability_reports\/TALOS-2023-1772", - "source": "talos-cna@cisco.com", - "tags": [ - "Exploit", - "Technical Description", - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/www.talosintelligence.com\/vulnerability_reports\/TALOS-2023-1772", - "source": "talos-cna@cisco.com", - "tags": [ - "Exploit", - "Technical Description", - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-34353", - "sourceIdentifier": "talos-cna@cisco.com", - "published": "2023-09-05T17:15:08.963", - "lastModified": "2023-09-08T17:34:45.550", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "An authentication bypass vulnerability exists in the OAS Engine authentication functionality of Open Automation Software OAS Platform v18.00.0072. A specially crafted network sniffing can lead to decryption of sensitive information. An attacker can sniff network traffic to trigger this vulnerability." - }, - { - "lang": "es", - "value": "Existe una vulnerabilidad de omisión de autenticación en la funcionalidad de autenticación del motor OAS de Open Automation Software OAS Platform v18.00.0072. Un rastreo de red especialmente diseñado puede conducir al descifrado de información confidencial. Un atacante puede rastrear el tráfico de la red para desencadenar esta vulnerabilidad." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:N\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 7.5, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - }, - { - "source": "talos-cna@cisco.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:N\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 7.5, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "talos-cna@cisco.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-330" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:openautomationsoftware:oas_platform:18.00.0072:*:*:*:*:*:*:*", - "matchCriteriaId": "42650183-88E5-4F14-A46F-A6215E98B081" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/talosintelligence.com\/vulnerability_reports\/TALOS-2023-1776", - "source": "talos-cna@cisco.com", - "tags": [ - "Exploit", - "Technical Description", - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/www.talosintelligence.com\/vulnerability_reports\/TALOS-2023-1776", - "source": "talos-cna@cisco.com", - "tags": [ - "Exploit", - "Technical Description", - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-34994", - "sourceIdentifier": "talos-cna@cisco.com", - "published": "2023-09-05T17:15:09.053", - "lastModified": "2023-09-08T17:33:56.593", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "An improper resource allocation vulnerability exists in the OAS Engine configuration management functionality of Open Automation Software OAS Platform v18.00.0072. A specially crafted series of network requests can lead to creation of an arbitrary directory. An attacker can send a sequence of requests to trigger this vulnerability." - }, - { - "lang": "es", - "value": "Existe una vulnerabilidad de asignación inadecuada de recursos en la funcionalidad de gestión de configuración OAS Engine de Open Automation Software OAS Platform v18.00.0072. Una serie de peticiones de red especialmente manipuladas puede conducir a la creación de un directorio arbitrario. Un atacante puede enviar una secuencia de peticiones para activar esta vulnerabilidad. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:N\/I:N\/A:L", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "availabilityImpact": "LOW", - "baseScore": 4.3, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 1.4 - }, - { - "source": "talos-cna@cisco.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:H\/PR:L\/UI:N\/S:U\/C:N\/I:N\/A:L", - "attackVector": "NETWORK", - "attackComplexity": "HIGH", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "availabilityImpact": "LOW", - "baseScore": 3.1, - "baseSeverity": "LOW" - }, - "exploitabilityScore": 1.6, - "impactScore": 1.4 - } - ] - }, - "weaknesses": [ - { - "source": "talos-cna@cisco.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-770" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:openautomationsoftware:oas_platform:18.00.0072:*:*:*:*:*:*:*", - "matchCriteriaId": "42650183-88E5-4F14-A46F-A6215E98B081" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/talosintelligence.com\/vulnerability_reports\/TALOS-2023-1773", - "source": "talos-cna@cisco.com", - "tags": [ - "Exploit", - "Technical Description", - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/www.talosintelligence.com\/vulnerability_reports\/TALOS-2023-1773", - "source": "talos-cna@cisco.com", - "tags": [ - "Exploit", - "Technical Description", - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-34998", - "sourceIdentifier": "talos-cna@cisco.com", - "published": "2023-09-05T17:15:09.153", - "lastModified": "2023-09-08T17:31:06.617", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "An authentication bypass vulnerability exists in the OAS Engine functionality of Open Automation Software OAS Platform v18.00.0072. A specially crafted series of network requests can lead to arbitrary authentication. An attacker can sniff network traffic to trigger this vulnerability." - }, - { - "lang": "es", - "value": "Existe una vulnerabilidad de omisión de autenticación en la funcionalidad del motor OAS de Open Automation Software OAS Platform v18.00.0072. Una serie de solicitudes de red especialmente diseñadas pueden dar lugar a una autenticación arbitraria. Un atacante puede rastrear el tráfico de la red para desencadenar esta vulnerabilidad." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:H\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "HIGH", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.1, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.2, - "impactScore": 5.9 - }, - { - "source": "talos-cna@cisco.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:H\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "HIGH", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.1, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.2, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-287" - } - ] - }, - { - "source": "talos-cna@cisco.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-319" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:openautomationsoftware:oas_platform:18.00.0072:*:*:*:*:*:*:*", - "matchCriteriaId": "42650183-88E5-4F14-A46F-A6215E98B081" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/talosintelligence.com\/vulnerability_reports\/TALOS-2023-1770", - "source": "talos-cna@cisco.com", - "tags": [ - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/www.talosintelligence.com\/vulnerability_reports\/TALOS-2023-1770", - "source": "talos-cna@cisco.com", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-35124", - "sourceIdentifier": "talos-cna@cisco.com", - "published": "2023-09-05T17:15:09.237", - "lastModified": "2023-09-08T17:28:28.417", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "An information disclosure vulnerability exists in the OAS Engine configuration management functionality of Open Automation Software OAS Platform v18.00.0072. A specially crafted series of network requests can lead to a disclosure of sensitive information. An attacker can send a sequence of requests to trigger this vulnerability." - }, - { - "lang": "es", - "value": "Existe una vulnerabilidad de divulgación de información en la funcionalidad de gestión de configuración del motor OAS de Open Automation Software OAS Platform v18.00.0072. Una serie de solicitudes de red especialmente manipuladas pueden dar lugar a la divulgación de información sensible. Un atacante puede enviar una secuencia de solicitudes para desencadenar esta vulnerabilidad." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:L\/I:N\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 4.3, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 1.4 - }, - { - "source": "talos-cna@cisco.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:H\/PR:L\/UI:N\/S:U\/C:L\/I:N\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "HIGH", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 3.1, - "baseSeverity": "LOW" - }, - "exploitabilityScore": 1.6, - "impactScore": 1.4 - } - ] - }, - "weaknesses": [ - { - "source": "talos-cna@cisco.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-209" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:openautomationsoftware:oas_platform:18.00.0072:*:*:*:*:*:*:*", - "matchCriteriaId": "42650183-88E5-4F14-A46F-A6215E98B081" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/talosintelligence.com\/vulnerability_reports\/TALOS-2023-1775", - "source": "talos-cna@cisco.com", - "tags": [ - "Exploit", - "Technical Description", - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/www.talosintelligence.com\/vulnerability_reports\/TALOS-2023-1775", - "source": "talos-cna@cisco.com", - "tags": [ - "Exploit", - "Technical Description", - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-3374", - "sourceIdentifier": "iletisim@usom.gov.tr", - "published": "2023-09-05T17:15:09.400", - "lastModified": "2023-09-08T14:15:21.053", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Incomplete List of Disallowed Inputs vulnerability in Unisign Bookreen allows Privilege Escalation.This issue affects Bookreen: before 3.0.0.\n\n" - }, - { - "lang": "es", - "value": "Una vulnerabilidad \"Incomplete List of Disallowed Inputs\" en Unisign Bookreen permite la escalada de privilegios: Este problema afecta a Bookreen: anterior a 3.0.0." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "iletisim@usom.gov.tr", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL" - }, - "exploitabilityScore": 3.9, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "NVD-CWE-Other" - } - ] - }, - { - "source": "iletisim@usom.gov.tr", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-184" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:bookreen:bookreen:*:*:*:*:*:*:*:*", - "versionEndExcluding": "3.0.0", - "matchCriteriaId": "CDF29D7D-1B35-4FA0-A73E-5CF3C287C3FE" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.usom.gov.tr\/bildirim\/tr-23-0489", - "source": "iletisim@usom.gov.tr", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-3375", - "sourceIdentifier": "iletisim@usom.gov.tr", - "published": "2023-09-05T17:15:09.497", - "lastModified": "2023-11-02T01:45:00.120", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Unrestricted Upload of File with Dangerous Type vulnerability in Unisign Bookreen allows OS Command Injection.This issue affects Bookreen: before 3.0.0.\n\n" - }, - { - "lang": "es", - "value": "La vulnerabilidad de carga de archivos sin restricciones con tipo peligroso en Unisign Bookreen permite la inyección de comandos en el sistema operativo. Este problema afecta a Bookreen anterior a la versión 3.0.0. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "iletisim@usom.gov.tr", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.2, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.2, - "impactScore": 5.9 - }, - { - "source": "nvd@nist.gov", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.2, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.2, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-434" - } - ] - }, - { - "source": "iletisim@usom.gov.tr", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-434" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:bookreen:bookreen:*:*:*:*:*:*:*:*", - "versionEndExcluding": "3.0.0", - "matchCriteriaId": "CDF29D7D-1B35-4FA0-A73E-5CF3C287C3FE" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.usom.gov.tr\/bildirim\/tr-23-0489", - "source": "iletisim@usom.gov.tr", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2015-1390", - "sourceIdentifier": "cve@mitre.org", - "published": "2023-09-05T18:15:07.797", - "lastModified": "2023-09-08T14:26:50.920", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Aruba AirWave before 8.0.7 allows XSS attacks agsinat an administrator." - }, - { - "lang": "es", - "value": "Aruba AirWave anterior a 8.0.7 permite ataques XSS contra un administrador." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 6.1, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 2.7 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-79" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:hp:airwave:*:*:*:*:*:*:*:*", - "versionStartIncluding": "8.0.0.0", - "versionEndExcluding": "8.0.7", - "matchCriteriaId": "87381F29-D2F9-4300-BB9F-924197154CE9" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.arubanetworks.com\/assets\/alert\/ARUBA-PSA-2015-005.txt", - "source": "cve@mitre.org", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2015-1391", - "sourceIdentifier": "cve@mitre.org", - "published": "2023-09-05T18:15:07.997", - "lastModified": "2023-09-08T14:26:44.737", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Aruba AirWave before 8.0.7 allows bypass of a CSRF protection mechanism." - }, - { - "lang": "es", - "value": "Aruba AirWave antes de la versión 8.0.7 permite eludir un mecanismo de protección CSRF. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-352" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:hp:airwave:*:*:*:*:*:*:*:*", - "versionStartIncluding": "8.0.0.0", - "versionEndExcluding": "8.0.7", - "matchCriteriaId": "87381F29-D2F9-4300-BB9F-924197154CE9" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.arubanetworks.com\/assets\/alert\/ARUBA-PSA-2015-005.txt", - "source": "cve@mitre.org", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2015-2201", - "sourceIdentifier": "cve@mitre.org", - "published": "2023-09-05T18:15:08.177", - "lastModified": "2023-09-08T18:55:29.563", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Aruba AirWave before 7.7.14.2 and 8.x before 8.0.7 allows VisualRF remote OS command execution and file disclosure by administrative users." - }, - { - "lang": "es", - "value": "Aruba AirWave anterior a 7.7.14.2 y 8.x y anterior a 8.0.7 permite la ejecución remota de comandos del sistema operativo VisualRF y la divulgación de archivos por parte de usuarios administrativos." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.2, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.2, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-78" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:arubanetworks:airwave:*:*:*:*:*:*:*:*", - "versionStartIncluding": "7.0.0", - "versionEndExcluding": "7.7.14.2", - "matchCriteriaId": "EDF36441-2D75-41BC-99A6-5AFC8B770FA3" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:hp:airwave:*:*:*:*:*:*:*:*", - "versionStartIncluding": "8.0.0.0", - "versionEndExcluding": "8.0.7", - "matchCriteriaId": "87381F29-D2F9-4300-BB9F-924197154CE9" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.arubanetworks.com\/assets\/alert\/ARUBA-PSA-2015-005.txt", - "source": "cve@mitre.org", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2015-2202", - "sourceIdentifier": "cve@mitre.org", - "published": "2023-09-05T18:15:08.357", - "lastModified": "2023-09-08T18:57:27.627", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Aruba AirWave before 7.7.14.2 and 8.x before 8.0.7 allows administrative users to escalate privileges to root on the underlying OS." - }, - { - "lang": "es", - "value": "Aruba AirWave antes de las versiones 7.7.14.2 y 8.x antes de 8.0.7 permite a los usuarios administrativos escalar privilegios a root en el sistema operativo subyacente. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.2, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.2, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-20" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:arubanetworks:airwave:*:*:*:*:*:*:*:*", - "versionStartIncluding": "7.0.0", - "versionEndExcluding": "7.7.14.2", - "matchCriteriaId": "EDF36441-2D75-41BC-99A6-5AFC8B770FA3" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:hp:airwave:*:*:*:*:*:*:*:*", - "versionStartIncluding": "8.0.0.0", - "versionEndExcluding": "8.0.7", - "matchCriteriaId": "87381F29-D2F9-4300-BB9F-924197154CE9" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.arubanetworks.com\/assets\/alert\/ARUBA-PSA-2015-005.txt", - "source": "cve@mitre.org", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2017-9453", - "sourceIdentifier": "cve@mitre.org", - "published": "2023-09-05T18:15:08.537", - "lastModified": "2023-09-09T03:52:16.183", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "BMC Server Automation before 8.9.01 patch 1 allows Process Spawner command execution because of authentication bypass." - }, - { - "lang": "es", - "value": "BMC Server Automation anterior a 8.9.01 parche 1 permite la ejecución del comando Process Spawner debido a la omisión de autenticación." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL" - }, - "exploitabilityScore": 3.9, - "impactScore": 5.9 - }, - { - "source": "cve@mitre.org", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:H\/PR:N\/UI:N\/S:C\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "HIGH", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "CHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 9.0, - "baseSeverity": "CRITICAL" - }, - "exploitabilityScore": 2.2, - "impactScore": 6.0 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-863" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:bmc:server_automation:*:*:*:*:*:*:*:*", - "versionEndIncluding": "8.9.01", - "matchCriteriaId": "4329258C-D507-4BFE-A99C-46B6BB2047C8" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/docs.bmc.com\/docs\/serverautomation\/2002\/notification-of-critical-security-issue-in-bmc-server-automation-cve-2017-9453-1020706453.html", - "source": "cve@mitre.org", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-35065", - "sourceIdentifier": "iletisim@usom.gov.tr", - "published": "2023-09-05T18:15:10.067", - "lastModified": "2023-09-11T18:30:59.393", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Osoft Paint Production Management allows SQL Injection.This issue affects Paint Production Management: before 2.1.\n\n" - }, - { - "lang": "es", - "value": "Una vulnerabilidad en Osoft Paint Production Management de neutralización inadecuada de elementos especiales utilizados en un comando SQL permite inyección SQL. Este problema afecta a Paint Production Management anterior a la versión 2.1." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "iletisim@usom.gov.tr", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL" - }, - "exploitabilityScore": 3.9, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "iletisim@usom.gov.tr", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-89" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:osoft:dyeing_-_printing_-_finishing_production_management:*:*:*:*:*:*:*:*", - "versionEndExcluding": "2.1", - "matchCriteriaId": "01732BFD-FD5F-4610-8A10-28463DEA50FC" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.usom.gov.tr\/bildirim\/tr-23-0490", - "source": "iletisim@usom.gov.tr", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-35068", - "sourceIdentifier": "iletisim@usom.gov.tr", - "published": "2023-09-05T18:15:10.327", - "lastModified": "2023-09-11T18:33:00.077", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in BMA Personnel Tracking System allows SQL Injection.This issue affects Personnel Tracking System: before 20230904.\n\n" - }, - { - "lang": "es", - "value": "La neutralización inadecuada de elementos especiales utilizados en una vulnerabilidad de comando SQL (\"Inyección SQL\") en BMA Personnel Tracking System permite la inyección SQL. Este problema afecta al Personnel Tracking System: antes de 20230904." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "iletisim@usom.gov.tr", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL" - }, - "exploitabilityScore": 3.9, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "iletisim@usom.gov.tr", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-89" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:bma:personnel_tracking_system:*:*:*:*:*:*:*:*", - "versionEndExcluding": "20230904", - "matchCriteriaId": "285505CA-F529-496A-A791-1A390035AE4B" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.usom.gov.tr\/bildirim\/tr-23-0491", - "source": "iletisim@usom.gov.tr", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-35072", - "sourceIdentifier": "iletisim@usom.gov.tr", - "published": "2023-09-05T18:15:10.507", - "lastModified": "2023-09-11T18:38:17.503", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Coyav Travel Proagent allows SQL Injection.This issue affects Proagent: before 20230904 .\n\n" - }, - { - "lang": "es", - "value": "Se ha encontrado una vulnerabilidad de neutralización inadecuada de elementos especiales utilizados en un comando SQL en Coyav Travel Proagent que permite la inyección SQL. Este problema afecta a Proagent: antes de la versión 20230904. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "iletisim@usom.gov.tr", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL" - }, - "exploitabilityScore": 3.9, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "iletisim@usom.gov.tr", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-89" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:coyavtravel:proagent:*:*:*:*:*:*:*:*", - "versionEndExcluding": "20230904", - "matchCriteriaId": "9F84B6E8-C243-4488-9244-6D6D7F181338" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.usom.gov.tr\/bildirim\/tr-23-0492", - "source": "iletisim@usom.gov.tr", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-39598", - "sourceIdentifier": "cve@mitre.org", - "published": "2023-09-05T18:15:10.900", - "lastModified": "2023-11-07T04:17:33.097", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Cross Site Scripting vulnerability in IceWarp Corporation WebClient v.10.2.1 allows a remote attacker to execute arbitrary code via a crafted payload to the mid parameter." - }, - { - "lang": "es", - "value": "La vulnerabilidad de Cross Site Scripting en WebClient v.10.2.1 de IceWarp Corporation permite a un atacante remoto ejecutar código arbitrario a través de un payload manipulado hasta el parámetro mid." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 6.1, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 2.7 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-79" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:icewarp:webclient:10.2.1:*:*:*:*:*:*:*", - "matchCriteriaId": "4079A278-C269-46FF-8610-3516CB112401" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/medium.com\/%40muthumohanprasath.r\/reflected-cross-site-scripting-on-icewarp-webclient-product-cve-2023-39598-9598b92da49c", - "source": "cve@mitre.org" - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-39681", - "sourceIdentifier": "cve@mitre.org", - "published": "2023-09-05T18:15:11.027", - "lastModified": "2023-09-08T14:16:00.450", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Cuppa CMS v1.0 was discovered to contain a remote code execution (RCE) vulnerability via the email_outgoing parameter at \/Configuration.php. This vulnerability is triggered via a crafted payload." - }, - { - "lang": "es", - "value": "Se descubrió que Cuppa CMS v1.0 contiene una vulnerabilidad de ejecución remota de código (RCE) a través del parámetro \"email_outgoing parameter at \/Configuration.php\". Esta vulnerabilidad se activa a través de un payload manipulado. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL" - }, - "exploitabilityScore": 3.9, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-94" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cuppacms:cuppacms:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "983E1279-93C7-47D9-9AC8-EFB6D57B92E7" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/github.com\/yanbochen97\/CuppaCMS_RCE", - "source": "cve@mitre.org", - "tags": [ - "Exploit", - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-3616", - "sourceIdentifier": "iletisim@usom.gov.tr", - "published": "2023-09-05T18:15:11.150", - "lastModified": "2023-09-08T14:15:50.723", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Mava Software Hotel Management System allows SQL Injection.This issue affects Hotel Management System: before 2.0.\n\n" - }, - { - "lang": "es", - "value": "Se ha encontrado una vulnerabilidad de neutralización inadecuada de elementos especiales utilizados en un comando SQL en Mava Software Hotel Management System que permite la inyección SQL. Este problema afecta a Hotel Management System antes de la versión 2.0. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL" - }, - "exploitabilityScore": 3.9, - "impactScore": 5.9 - }, - { - "source": "iletisim@usom.gov.tr", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL" - }, - "exploitabilityScore": 3.9, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "iletisim@usom.gov.tr", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-89" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:mava:hotel_management_system:*:*:*:*:*:*:*:*", - "versionEndExcluding": "2.0", - "matchCriteriaId": "F970B6B3-9043-4B71-B5BD-46C931DBF608" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.usom.gov.tr\/bildirim\/tr-23-0493", - "source": "iletisim@usom.gov.tr", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-40918", - "sourceIdentifier": "cve@mitre.org", - "published": "2023-09-05T18:15:11.317", - "lastModified": "2023-09-08T14:26:06.590", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "KnowStreaming 3.3.0 is vulnerable to Escalation of Privileges. Unauthorized users can create a new user with an admin role." - }, - { - "lang": "es", - "value": "KnowStreaming v3.3.0 es vulnerable a la escalada de privilegios. Los usuarios no autorizados pueden crear un nuevo usuario con un rol de administrador. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-269" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:knowstreaming_project:knowstreaming:3.3.0:*:*:*:*:*:*:*", - "matchCriteriaId": "E4F7FED8-1125-4851-AC50-8EAC3290E77C" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/github.com\/didi\/KnowStreaming\/issues\/1128", - "source": "cve@mitre.org", - "tags": [ - "Exploit", - "Issue Tracking", - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2020-35593", - "sourceIdentifier": "cve@mitre.org", - "published": "2023-09-05T19:15:48.407", - "lastModified": "2023-09-09T03:52:06.067", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "BMC PATROL Agent through 20.08.00 allows local privilege escalation via vectors involving pconfig +RESTART -host." - }, - { - "lang": "es", - "value": "BMC PATROL Agent hasta 20.08.00 permite la escalada de privilegios locales a través de vectores que involucran pconfig +RESTART -host." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "NVD-CWE-noinfo" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:bmc:patrol_agent:*:*:*:*:*:*:*:*", - "versionEndIncluding": "20.08.00", - "matchCriteriaId": "6AACBC70-7C50-48B4-8118-733AC2D6828D" - } - ] - } - ] - } - ], - "references": [ - { - "url": "http:\/\/web.archive.org\/web\/20210106175128\/https:\/\/community.bmc.com\/s\/article\/SECURITY-Patrol-Agent-Local-Privilege-Escalation-in-BMC-PATROL-Agent-CVE-2020-35593", - "source": "cve@mitre.org", - "tags": [ - "Broken Link" - ] - }, - { - "url": "https:\/\/community.bmc.com\/s\/article\/SECURITY-Patrol-Agent-Local-Privilege-Escalation-in-BMC-PATROL-Agent-CVE-2020-35593", - "source": "cve@mitre.org", - "tags": [ - "Broken Link" - ] - }, - { - "url": "https:\/\/webapps.bmc.com\/support\/faces\/az\/prodallversions.jsp?seqid=304517", - "source": "cve@mitre.org", - "tags": [ - "Product" - ] - }, - { - "url": "https:\/\/www.securifera.com\/advisories\/", - "source": "cve@mitre.org", - "tags": [ - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/www.securifera.com\/blog\/2021\/03\/08\/bmc-patrol-agent-domain-user-to-domain-admin-part-2\/", - "source": "cve@mitre.org", - "tags": [ - "Exploit", - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2021-40546", - "sourceIdentifier": "cve@mitre.org", - "published": "2023-09-05T19:15:48.523", - "lastModified": "2023-09-07T19:37:58.750", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Tenda AC6 US_AC6V4.0RTL_V02.03.01.26_cn.bin allows attackers (who have the administrator password) to cause a denial of service (device crash) via a long string in the wifiPwd_5G parameter to \/goform\/setWifi." - }, - { - "lang": "es", - "value": "Tenda AC6 US_AC6V4.0RTL_V02.03.01.26_cn.bin permite a atacantes (que tienen la contraseña de administrador) provocar una denegación de servicio (caída del dispositivo) a través de una cadena larga en el parámetro wifiPwd_5G en \/goform\/setWifi." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:N\/S:U\/C:N\/I:N\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "availabilityImpact": "HIGH", - "baseScore": 4.9, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.2, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-404" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:tenda:ac6:4.0:*:*:*:*:*:*:*", - "matchCriteriaId": "B5A1AA92-23DD-498F-A511-436C6F17CD5B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:tenda:ac6_firmware:02.03.01.26:*:*:*:*:*:*:*", - "matchCriteriaId": "D733507C-6176-4C5E-8DBF-7FBD9533327E" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/github.com\/doudoudedi\/buffer_overflow\/blob\/main\/Tenda%20AC6%20V4.0-Denial%20of%20Service%20Vulnerability.md", - "source": "cve@mitre.org", - "tags": [ - "Exploit", - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-41317", - "sourceIdentifier": "security-advisories@github.com", - "published": "2023-09-05T19:15:48.610", - "lastModified": "2023-09-08T16:49:51.803", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "The Apollo Router is a configurable, high-performance graph router written in Rust to run a federated supergraph that uses Apollo Federation 2. Affected versions are subject to a Denial-of-Service (DoS) type vulnerability which causes the Router to panic and terminate when GraphQL Subscriptions are enabled. It can be triggered when **all of the following conditions are met**: 1. Running Apollo Router v1.28.0, v1.28.1 or v1.29.0 (\"impacted versions\"); **and** 2. The Supergraph schema provided to the Router (either via Apollo Uplink or explicitly via other configuration) **has a `subscription` type** with root-fields defined; **and** 3. The YAML configuration provided to the Router **has subscriptions enabled** (they are _disabled_ by default), either by setting `enabled: true` _or_ by setting a valid `mode` within the `subscriptions` object (as seen in [subscriptions' documentation](https:\/\/www.apollographql.com\/docs\/router\/executing-operations\/subscription-support\/#router-setup)); **and** 4. An [anonymous](https:\/\/spec.graphql.org\/draft\/#sec-Anonymous-Operation-Definitions) (i.e., un-named) `subscription` operation (e.g., `subscription { ... }`) is received by the Router If **all four** of these criteria are met, the impacted versions will panic and terminate. There is no data-privacy risk or sensitive-information exposure aspect to this vulnerability. This is fixed in Apollo Router v1.29.1. Users are advised to upgrade. Updating to v1.29.1 should be a clear and simple upgrade path for those running impacted versions. However, if Subscriptions are **not** necessary for your Graph – but are enabled via configuration — then disabling subscriptions is another option to mitigate the risk." - }, - { - "lang": "es", - "value": "El Apollo Router es un router gráfico configurable y de alto rendimiento escrito en Rust para ejecutar un supergrafo federado que utiliza Apollo Federation 2. Las versiones afectadas están sujetas a una vulnerabilidad de tipo Denegación de Servicio (DoS) que hace que el Router entre en pánico y termine cuando GraphQL Subscriptions está habilitado. Puede activarse cuando **se cumplen todas las condiciones siguientes**: 1. Se ejecuta Apollo Router v1.28.0, v1.28.1 o v1.29.0 (versiones impactadas); **y** 2. El esquema Supergraph proporcionado al router (ya sea a través de Apollo Uplink o explícitamente a través de otra configuración) **tiene un tipo \"subscription\"** con campos raíz definidos; **y** 3. La configuración YAML proporcionado al router **tiene las suscripciones habilitadas** (están _disabled_ por defecto), ya sea estableciendo \"enabled: true\" o estableciendo un \"mode\" válido dentro del objeto \"subscriptions\" (como se ve en [subscriptions' documentation](https:\/\/www. apollographql.com\/docs\/router\/executing-operations\/subscription-support\/#router-setup)); **y** 4. Una operación de \"suscripción\" [anónima] (https:\/\/spec.graphql.org\/draft\/#sec-Anonymous-Operation-Definitions) (es decir, (es decir, sin nombre)(por ejemplo, `subscription { ... }`) es recibido por el Router. Si se cumplen **los cuatro** de estos criterios, las versiones afectadas entrarán en pánico y terminarán. Esta vulnerabilidad no supone ningún riesgo para la privacidad de los datos o la exposición de información sensible. Esto se ha solucionado en Apollo Router v1.29.1. Se recomienda a los usuarios que actualicen. La actualización a la v1.29.1 debería ser una ruta de actualización clara y sencilla para aquellos que utilicen las versiones afectadas. Sin embargo, si las Suscripciones **no** son necesarias para su Gráfico - pero están habilitadas a través de la configuración - entonces deshabilitar las suscripciones es otra opción para mitigar el riesgo. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:H\/PR:N\/UI:N\/S:U\/C:N\/I:N\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "HIGH", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "availabilityImpact": "HIGH", - "baseScore": 5.9, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.2, - "impactScore": 3.6 - }, - { - "source": "security-advisories@github.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:N\/I:N\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "availabilityImpact": "HIGH", - "baseScore": 7.5, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "security-advisories@github.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-755" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apollographql:apollo_router:*:*:*:*:*:*:*:*", - "versionStartIncluding": "1.28.0", - "versionEndExcluding": "1.29.1", - "matchCriteriaId": "E16E7795-17A4-44E0-8F0C-0BB23693EBF5" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/github.com\/apollographql\/router\/commit\/b295c103dd86c57c848397d32e8094edfa8502aa", - "source": "security-advisories@github.com", - "tags": [ - "Patch" - ] - }, - { - "url": "https:\/\/github.com\/apollographql\/router\/releases\/tag\/v1.29.1", - "source": "security-advisories@github.com", - "tags": [ - "Release Notes" - ] - }, - { - "url": "https:\/\/github.com\/apollographql\/router\/security\/advisories\/GHSA-w8vq-3hf9-xppx", - "source": "security-advisories@github.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-4034", - "sourceIdentifier": "iletisim@usom.gov.tr", - "published": "2023-09-05T19:15:48.713", - "lastModified": "2023-09-08T16:50:53.187", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Digita Information Technology Smartrise Document Management System allows SQL Injection.This issue affects Smartrise Document Management System: before Hvl-2.0.\n\n" - }, - { - "lang": "es", - "value": "La neutralización inadecuada de elementos especiales utilizados en una vulnerabilidad de comando SQL (\"Inyección SQL\") en Digita Information Technology Smartrise Document Management System permite la inyección SQL. Este problema afecta al Smartrise Document Management System: anterior a Hvl-2.0." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "iletisim@usom.gov.tr", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL" - }, - "exploitabilityScore": 3.9, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "iletisim@usom.gov.tr", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-89" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:digitatek:smartrise_document_management_system:*:*:*:*:*:*:*:*", - "versionEndExcluding": "hvl-2.0", - "matchCriteriaId": "DA537C2D-1B59-4466-9103-48ADD5E29443" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.usom.gov.tr\/bildirim\/tr-23-0494", - "source": "iletisim@usom.gov.tr", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-4178", - "sourceIdentifier": "iletisim@usom.gov.tr", - "published": "2023-09-05T19:15:48.820", - "lastModified": "2023-11-04T01:52:20.423", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Authentication Bypass by Spoofing vulnerability in Neutron Neutron Smart VMS allows Authentication Bypass.This issue affects Neutron Smart VMS: before b1130.1.0.1.\n\n" - }, - { - "lang": "es", - "value": "Una vulnerabilidad de omisión de autenticación por suplantación en Neutron Smart VMS permite eludir la autenticación. Este problema afecta a Neutron Smart VMS antes de la versión b1130.1.0.1." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "iletisim@usom.gov.tr", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL" - }, - "exploitabilityScore": 3.9, - "impactScore": 5.9 - }, - { - "source": "nvd@nist.gov", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL" - }, - "exploitabilityScore": 3.9, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "iletisim@usom.gov.tr", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-290" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:neutron:smart_vms:*:*:*:*:*:*:*:*", - "versionEndExcluding": "b1130.1.0.1", - "matchCriteriaId": "33DAA2CD-9A97-4A1D-8409-C5EEFF309AA4" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.usom.gov.tr\/bildirim\/tr-23-0496", - "source": "iletisim@usom.gov.tr", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-4531", - "sourceIdentifier": "iletisim@usom.gov.tr", - "published": "2023-09-05T19:15:48.923", - "lastModified": "2023-09-08T16:51:00.220", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Mestav Software E-commerce Software allows SQL Injection.This issue affects E-commerce Software: before 20230901 .\n\n" - }, - { - "lang": "es", - "value": "Neutralización inadecuada de elementos especiales utilizados en una vulnerabilidad de comando SQL (\"Inyección SQL\") en Mestav Software. El software de comercio electrónico permite la inyección de SQL. Este problema afecta al software de comercio electrónico: antes de 20230901." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "iletisim@usom.gov.tr", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL" - }, - "exploitabilityScore": 3.9, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "iletisim@usom.gov.tr", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-89" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:mestav:e-commerce_software:*:*:*:*:*:*:*:*", - "versionEndExcluding": "20230901", - "matchCriteriaId": "B426D6C1-CBE2-4421-9CE3-FBD0AC3F63E4" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.usom.gov.tr\/bildirim\/tr-23-0495", - "source": "iletisim@usom.gov.tr", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-4781", - "sourceIdentifier": "security@huntr.dev", - "published": "2023-09-05T19:15:49.207", - "lastModified": "2024-02-01T17:57:10.180", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Heap-based Buffer Overflow in GitHub repository vim\/vim prior to 9.0.1873." - }, - { - "lang": "es", - "value": "Desbordamiento de búfer basado en el heap en el repositorio de GitHub vim\/vim anterior a la versión 9.0.1873. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - } - ], - "cvssMetricV30": [ - { - "source": "security@huntr.dev", - "type": "Secondary", - "cvssData": { - "version": "3.0", - "vectorString": "CVSS:3.0\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "security@huntr.dev", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-122" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:vim:vim:*:*:*:*:*:*:*:*", - "versionEndExcluding": "9.0.1873", - "matchCriteriaId": "804D6AB3-048C-483C-B38A-48A8A9104D3A" - } - ] - } - ] - }, - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", - "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73" - } - ] - } - ] - }, - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", - "versionEndExcluding": "14.1", - "matchCriteriaId": "2BB2BFC1-74A1-4178-8488-69EC5A60B34F" - } - ] - } - ] - } - ], - "references": [ - { - "url": "http:\/\/seclists.org\/fulldisclosure\/2023\/Oct\/24", - "source": "security@huntr.dev", - "tags": [ - "Mailing List", - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/github.com\/vim\/vim\/commit\/f6d28fe2c95c678cc3202cc5dc825a3fcc709e93", - "source": "security@huntr.dev", - "tags": [ - "Patch" - ] - }, - { - "url": "https:\/\/huntr.dev\/bounties\/c867eb0a-aa8b-4946-a621-510350673883", - "source": "security@huntr.dev", - "tags": [ - "Exploit", - "Issue Tracking", - "Patch", - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/lists.debian.org\/debian-lts-announce\/2023\/09\/msg00035.html", - "source": "security@huntr.dev", - "tags": [ - "Mailing List", - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/support.apple.com\/kb\/HT213984", - "source": "security@huntr.dev", - "tags": [ - "Release Notes", - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2020-10128", - "sourceIdentifier": "cret@cert.org", - "published": "2023-09-05T20:15:07.543", - "lastModified": "2023-11-07T03:14:06.507", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "SearchBlox product with version before 9.2.1 is vulnerable to stored cross-site scripting at multiple user input parameters. In SearchBlox products multiple parameters are not sanitized\/validate properly which allows an attacker to inject malicious JavaScript." - }, - { - "lang": "es", - "value": "El producto SearchBlox con versión anterior a la 9.2.1 es vulnerable a Cross-Site Scripting almacenado en múltiples parámetros de entrada del usuario. En los productos SearchBlox, varios parámetros no se sanitizan\/validan correctamente, lo que permite a un atacante inyectar JavaScript malicioso. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:R\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 5.4, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.3, - "impactScore": 2.7 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-79" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:searchblox:searchblox:*:*:*:*:*:*:*:*", - "versionEndExcluding": "9.2.1", - "matchCriteriaId": "5D41ADDB-3434-439B-9BE0-A72BE913E22D" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/developer.searchblox.com\/v9.2\/changelog\/version-921", - "source": "cret@cert.org", - "tags": [ - "Release Notes" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-39654", - "sourceIdentifier": "cve@mitre.org", - "published": "2023-09-05T20:15:07.883", - "lastModified": "2023-09-08T16:51:31.110", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "abupy up to v0.4.0 was discovered to contain a SQL injection vulnerability via the component abupy.MarketBu.ABuSymbol.search_to_symbol_dict." - }, - { - "lang": "es", - "value": "Se ha descubierto que abupy hasta la versión 0.4.0 contiene una vulnerabilidad de inyección SQL a través del componente \"abupy.MarketBu.ABuSymbol.search_to_symbol_dict\"." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL" - }, - "exploitabilityScore": 3.9, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-89" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:abuquant:abupy:*:*:*:*:*:*:*:*", - "versionEndIncluding": "0.4.0", - "matchCriteriaId": "E3445A7B-23F1-457E-AD33-BB4F382690BC" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/github.com\/Leeyangee\/leeya_bug\/blob\/main\/%5BWarning%5DSQL%20Injection%20in%20abupy%20%3C=%20v0.4.0.md", - "source": "cve@mitre.org", - "tags": [ - "Exploit" - ] - }, - { - "url": "https:\/\/github.com\/bbfamily\/abu", - "source": "cve@mitre.org", - "tags": [ - "Product" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-41009", - "sourceIdentifier": "cve@mitre.org", - "published": "2023-09-05T20:15:07.937", - "lastModified": "2023-09-08T16:51:19.520", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "File Upload vulnerability in adlered bolo-solo v.2.6 allows a remote attacker to execute arbitrary code via a crafted script to the authorization field in the header." - }, - { - "lang": "es", - "value": "Una vulnerabilidad de carga de archivos en adlered bolo-solo v2.6 permite a un atacante remoto ejecutar código arbitrario a través de un script manipulado en el campo de autorización de la cabecera. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL" - }, - "exploitabilityScore": 3.9, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-434" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adlered:bolo-solo:2.6:*:*:*:*:*:*:*", - "matchCriteriaId": "4DDEA408-2849-4AC1-AF15-0B94BEA8B7F3" - } - ] - } - ] - } - ], - "references": [ - { - "url": "http:\/\/adlered.com", - "source": "cve@mitre.org", - "tags": [ - "Broken Link" - ] - }, - { - "url": "https:\/\/github.com\/Rabb1tQ\/HillstoneCVEs\/blob\/main\/CVE-2023-41009\/CVE-2023-41009.md", - "source": "cve@mitre.org", - "tags": [ - "Exploit" - ] - }, - { - "url": "https:\/\/github.com\/adlered\/bolo-solo", - "source": "cve@mitre.org", - "tags": [ - "Product" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-39359", - "sourceIdentifier": "security-advisories@github.com", - "published": "2023-09-05T21:15:46.143", - "lastModified": "2023-11-09T05:15:09.757", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Cacti is an open source operational monitoring and fault management framework. An authenticated SQL injection vulnerability was discovered which allows authenticated users to perform privilege escalation and remote code execution. The vulnerability resides in the `graphs.php` file. When dealing with the cases of ajax_hosts and ajax_hosts_noany, if the `site_id` parameter is greater than 0, it is directly reflected in the WHERE clause of the SQL statement. This creates an SQL injection vulnerability. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability." - }, - { - "lang": "es", - "value": "Cacti es un framework de monitorización operativa y gestión de fallos de código abierto. Se ha descubierto una vulnerabilidad de inyección SQL autenticada que permite a los usuarios autenticados realizar escalada de privilegios y ejecución remota de código. La vulnerabilidad reside en el archivo `graphs.php`. Cuando se trata de los casos de ajax_hosts y ajax_hosts_noany, si el parámetro `site_id` es mayor a 0, se refleja directamente en la cláusula WHERE de la declaración SQL. This creates an SQL injection vulnerability. Esto crea una vulnerabilidad de inyección SQL. Este problema se solucionó en la versión 1.2.25. Se recomienda a los usuarios que actualicen. No se conocen workarounds para esta vulnerabilidad." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.8, - "impactScore": 5.9 - }, - { - "source": "security-advisories@github.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "security-advisories@github.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-89" - } - ] - }, - { - "source": "nvd@nist.gov", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-89" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*", - "versionEndExcluding": "1.2.25", - "matchCriteriaId": "11743AE1-4C92-47E9-BDA5-764FE3984CE8" - } - ] - } - ] - }, - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", - "matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*", - "matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/github.com\/Cacti\/cacti\/security\/advisories\/GHSA-q4wh-3f9w-836h", - "source": "security-advisories@github.com", - "tags": [ - "Exploit", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH\/", - "source": "security-advisories@github.com", - "tags": [ - "Mailing List" - ] - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH\/", - "source": "security-advisories@github.com" - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN\/", - "source": "security-advisories@github.com", - "tags": [ - "Mailing List" - ] - }, - { - "url": "https:\/\/www.debian.org\/security\/2023\/dsa-5550", - "source": "security-advisories@github.com" - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-39360", - "sourceIdentifier": "security-advisories@github.com", - "published": "2023-09-05T21:15:46.800", - "lastModified": "2024-03-18T20:15:07.390", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Cacti is an open source operational monitoring and fault management framework.Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability allows an authenticated user to poison data. The vulnerability is found in `graphs_new.php`. Several validations are performed, but the `returnto` parameter is directly passed to `form_save_button`. In order to bypass this validation, returnto must contain `host.php`. This vulnerability has been addressed in version 1.2.25. Users are advised to upgrade. Users unable to update should manually filter HTML output." - }, - { - "lang": "es", - "value": "Cacti es un framework operacional de monitorización y gestión de fallos de código abierto. Las versiones afectadas están sujetas a una vulnerabilidad de Cross-Site Scripting (XSS) almacenado que permite a un usuario autenticado envenenar datos. La vulnerabilidad se encuentra en \"graphs_new.php\". Se realizan varias validaciones, pero el parámetro \"returnto\" se pasa directamente a \"form_save_button\". Para evitar esta validación, returnto debe contener \"host.php\". Esta vulnerabilidad se ha solucionado en la versión 1.2.25. Se recomienda a los usuarios que actualicen. Los usuarios que no puedan actualizar deberán filtrar manualmente la salida HTML. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 6.1, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 2.7 - }, - { - "source": "security-advisories@github.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 6.1, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 2.7 - } - ] - }, - "weaknesses": [ - { - "source": "security-advisories@github.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-79" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cacti:cacti:1.2.24:*:*:*:*:*:*:*", - "matchCriteriaId": "F28D6ED7-B38C-4E5F-B623-73D0FF93C720" - } - ] - } - ] - }, - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", - "matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*", - "matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/github.com\/Cacti\/cacti\/security\/advisories\/GHSA-gx8c-xvjh-9qh4", - "source": "security-advisories@github.com", - "tags": [ - "Exploit", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/lists.debian.org\/debian-lts-announce\/2024\/03\/msg00018.html", - "source": "security-advisories@github.com" - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH\/", - "source": "security-advisories@github.com", - "tags": [ - "Mailing List" - ] - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH\/", - "source": "security-advisories@github.com" - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN\/", - "source": "security-advisories@github.com", - "tags": [ - "Mailing List" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-39361", - "sourceIdentifier": "security-advisories@github.com", - "published": "2023-09-05T21:15:46.880", - "lastModified": "2024-03-18T20:15:07.513", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a SQL injection discovered in graph_view.php. Since guest users can access graph_view.php without authentication by default, if guest users are being utilized in an enabled state, there could be the potential for significant damage. Attackers may exploit this vulnerability, and there may be possibilities for actions such as the usurpation of administrative privileges or remote code execution. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability." - }, - { - "lang": "es", - "value": "Cacti es un framework de monitorización operativa y gestión de fallos de código abierto. Las versiones afectadas están sujetas a una inyección SQL descubierta en graph_view.php. Desde que los usuarios invitados pueden acceder a graph_view.php sin autenticación por defecto, si los usuarios invitados están siendo utilizados en un estado habilitado, podrían potencialmente producir daños importantes. Los atacantes pueden explotar esta vulnerabilidad, y puede haber posibilidades de acciones tales como la usurpación de privilegios administrativos o la ejecución remota de código. Este problema se ha solucionado en la versión 1.2.25. Se recomienda a los usuarios que actualicen. No se conocen soluciones para esta vulnerabilidad." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL" - }, - "exploitabilityScore": 3.9, - "impactScore": 5.9 - }, - { - "source": "security-advisories@github.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL" - }, - "exploitabilityScore": 3.9, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "security-advisories@github.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-89" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cacti:cacti:1.2.24:*:*:*:*:*:*:*", - "matchCriteriaId": "F28D6ED7-B38C-4E5F-B623-73D0FF93C720" - } - ] - } - ] - }, - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", - "matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*", - "matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/github.com\/Cacti\/cacti\/security\/advisories\/GHSA-6r43-q2fw-5wrg", - "source": "security-advisories@github.com", - "tags": [ - "Exploit", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/lists.debian.org\/debian-lts-announce\/2024\/03\/msg00018.html", - "source": "security-advisories@github.com" - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH\/", - "source": "security-advisories@github.com", - "tags": [ - "Mailing List" - ] - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH\/", - "source": "security-advisories@github.com" - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN\/", - "source": "security-advisories@github.com", - "tags": [ - "Mailing List" - ] - }, - { - "url": "https:\/\/www.debian.org\/security\/2023\/dsa-5550", - "source": "security-advisories@github.com" - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-39366", - "sourceIdentifier": "security-advisories@github.com", - "published": "2023-09-05T21:15:46.963", - "lastModified": "2023-11-09T05:15:10.317", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability allows an authenticated user to poison data stored in the _cacti_'s database. These data will be viewed by administrative _cacti_ accounts and execute JavaScript code in the victim's browser at view-time. The `data_sources.php` script displays the data source management information (e.g. data source path, polling configuration etc.) for different data visualizations of the _cacti_ app. \nCENSUS found that an adversary that is able to configure a malicious Device name, can deploy a stored XSS attack against any user of the same (or broader) privileges. A user that possesses the _General Administration>Sites\/Devices\/Data_ permissions can configure the device names in _cacti_. This configuration occurs through `http:\/\/\/cacti\/host.php`, while the rendered malicious payload is exhibited at `http:\/\/\/cacti\/data_sources.php`. This vulnerability has been addressed in version 1.2.25. Users are advised to upgrade. Users unable to update should manually filter HTML output." - }, - { - "lang": "es", - "value": "Cacti es un marco de monitorización operativa y gestión de fallos de código abierto. Las versiones afectadas están sujetas a una vulnerabilidad de Cross-Site Scripting (XSS) almacenado que permite a un usuario autenticado envenenar los datos almacenados en la base de datos de cacti. Estos datos serán vistos por las cuentas administrativas de cacti y ejecutarán código JavaScript en el navegador de la víctima en tiempo de visualización. El script \"data_sources.php\" muestra la información de gestión de la fuente de datos (por ejemplo, ruta de la fuente de datos, configuración de sonde, etc) para diferentes visualizaciones de datos de la aplicación cacti. CENSUS descubrió que un adversario que es capaz de configurar un nombre de dispositivo malicioso, puede desplegar un ataque de XSS almacenado contra cualquier usuario con los mismos privilegios (o más amplios). Un usuario que posea los permisos de Administración General-Sitios\/Dispositivos\/Datos puede configurar los nombres de los dispositivos en cacti. Esta configuración se produce a través de \"http:\/\/\/cacti\/host.php\", mientras que el payload malicioso renderizado se exhibe en \"http:\/\/\/cacti\/data_sources.php\". Esta vulnerabilidad se ha solucionado en la versión 1.2.25. Se recomienda a los usuarios que actualicen. Los usuarios que no puedan actualizar deberán filtrar manualmente la salida HTML. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:R\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 4.8, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.7, - "impactScore": 2.7 - }, - { - "source": "security-advisories@github.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:R\/S:U\/C:H\/I:H\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "NONE", - "baseScore": 6.1, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 0.9, - "impactScore": 5.2 - } - ] - }, - "weaknesses": [ - { - "source": "security-advisories@github.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-79" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*", - "versionStartIncluding": "1.2.0", - "versionEndExcluding": "1.2.25", - "matchCriteriaId": "1546DD7A-F54C-4DFB-A3D3-21D61D9BF538" - } - ] - } - ] - }, - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", - "matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*", - "matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/github.com\/Cacti\/cacti\/security\/advisories\/GHSA-rwhh-xxm6-vcrv", - "source": "security-advisories@github.com", - "tags": [ - "Exploit", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH\/", - "source": "security-advisories@github.com", - "tags": [ - "Mailing List" - ] - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH\/", - "source": "security-advisories@github.com" - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN\/", - "source": "security-advisories@github.com", - "tags": [ - "Mailing List" - ] - }, - { - "url": "https:\/\/www.debian.org\/security\/2023\/dsa-5550", - "source": "security-advisories@github.com" - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-39510", - "sourceIdentifier": "security-advisories@github.com", - "published": "2023-09-05T21:15:47.047", - "lastModified": "2023-11-09T05:15:10.427", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability allows an authenticated user to poison data stored in the _cacti_'s database. These data will be viewed by administrative _cacti_ accounts and execute JavaScript code in the victim's browser at view-time. The`reports_admin.php` script displays reporting information about graphs, devices, data sources etc.\nCENSUS found that an adversary that is able to configure a malicious Device name, can deploy a stored XSS attack against any user of the same (or broader) privileges. A user that possesses the _General Administration>Sites\/Devices\/Data_ permissions can configure the device names in _cacti_. This configuration occurs through `http:\/\/\/cacti\/host.php`, while the rendered malicious payload is exhibited at `http:\/\/\/cacti\/reports_admin.php` when the a graph with the maliciously altered device name is linked to the report. This vulnerability has been addressed in version 1.2.25. Users are advised to upgrade. Users unable to update should manually filter HTML output." - }, - { - "lang": "es", - "value": "Cacti es un framework de monitorización operativo y gestión de fallos de código abierto. Las versiones afectadas están sujetas a una vulnerabilidad de Cross-Site Scripting (XSS) almacenado que permite a un usuario autenticado envenenar los datos almacenados en la base de datos de _cacti_. Estos datos serán vistos por las cuentas administrativas de _cacti_ y ejecutarán código JavaScript en el navegador de la víctima en tiempo de visualización. El script `reports_admin.php` muestra información de informes sobre gráficos, dispositivos, fuentes de datos, etc.CENSUS descubrió que un adversario que puede configurar un nombre de dispositivo malicioso puede implementar un ataque XSS almacenado contra cualquier usuario con los mismos (o más amplios) privilegios.Un usuario que posee los permisos _Administración general>Sitios\/Dispositivos\/Datos_ puede configurar los nombres de los dispositivos en _cacti_. Esta configuración se produce a través de `http:\/\/\/cacti\/host.php`, mientras que la carga útil maliciosa representada se exhibe en `http:\/\/\/cacti\/reports_admin.php` cuando se muestra un gráfico con el contenido malicioso. El nombre del dispositivo modificado está vinculado al informe. Esta vulnerabilidad se ha solucionado en la versión 1.2.25. Se recomienda a los usuarios que actualicen. Los usuarios que no puedan actualizar deben filtrar manualmente la salida HTML." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:R\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 4.8, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.7, - "impactScore": 2.7 - }, - { - "source": "security-advisories@github.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:R\/S:U\/C:H\/I:H\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "NONE", - "baseScore": 6.1, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 0.9, - "impactScore": 5.2 - } - ] - }, - "weaknesses": [ - { - "source": "security-advisories@github.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-79" - } - ] - }, - { - "source": "nvd@nist.gov", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-79" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*", - "versionEndExcluding": "1.2.25", - "matchCriteriaId": "11743AE1-4C92-47E9-BDA5-764FE3984CE8" - } - ] - } - ] - }, - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", - "matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*", - "matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/github.com\/Cacti\/cacti\/security\/advisories\/GHSA-24w4-4hp2-3j8h", - "source": "security-advisories@github.com", - "tags": [ - "Exploit", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH\/", - "source": "security-advisories@github.com", - "tags": [ - "Mailing List" - ] - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH\/", - "source": "security-advisories@github.com" - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN\/", - "source": "security-advisories@github.com", - "tags": [ - "Mailing List" - ] - }, - { - "url": "https:\/\/www.debian.org\/security\/2023\/dsa-5550", - "source": "security-advisories@github.com" - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-39512", - "sourceIdentifier": "security-advisories@github.com", - "published": "2023-09-05T21:15:47.127", - "lastModified": "2023-11-09T05:15:10.527", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability which allows an authenticated user to poison data stored in the _cacti_'s database. These data will be viewed by administrative _cacti_ accounts and execute JavaScript code in the victim's browser at view-time. The script under `data_sources.php` displays the data source management information (e.g. data source path, polling configuration, device name related to the datasource etc.) for different data visualizations of the _cacti_ app. _CENSUS_ found that an adversary that is able to configure a malicious device name, can deploy a stored XSS attack against any user of the same (or broader) privileges. A user that possesses the _General Administration>Sites\/Devices\/Data_ permissions can configure the device names in _cacti_. This configuration occurs through `http:\/\/\/cacti\/host.php`, while the rendered malicious payload is exhibited at `http:\/\/\/cacti\/data_sources.php`. This vulnerability has been addressed in version 1.2.25. Users are advised to upgrade. Users unable to update should manually filter HTML output." - }, - { - "lang": "es", - "value": "Cacti es un framework de monitorización operativo y gestión de fallos de código abierto. Las versiones afectadas están sujetas a una vulnerabilidad de Cross-Site Scripting (XSS) almacenado que permite a un usuario autenticado envenenar los datos almacenados en la base de datos de _cacti_. Estos datos serán vistos por las cuentas administrativas de _cacti_ y ejecutarán código JavaScript en el navegador de la víctima en tiempo de visualización. El script bajo \"data_sources.php\" muestra la información de gestión de la fuente de datos (por ejemplo, ruta de la fuente de datos, configuración de sondeo, nombre del dispositivo relacionado con la fuente de datos, etc.) para diferentes visualizaciones de datos de la aplicación _cacti_. _CENSUS_ descubrió que un adversario que es capaz de configurar un nombre de dispositivo malicioso, puede desplegar un ataque de XSS almacenado contra cualquier usuario con los mismos privilegios (o más amplios). Un usuario que posea los permisos de _Administración General - Sitios\/Dispositivos\/Datos_ puede configurar los nombres de los dispositivos en _cacti_. Esta configuración se produce a través de \"http:\/\/\/cacti\/host.php\", mientras que el payload malicioso renderizado se exhibe en \"http:\/\/\/cacti\/data_sources.php\". Esta vulnerabilidad se ha solucionado en la versión 1.2.25. Se recomienda a los usuarios que actualicen. Los usuarios que no puedan actualizar deberán filtrar manualmente la salida HTML." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:R\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 4.8, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.7, - "impactScore": 2.7 - }, - { - "source": "security-advisories@github.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:R\/S:U\/C:H\/I:H\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "NONE", - "baseScore": 6.1, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 0.9, - "impactScore": 5.2 - } - ] - }, - "weaknesses": [ - { - "source": "security-advisories@github.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-79" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*", - "versionEndExcluding": "1.2.25", - "matchCriteriaId": "11743AE1-4C92-47E9-BDA5-764FE3984CE8" - } - ] - } - ] - }, - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", - "matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*", - "matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/github.com\/Cacti\/cacti\/security\/advisories\/GHSA-vqcc-5v63-g9q7", - "source": "security-advisories@github.com", - "tags": [ - "Exploit", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH\/", - "source": "security-advisories@github.com", - "tags": [ - "Mailing List" - ] - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH\/", - "source": "security-advisories@github.com" - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN\/", - "source": "security-advisories@github.com", - "tags": [ - "Mailing List" - ] - }, - { - "url": "https:\/\/www.debian.org\/security\/2023\/dsa-5550", - "source": "security-advisories@github.com" - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-39513", - "sourceIdentifier": "security-advisories@github.com", - "published": "2023-09-05T21:15:47.213", - "lastModified": "2024-03-18T20:15:07.950", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability which allows an authenticated user to poison data stored in the _cacti_'s database. These data will be viewed by administrative _cacti_ accounts and execute JavaScript code in the victim's browser at view-time. The script under `host.php` is used to monitor and manage hosts in the _cacti_ app, hence displays useful information such as data queries and verbose logs. _CENSUS_ found that an adversary that is able to configure a data-query template with malicious code appended in the template path, in order to deploy a stored XSS attack against any user with the _General Administration>Sites\/Devices\/Data_ privileges. A user that possesses the _Template Editor>Data Queries_ permissions can configure the data query template path in _cacti_. Please note that such a user may be a low privileged user. This configuration occurs through `http:\/\/\/cacti\/data_queries.php` by editing an existing or adding a new data query template. If a template is linked to a device then the formatted template path will be rendered in the device's management page, when a _verbose data query_ is requested. This vulnerability has been addressed in version 1.2.25. Users are advised to upgrade. Users unable to update should manually filter HTML output." - }, - { - "lang": "es", - "value": "Cacti es un framework de monitorización operativa y gestión de fallos de código abierto. Las versiones afectadas están sujetas a una vulnerabilidad de Cross-Site Scripting (XSS) almacenado que permite a un usuario autenticado envenenar a los datos almacenados en la base de datos de cacti. Estos datos serán visualizados por las cuentas administrativas de cacti y ejecutarán código JavaScript en el navegador de la víctima en tiempo de visualización. El script bajo `host.php` se utiliza para monitorear y administrar hosts en la aplicación _cacti_, por lo que muestra información útil, como consultas de datos y registros detallados._CENSUS_ descubrió que un adversario es capaz de configurar una plantilla de consulta de datos con código malicioso añadido en la ruta de la plantilla, para implementar un ataque XSS almacenado contra cualquier usuario con privilegios de _Administración general>Sitios\/Dispositivos\/Datos_. Un usuario que posee los permisos _Editor de plantillas>Consultas de datos_ puede configurar la ruta de la plantilla de consulta de datos en _cacti_.Tenga en cuenta que dicho usuario puede ser un usuario con pocos privilegios. Esta configuración se produce a través de `http:\/\/\/cacti\/data_queries.php` editando una plantilla de consulta de datos existente o agregando una nueva. Si una plantilla está vinculada a un dispositivo, la ruta de la plantilla formateada se mostrará en la página de administración del dispositivo, cuando se solicite una _consulta de datos detallada_. Esta vulnerabilidad se ha solucionado en la versión 1.2.25. Se recomienda a los usuarios que actualicen. Los usuarios que no puedan actualizar deben filtrar manualmente la salida HTML." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:R\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 5.4, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.3, - "impactScore": 2.7 - }, - { - "source": "security-advisories@github.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:R\/S:U\/C:H\/I:H\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "NONE", - "baseScore": 6.1, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 0.9, - "impactScore": 5.2 - } - ] - }, - "weaknesses": [ - { - "source": "security-advisories@github.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-79" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*", - "versionEndExcluding": "1.2.25", - "matchCriteriaId": "11743AE1-4C92-47E9-BDA5-764FE3984CE8" - } - ] - } - ] - }, - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", - "matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*", - "matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/github.com\/Cacti\/cacti\/security\/advisories\/GHSA-9fj7-8f2j-2rw2", - "source": "security-advisories@github.com", - "tags": [ - "Exploit", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/lists.debian.org\/debian-lts-announce\/2024\/03\/msg00018.html", - "source": "security-advisories@github.com" - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH\/", - "source": "security-advisories@github.com", - "tags": [ - "Mailing List" - ] - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH\/", - "source": "security-advisories@github.com" - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN\/", - "source": "security-advisories@github.com", - "tags": [ - "Mailing List" - ] - }, - { - "url": "https:\/\/www.debian.org\/security\/2023\/dsa-5550", - "source": "security-advisories@github.com" - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-39514", - "sourceIdentifier": "security-advisories@github.com", - "published": "2023-09-05T21:15:47.297", - "lastModified": "2023-11-09T05:15:10.750", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability which allows an authenticated user to poison data stored in the _cacti_'s database. These data will be viewed by administrative _cacti_ accounts and execute JavaScript code in the victim's browser at view-time. The script under `graphs.php` displays graph details such as data-source paths, data template information and graph related fields. _CENSUS_ found that an adversary that is able to configure either a data-source template with malicious code appended in the data-source name or a device with a malicious payload injected in the device name, may deploy a stored XSS attack against any user with _General Administration>Graphs_ privileges. A user that possesses the _Template Editor>Data Templates_ permissions can configure the data-source name in _cacti_. Please note that this may be a _low privileged_ user. This configuration occurs through `http:\/\/\/cacti\/data_templates.php` by editing an existing or adding a new data template. If a template is linked to a graph then the formatted template name will be rendered in the graph's management page. A user that possesses the _General Administration>Sites\/Devices\/Data_ permissions can configure the device name in _cacti_. This vulnerability has been addressed in version 1.2.25. Users are advised to upgrade. Users unable to upgrade should add manual HTML escaping.\n" - }, - { - "lang": "es", - "value": "Cacti es un framework de monitorización operativa y gestión de fallos de código abierto. Las versiones afectadas están sujetas a una vulnerabilidad de Cross-Site Scripting (XSS) almacenado que permite a un usuario autenticado envenenar a los datos almacenados en la base de datos de cacti. Estos datos serán visualizados por las cuentas administrativas de cacti y ejecutarán código JavaScript en el navegador de la víctima en tiempo de visualización. El script bajo \"graphs.php\" muestra detalles del gráfico como rutas de origen de datos, información de la plantilla de datos y campos relacionados con el gráfico _CENSUS_ descubrió que un adversario que es capaz de configurar una plantilla de fuente de datos con código malicioso añadido en el nombre de la fuente de datos o un dispositivo con una carga maliciosa inyectada en el nombre del dispositivo, puede desplegar un ataque XSS almacenado contra cualquier usuario con privilegios de Administración General - Gráficos. Un usuario que posea los permisos de Editor de plantillas - Plantilla de datos puede configurar el nombre de la fuente de datos en cacti. Tenga en cuenta que puede tratarse de un usuario con privilegios bajos. Esta configuración se realiza a través de \"http:\/\/\/cacti\/data_templates.php\" editando una plantilla de datos existente o añadiendo una nueva. Si una plantilla está vinculada a un gráfico, el nombre formateado de la plantilla se mostrará en la página de gestión del gráfico. Un usuario que posea los permisos Administración General - Sitios\/Dispositivos\/Datos puede configurar el nombre del dispositivos en cacti. Esta vulnerabilidad se ha solucionado en la versión 1.2.25. Se recomienda a los usuarios que la actualicen. Los usuarios que no puedan actualizar deberán añadir manualmente el escape HTML. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:R\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 5.4, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.3, - "impactScore": 2.7 - }, - { - "source": "security-advisories@github.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:R\/S:U\/C:H\/I:H\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "NONE", - "baseScore": 6.1, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 0.9, - "impactScore": 5.2 - } - ] - }, - "weaknesses": [ - { - "source": "security-advisories@github.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-79" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*", - "versionEndExcluding": "1.2.25", - "matchCriteriaId": "11743AE1-4C92-47E9-BDA5-764FE3984CE8" - } - ] - } - ] - }, - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", - "matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*", - "matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/github.com\/Cacti\/cacti\/security\/advisories\/GHSA-6hrc-2cfc-8hm7", - "source": "security-advisories@github.com", - "tags": [ - "Exploit", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH\/", - "source": "security-advisories@github.com", - "tags": [ - "Mailing List" - ] - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH\/", - "source": "security-advisories@github.com" - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN\/", - "source": "security-advisories@github.com", - "tags": [ - "Mailing List" - ] - }, - { - "url": "https:\/\/www.debian.org\/security\/2023\/dsa-5550", - "source": "security-advisories@github.com" - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-39515", - "sourceIdentifier": "security-advisories@github.com", - "published": "2023-09-05T21:15:47.387", - "lastModified": "2024-03-18T20:15:08.063", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability allows an authenticated user to poison data stored in the cacti's database. These data will be viewed by administrative cacti accounts and execute JavaScript code in the victim's browser at view-time. The script under `data_debug.php` displays data source related debugging information such as _data source paths, polling settings, meta-data on the data source_. _CENSUS_ found that an adversary that is able to configure a malicious data-source path, can deploy a stored XSS attack against any user that has privileges related to viewing the `data_debug.php` information. A user that possesses the _General Administration>Sites\/Devices\/Data_ permissions can configure the data source path in _cacti_. This configuration occurs through `http:\/\/\/cacti\/data_sources.php`. This vulnerability has been addressed in version 1.2.25. Users are advised to upgrade. Users unable to update should manually filter HTML output." - }, - { - "lang": "es", - "value": "Cacti es un framework de monitorización operativa y gestión de fallos de código abierto. Las versiones afectadas están sujetas a una vulnerabilidad de Cross-Site Scripting (XSS) almacenado que permite a un usuario autenticado envenenar a los datos almacenados en la base de datos de cacti.Estos datos serán visualizados por las cuentas administrativas de cacti y ejecutarán código JavaScript en el navegador de la víctima en tiempo de visualización. El script bajo `data_debug.php`muestra información de depuración relacionada con la fuente de datos, como _rutas de la fuente de datos, configuraciones de sondeo y metadatos en la fuente de datos_._CENSUS_ descubrió que un adversario que es capaz de configurar una ruta de fuente de datos maliciosa, puede implementar un ataque XSS almacenado contra cualquier usuario que tenga privilegios relacionados con la visualización de la información `data_debug.php`.Un usuario que posee los permisos _Administración general>Sitios\/Dispositivos\/Datos_ puede configurar la ruta de la fuente de datos en _cacti_. Esta configuración se produce a través de `http:\/\/\/cacti\/data_sources.php`. Esta vulnerabilidad se ha solucionado en la versión 1.2.25. Se recomienda a los usuarios que actualicen. Los usuarios que no puedan actualizar deben filtrar manualmente la salida HTML." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:R\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 4.8, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.7, - "impactScore": 2.7 - }, - { - "source": "security-advisories@github.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:R\/S:U\/C:H\/I:H\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "NONE", - "baseScore": 6.1, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 0.9, - "impactScore": 5.2 - } - ] - }, - "weaknesses": [ - { - "source": "security-advisories@github.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-79" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*", - "versionEndExcluding": "1.2.25", - "matchCriteriaId": "11743AE1-4C92-47E9-BDA5-764FE3984CE8" - } - ] - } - ] - }, - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", - "matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*", - "matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/github.com\/Cacti\/cacti\/security\/advisories\/GHSA-hrg9-qqqx-wc4h", - "source": "security-advisories@github.com", - "tags": [ - "Exploit", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/lists.debian.org\/debian-lts-announce\/2024\/03\/msg00018.html", - "source": "security-advisories@github.com" - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH\/", - "source": "security-advisories@github.com", - "tags": [ - "Mailing List" - ] - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH\/", - "source": "security-advisories@github.com" - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN\/", - "source": "security-advisories@github.com", - "tags": [ - "Mailing List" - ] - }, - { - "url": "https:\/\/www.debian.org\/security\/2023\/dsa-5550", - "source": "security-advisories@github.com" - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-41508", - "sourceIdentifier": "cve@mitre.org", - "published": "2023-09-05T21:15:47.483", - "lastModified": "2023-09-11T18:53:12.833", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "A hard coded password in Super Store Finder v3.6 allows attackers to access the administration panel." - }, - { - "lang": "es", - "value": "Una contraseña incrustada en Super Store Finder v3.6 permite a los atacantes acceder al panel de administración. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL" - }, - "exploitabilityScore": 3.9, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-798" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:superstorefinder:super_store_finder:3.6:*:*:*:*:-:*:*", - "matchCriteriaId": "CFD2140D-96EB-4B60-8BEE-AE439992F5AA" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/github.com\/redblueteam\/CVE-2023-41508\/", - "source": "cve@mitre.org", - "tags": [ - "Exploit", - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/superstorefinder.net\/support\/forums\/topic\/super-store-finder-patch-notes\/", - "source": "cve@mitre.org", - "tags": [ - "Release Notes" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-4310", - "sourceIdentifier": "9119a7d8-5eab-497f-8521-727c672e3725", - "published": "2023-09-05T21:15:47.537", - "lastModified": "2023-11-07T04:22:27.147", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) versions 23.2.1 and 23.2.2 contain a command injection vulnerability which can be exploited through a malicious HTTP request. Successful exploitation of this vulnerability can allow an unauthenticated remote attacker to execute underlying operating system commands within the context of the site user. This issue is fixed in version 23.2.3.\n" - }, - { - "lang": "es", - "value": "BeyondTrust Privileged Remote Access (PRA) y Remote Support (RS) versiones 23.2.1 y 23.2.2 contienen una vulnerabilidad de inyección de comandos que puede explotarse mediante una solicitud HTTP maliciosa. La explotación exitosa de esta vulnerabilidad puede permitir que un atacante remoto no autenticado ejecute comandos del sistema operativo subyacente dentro del contexto del usuario del sitio. Este problema se solucionó en la versión 23.2.3.\n" - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL" - }, - "exploitabilityScore": 3.9, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-77" - } - ] - }, - { - "source": "9119a7d8-5eab-497f-8521-727c672e3725", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-77" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:beyondtrust:privileged_remote_access:23.2.1:*:*:*:*:*:*:*", - "matchCriteriaId": "402E7658-AAFA-41FF-A4E1-1DF4FD845BC3" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:beyondtrust:privileged_remote_access:23.2.2:*:*:*:*:*:*:*", - "matchCriteriaId": "3366D2EE-532C-4741-B32A-575E8B1A9AF3" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:beyondtrust:remote_support:23.2.1:*:*:*:*:*:*:*", - "matchCriteriaId": "FABCD6F1-8D5A-4373-83B5-9DDE81331343" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:beyondtrust:remote_support:23.2.2:*:*:*:*:*:*:*", - "matchCriteriaId": "5E495D6D-7D56-41E6-B62A-0081AD9146BD" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/beyondtrustcorp.service-now.com\/csm?id=kb_article_view&sysparm_article=KB0020207", - "source": "9119a7d8-5eab-497f-8521-727c672e3725" - }, - { - "url": "https:\/\/www.beyondtrust.com\/blog\/entry\/security-update-for-remote-support-and-privileged-remote-access", - "source": "9119a7d8-5eab-497f-8521-727c672e3725" - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-30534", - "sourceIdentifier": "security-advisories@github.com", - "published": "2023-09-05T22:15:08.240", - "lastModified": "2023-11-03T21:15:13.993", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Cacti is an open source operational monitoring and fault management framework. There are two instances of insecure deserialization in Cacti version 1.2.24. While a viable gadget chain exists in Cacti’s vendor directory (phpseclib), the necessary gadgets are not included, making them inaccessible and the insecure deserializations not exploitable. Each instance of insecure deserialization is due to using the unserialize function without sanitizing the user input. Cacti has a “safe” deserialization that attempts to sanitize the content and check for specific values before calling unserialize, but it isn’t used in these instances. The vulnerable code lies in graphs_new.php, specifically within the host_new_graphs_save function. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability.\n" - }, - { - "lang": "es", - "value": "Cacti es un framework de gestión de fallas y monitoreo operativo de código abierto. Hay dos casos de deserialización insegura en la versión 1.2.24 de Cacti. Mientras exista una cadena viable de gadgets en el directorio Cacti’s vendor (phpseclib), los gadgets necesarios no están incluidos, lo que los hace inaccesibles y las deserializaciones inseguras no son explotables. Cada caso de deserialización insegura se debe al uso de la función unserialize sin sanear la entrada del usuario. Cacti tiene una deserialización “segura” que intenta sanitizar el contenido y verificar valores específicos antes de llamar a unserialize, pero no se usa en estos casos.El código vulnerable se encuentra en graphs_new.php, específicamente dentro de la función host_new_graphs_save. Este problema se solucionó en la versión 1.2.25. Se recomienda a los usuarios que actualicen. No se conocen soluciones para esta vulnerabilidad." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:N\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 4.3, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 1.4 - }, - { - "source": "security-advisories@github.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:L\/I:N\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 4.3, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 1.4 - } - ] - }, - "weaknesses": [ - { - "source": "security-advisories@github.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-502" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*", - "versionEndExcluding": "1.2.25", - "matchCriteriaId": "11743AE1-4C92-47E9-BDA5-764FE3984CE8" - } - ] - } - ] - }, - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", - "matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*", - "matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/github.com\/Cacti\/cacti\/security\/advisories\/GHSA-77rf-774j-6h3p", - "source": "security-advisories@github.com", - "tags": [ - "Exploit", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH\/", - "source": "security-advisories@github.com", - "tags": [ - "Mailing List" - ] - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH\/", - "source": "security-advisories@github.com" - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN\/", - "source": "security-advisories@github.com", - "tags": [ - "Mailing List" - ] - }, - { - "url": "https:\/\/www.fastly.com\/blog\/cve-2023-30534-insecure-deserialization-in-cacti-prior-to-1-2-25", - "source": "security-advisories@github.com", - "tags": [ - "Exploit" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-31132", - "sourceIdentifier": "security-advisories@github.com", - "published": "2023-09-05T22:15:08.487", - "lastModified": "2023-11-03T21:15:14.103", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a privilege escalation vulnerability. A low-privileged OS user with access to a Windows host where Cacti is installed can create arbitrary PHP files in a web document directory. The user can then execute the PHP files under the security context of SYSTEM. This allows an attacker to escalate privilege from a normal user account to SYSTEM. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability.\n" - }, - { - "lang": "es", - "value": "Cacti es un framework de monitorización operativa y gestión de fallos de código abierto. Las versiones afectadas están sujetas a una vulnerabilidad de escalada de privilegios. Un usuario del sistema operativo con pocos privilegios y acceso a un host Windows en el que esté instalado Cacti puede crear archivos PHP arbitrarios en un directorio de documentos web. El usuario puede entonces ejecutar los archivos PHP bajo el contexto de seguridad de SYSTEM. Esto permite a un atacante escalar privilegios desde una cuenta de usuario normal a SYSTEM. Este problema se ha solucionado en la versión 1.2.25. Se recomienda a los usuarios actualizar. No se conocen soluciones para esta vulnerabilidad. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - }, - { - "source": "security-advisories@github.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "security-advisories@github.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-306" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*", - "versionEndExcluding": "1.2.25", - "matchCriteriaId": "11743AE1-4C92-47E9-BDA5-764FE3984CE8" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/github.com\/Cacti\/cacti\/security\/advisories\/GHSA-rf5w-pq3f-9876", - "source": "security-advisories@github.com", - "tags": [ - "Exploit", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH\/", - "source": "security-advisories@github.com", - "tags": [ - "Mailing List" - ] - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH\/", - "source": "security-advisories@github.com" - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN\/", - "source": "security-advisories@github.com", - "tags": [ - "Mailing List" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-34637", - "sourceIdentifier": "cve@mitre.org", - "published": "2023-09-05T22:15:08.577", - "lastModified": "2023-09-11T16:54:19.023", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "A stored cross-site scripting (XSS) vulnerability in IsarNet AG IsarFlow v5.23 allows authenticated attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the dashboard title parameter in the IsarFlow Portal." - }, - { - "lang": "es", - "value": "Una vulnerabilidad de cross-site scripting (XSS) almacenada en IsarNet AG IsarFlow v5.23 permite a los atacantes autenticados ejecutar scripts web arbitrarios o HTML mediante la inyección de un payload manipulado en el parámetro de título del panel en el Portal IsarFlow." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:R\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 5.4, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.3, - "impactScore": 2.7 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-79" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:isarnet:isarflow:*:*:*:*:*:*:*:*", - "versionEndIncluding": "5.23", - "matchCriteriaId": "0A5CB77C-166D-41F0-8EB3-98252D7B009C" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.mgm-sp.com\/en\/isarflow-xss-vulnerability\/", - "source": "cve@mitre.org", - "tags": [ - "Exploit", - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-39357", - "sourceIdentifier": "security-advisories@github.com", - "published": "2023-09-05T22:15:08.637", - "lastModified": "2024-03-18T20:15:07.207", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Cacti is an open source operational monitoring and fault management framework. A defect in the sql_save function was discovered. When the column type is numeric, the sql_save function directly utilizes user input. Many files and functions calling the sql_save function do not perform prior validation of user input, leading to the existence of multiple SQL injection vulnerabilities in Cacti. This allows authenticated users to exploit these SQL injection vulnerabilities to perform privilege escalation and remote code execution. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability." - }, - { - "lang": "es", - "value": "Cacti es un framework de código abierto de monitorización operativa y gestión de fallos. Se ha descubierto un defecto en la función \"sql_save\". Cuando el tipo de columna es numérico, la función \"sql_save\" utiliza directamente la entrada del usuario. Muchos archivos y funciones que llaman a la función \"sql_save\" no realizan una validación previa de la entrada del usuario, lo que provoca la existencia de múltiples vulnerabilidades de inyección SQL en Cacti. Esto permite a los usuarios autenticados explotar estas vulnerabilidades de inyección SQL para llevar a cabo la escalada de privilegios ejecución remota de código. Este problema se ha solucionado en la versión 1.2.25. Se recomienda a los usuarios que actualicen. No se conocen solucionas para esta vulnerabilidad. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.8, - "impactScore": 5.9 - }, - { - "source": "security-advisories@github.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "security-advisories@github.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-20" - }, - { - "lang": "en", - "value": "CWE-89" - } - ] - }, - { - "source": "nvd@nist.gov", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-89" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cacti:cacti:1.2.24:*:*:*:*:*:*:*", - "matchCriteriaId": "F28D6ED7-B38C-4E5F-B623-73D0FF93C720" - } - ] - } - ] - }, - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", - "matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*", - "matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/github.com\/Cacti\/cacti\/security\/advisories\/GHSA-6jhp-mgqg-fhqg", - "source": "security-advisories@github.com", - "tags": [ - "Exploit", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/lists.debian.org\/debian-lts-announce\/2024\/03\/msg00018.html", - "source": "security-advisories@github.com" - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH\/", - "source": "security-advisories@github.com", - "tags": [ - "Mailing List" - ] - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH\/", - "source": "security-advisories@github.com" - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN\/", - "source": "security-advisories@github.com", - "tags": [ - "Mailing List" - ] - }, - { - "url": "https:\/\/www.debian.org\/security\/2023\/dsa-5550", - "source": "security-advisories@github.com" - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-39358", - "sourceIdentifier": "security-advisories@github.com", - "published": "2023-09-05T22:15:08.733", - "lastModified": "2023-11-03T21:15:14.300", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Cacti is an open source operational monitoring and fault management framework. An authenticated SQL injection vulnerability was discovered which allows authenticated users to perform privilege escalation and remote code execution. The vulnerability resides in the `reports_user.php` file. In `ajax_get_branches`, the `tree_id` parameter is passed to the `reports_get_branch_select` function without any validation. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability." - }, - { - "lang": "es", - "value": "Cacti es un framework de monitorización operativa y gestión de fallos de código abierto. Se descubrió una vulnerabilidad de inyección SQL autenticada que permite a los usuarios autenticados realizar una escalada de privilegios y la ejecución remota de código. La vulnerabilidad reside en el archivo `reports_user.php`. En `ajax_get_branches` el parámetro `tree_id` pasa por la función `reports_get_branch_select` sin ninguna validación.Este problema se ha solucionado en la versión 1.2.25. Se recomienda a los usuarios que actualicen. No se conocen soluciones para esta vulnerabilidad." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.8, - "impactScore": 5.9 - }, - { - "source": "security-advisories@github.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "security-advisories@github.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-89" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*", - "versionEndExcluding": "1.2.25", - "matchCriteriaId": "11743AE1-4C92-47E9-BDA5-764FE3984CE8" - } - ] - } - ] - }, - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", - "matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*", - "matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/github.com\/Cacti\/cacti\/security\/advisories\/GHSA-gj95-7xr8-9p7g", - "source": "security-advisories@github.com", - "tags": [ - "Exploit", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH\/", - "source": "security-advisories@github.com", - "tags": [ - "Mailing List" - ] - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH\/", - "source": "security-advisories@github.com" - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN\/", - "source": "security-advisories@github.com", - "tags": [ - "Mailing List" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-39362", - "sourceIdentifier": "security-advisories@github.com", - "published": "2023-09-05T22:15:08.817", - "lastModified": "2024-03-18T20:15:07.610", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Cacti is an open source operational monitoring and fault management framework. In Cacti 1.2.24, under certain conditions, an authenticated privileged user, can use a malicious string in the SNMP options of a Device, performing command injection and obtaining remote code execution on the underlying server. The `lib\/snmp.php` file has a set of functions, with similar behavior, that accept in input some variables and place them into an `exec` call without a proper escape or validation. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability." - }, - { - "lang": "es", - "value": "Cacti es un framework de monitorización operacional y gestión de fallos de código abierto. En Cacti v1.2.24, bajo ciertas condiciones, un usuario privilegiado autenticado, puede utilizar una cadena maliciosa en las opciones SNMP de un dispositivo, realizando inyección de comandos y obteniendo ejecución remota de código en el servidor subyacente. El fichero \"lib\/snmp.php\" tiene un conjunto de funciones, con un comportamiento similar, que aceptan en entrada algunas variables y las colocan en una llamada \"exec\" sin un escape o validación adecuados. Este problema se ha solucionado en la versión 1.2.25. Se recomienda a los usuarios que actualicen. No se conocen soluciones para esta vulnerabilidad. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.2, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.2, - "impactScore": 5.9 - }, - { - "source": "security-advisories@github.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.2, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.2, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "security-advisories@github.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-78" - } - ] - }, - { - "source": "nvd@nist.gov", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-77" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*", - "versionEndExcluding": "1.2.25", - "matchCriteriaId": "11743AE1-4C92-47E9-BDA5-764FE3984CE8" - } - ] - } - ] - }, - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", - "matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*", - "matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9" - } - ] - } - ] - } - ], - "references": [ - { - "url": "http:\/\/packetstormsecurity.com\/files\/175029\/Cacti-1.2.24-Command-Injection.html", - "source": "security-advisories@github.com", - "tags": [ - "Exploit", - "Third Party Advisory", - "VDB Entry" - ] - }, - { - "url": "https:\/\/github.com\/Cacti\/cacti\/security\/advisories\/GHSA-g6ff-58cj-x3cp", - "source": "security-advisories@github.com", - "tags": [ - "Exploit", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/lists.debian.org\/debian-lts-announce\/2024\/03\/msg00018.html", - "source": "security-advisories@github.com" - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH\/", - "source": "security-advisories@github.com", - "tags": [ - "Mailing List" - ] - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH\/", - "source": "security-advisories@github.com" - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN\/", - "source": "security-advisories@github.com", - "tags": [ - "Mailing List" - ] - }, - { - "url": "https:\/\/www.debian.org\/security\/2023\/dsa-5550", - "source": "security-advisories@github.com" - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-39364", - "sourceIdentifier": "security-advisories@github.com", - "published": "2023-09-05T22:15:08.910", - "lastModified": "2024-03-18T20:15:07.727", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Cacti is an open source operational monitoring and fault management framework. In Cacti 1.2.24, users with console access can be redirected to an arbitrary website after a change password performed via a specifically crafted URL. The `auth_changepassword.php` file accepts `ref` as a URL parameter and reflects it in the form used to perform the change password. It's value is used to perform a redirect via `header` PHP function. A user can be tricked in performing the change password operation, e.g., via a phishing message, and then interacting with the malicious website where the redirection has been performed, e.g., downloading malwares, providing credentials, etc. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability." - }, - { - "lang": "es", - "value": "Cacti es un framework de gestión de fallas y monitoreo operativo de código abierto. En Cacti 1.2.24, los usuarios con acceso a la consola pueden ser redirigidos a un sitio web arbitrario después de realizar un cambio de contraseña a través de una URL específicamente manipulada. El archivo `auth_changepassword.php` acepta `ref` como parámetro de URL y lo refleja en el formulario utilizado para realizar el cambio de contraseña. Su valor se utiliza para realizar una redirección a través de la función PHP \"header\". Se puede engañar a un usuario para que realice la operación de cambio de contraseña, por ejemplo, mediante un mensaje de phishing, y luego interactúe con el sitio web malicioso donde se realizó la redirección, por ejemplo, descargando malware, proporcionando credenciales, etc. Este problema se ha solucionado en la versión 1.2.25. Se recomienda a los usuarios que actualicen. No se conocen workarounds para esta vulnerabilidad." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:R\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 5.4, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.3, - "impactScore": 2.7 - }, - { - "source": "security-advisories@github.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:R\/S:U\/C:L\/I:N\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 3.5, - "baseSeverity": "LOW" - }, - "exploitabilityScore": 2.1, - "impactScore": 1.4 - } - ] - }, - "weaknesses": [ - { - "source": "security-advisories@github.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-601" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cacti:cacti:1.2.24:*:*:*:*:*:*:*", - "matchCriteriaId": "F28D6ED7-B38C-4E5F-B623-73D0FF93C720" - } - ] - } - ] - }, - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", - "matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*", - "matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/github.com\/Cacti\/cacti\/security\/advisories\/GHSA-4pjv-rmrp-r59x", - "source": "security-advisories@github.com", - "tags": [ - "Exploit", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/lists.debian.org\/debian-lts-announce\/2024\/03\/msg00018.html", - "source": "security-advisories@github.com" - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH\/", - "source": "security-advisories@github.com", - "tags": [ - "Mailing List" - ] - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH\/", - "source": "security-advisories@github.com" - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN\/", - "source": "security-advisories@github.com", - "tags": [ - "Mailing List" - ] - }, - { - "url": "https:\/\/www.debian.org\/security\/2023\/dsa-5550", - "source": "security-advisories@github.com" - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-39365", - "sourceIdentifier": "security-advisories@github.com", - "published": "2023-09-05T22:15:09.017", - "lastModified": "2024-03-18T20:15:07.827", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Cacti is an open source operational monitoring and fault management framework. Issues with Cacti Regular Expression validation combined with the external links feature can lead to limited SQL Injections and subsequent data leakage. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability.\n\n" - }, - { - "lang": "es", - "value": "Cacti es un framework de monitorización operativa y gestión de fallos de código abierto. Los problemas con la validación de expresiones regulares de Cacti combinados con la función de enlaces externos pueden provocar inyecciones SQL limitadas y la consiguiente fuga de datos. Este problema se ha solucionado en la versión 1.2.25. Se recomienda a los usuarios que actualicen. No se conocen soluciones para esta vulnerabilidad. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:L\/I:L\/A:L", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "LOW", - "baseScore": 6.3, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 3.4 - }, - { - "source": "security-advisories@github.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:R\/S:U\/C:L\/I:N\/A:L", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "availabilityImpact": "LOW", - "baseScore": 4.6, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.1, - "impactScore": 2.5 - } - ] - }, - "weaknesses": [ - { - "source": "security-advisories@github.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-89" - } - ] - }, - { - "source": "nvd@nist.gov", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-89" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*", - "versionEndExcluding": "1.2.25", - "matchCriteriaId": "11743AE1-4C92-47E9-BDA5-764FE3984CE8" - } - ] - } - ] - }, - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", - "matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*", - "matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/github.com\/Cacti\/cacti\/security\/advisories\/GHSA-v5w7-hww7-2f22", - "source": "security-advisories@github.com", - "tags": [ - "Exploit", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/lists.debian.org\/debian-lts-announce\/2024\/03\/msg00018.html", - "source": "security-advisories@github.com" - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH\/", - "source": "security-advisories@github.com", - "tags": [ - "Mailing List" - ] - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH\/", - "source": "security-advisories@github.com" - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN\/", - "source": "security-advisories@github.com", - "tags": [ - "Mailing List" - ] - }, - { - "url": "https:\/\/www.debian.org\/security\/2023\/dsa-5550", - "source": "security-advisories@github.com" - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-39516", - "sourceIdentifier": "security-advisories@github.com", - "published": "2023-09-05T22:15:09.180", - "lastModified": "2024-03-18T20:15:08.180", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability which allows an authenticated user to poison data stored in the _cacti_'s database. These data will be viewed by administrative _cacti_ accounts and execute JavaScript code in the victim's browser at view-time. The script under `data_sources.php` displays the data source management information (e.g. data source path, polling configuration etc.) for different data visualizations of the _cacti_ app. CENSUS found that an adversary that is able to configure a malicious data-source path, can deploy a stored XSS attack against any user of the same (or broader) privileges. A user that possesses the 'General Administration>Sites\/Devices\/Data' permissions can configure the data source path in Cacti. This configuration occurs through `http:\/\/\/cacti\/data_sources.php`. The same page can be used for previewing the data source path. This issue has been addressed in version 1.2.25. Users are advised to upgrade. Users unable to upgrade should manually escape HTML output.\n" - }, - { - "lang": "es", - "value": "Cacti es un framework de monitorización operativa y gestión de fallos de código abierto. Las versiones afectadas están sujetas a una vulnerabilidad de Cross-Site Scripting (XSS) almacenado que permite a un usuario autenticado envenenar a los datos almacenados en la base de datos de cacti. Estos datos serán visualizados por las cuentas administrativas de cacti y ejecutarán código JavaScript en el navegador de la víctima en tiempo de visualización. El script bajo `data_sources.php` muestra la información de gestión de la fuente de datos (por ejemplo, ruta de la fuente de datos, configuración de sondeo etc) para diferentes visualizaciones de datos de la aplicación _cacti_. CENSUS descubrió que un adversario que es capaz de configurar una ruta de fuente de datos maliciosa, puede implementar un ataque XSS almacenado contra cualquier usuario que tenga los mismos (o más amplios) privilegios. Un usuario que posea los permisos 'General Administration>Sites\/Devices\/Data', puede configurar la ruta de la fuente de datos en Cacti. Esta configuración ocurre a través de `http:\/\/\/cacti\/data_sources.php`. La misma página se puede utilizar para obtener una vista previa de la ruta de la fuente de datos. Este problema se solucionó en la versión 1.2.25. Se recomienda a los usuarios que actualicen. Los usuarios que no puedan actualizar deben escapar manualmente de la salida HTML." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:R\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 4.8, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.7, - "impactScore": 2.7 - }, - { - "source": "security-advisories@github.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:R\/S:U\/C:H\/I:H\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "NONE", - "baseScore": 6.1, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 0.9, - "impactScore": 5.2 - } - ] - }, - "weaknesses": [ - { - "source": "security-advisories@github.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-79" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*", - "versionEndExcluding": "1.2.25", - "matchCriteriaId": "11743AE1-4C92-47E9-BDA5-764FE3984CE8" - } - ] - } - ] - }, - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", - "matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*", - "matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/github.com\/Cacti\/cacti\/security\/advisories\/GHSA-r8qq-88g3-hmgv", - "source": "security-advisories@github.com", - "tags": [ - "Exploit", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/lists.debian.org\/debian-lts-announce\/2024\/03\/msg00018.html", - "source": "security-advisories@github.com" - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH\/", - "source": "security-advisories@github.com", - "tags": [ - "Mailing List" - ] - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH\/", - "source": "security-advisories@github.com" - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN\/", - "source": "security-advisories@github.com", - "tags": [ - "Mailing List" - ] - }, - { - "url": "https:\/\/www.debian.org\/security\/2023\/dsa-5550", - "source": "security-advisories@github.com" - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-41507", - "sourceIdentifier": "cve@mitre.org", - "published": "2023-09-05T22:15:09.337", - "lastModified": "2023-09-08T16:51:07.547", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Super Store Finder v3.6 was discovered to contain multiple SQL injection vulnerabilities in the store locator component via the products, distance, lat, and lng parameters." - }, - { - "lang": "es", - "value": "Se descubrió que Super Store Finder v3.6 contiene múltiples vulnerabilidades de inyección SQL en el componente \"store locator\" a través de los parámetros \"products\", \"distance\", \"lat\" y \"lng\". " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL" - }, - "exploitabilityScore": 3.9, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-89" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:superstorefinder:super_store_finder:3.6:*:*:*:*:*:*:*", - "matchCriteriaId": "B3659EC9-95BF-4471-AA61-DEFB5B2E8D4F" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/github.com\/redblueteam\/CVE-2023-41507\/", - "source": "cve@mitre.org", - "tags": [ - "Exploit", - "Release Notes", - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/superstorefinder.net\/support\/forums\/topic\/super-store-finder-patch-notes\/", - "source": "cve@mitre.org", - "tags": [ - "Release Notes" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-4761", - "sourceIdentifier": "chrome-cve-admin@google.com", - "published": "2023-09-05T22:15:09.583", - "lastModified": "2024-01-31T17:15:16.553", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Out of bounds memory access in FedCM in Google Chrome prior to 116.0.5845.179 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)" - }, - { - "lang": "es", - "value": "El acceso a memoria fuera de los límites en FedCM en Google Chrome anterior a 116.0.5845.179 permitió a un atacante remoto que había comprometido el proceso de renderizado realizar una lectura de memoria fuera de los límites a través de una página HTML manipulada. (Severidad de seguridad de Chrome: alta)" - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:N\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "HIGH", - "baseScore": 8.1, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.8, - "impactScore": 5.2 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-125" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", - "versionEndExcluding": "116.0.5845.179", - "matchCriteriaId": "8DA933DC-9C49-43BA-B462-A3DBFF8387F2" - } - ] - } - ] - }, - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", - "matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*", - "matchCriteriaId": "46D69DCC-AE4D-4EA5-861C-D60951444C6C" - } - ] - } - ] - }, - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", - "matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*", - "matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*", - "matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/chromereleases.googleblog.com\/2023\/09\/stable-channel-update-for-desktop.html", - "source": "chrome-cve-admin@google.com", - "tags": [ - "Release Notes", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/crbug.com\/1476403", - "source": "chrome-cve-admin@google.com", - "tags": [ - "Permissions Required" - ] - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/27NR3KG553CG6LGPMP6SHWEVHTYPL6RC\/", - "source": "chrome-cve-admin@google.com", - "tags": [ - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/6T655QF7CQ3DYAMPFV7IECQYGDEUIVVT\/", - "source": "chrome-cve-admin@google.com", - "tags": [ - "Mailing List", - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/KUQ7CTX3W372X3UY56VVNAHCH6H2F4X3\/", - "source": "chrome-cve-admin@google.com", - "tags": [ - "Mailing List", - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/security.gentoo.org\/glsa\/202311-11", - "source": "chrome-cve-admin@google.com" - }, - { - "url": "https:\/\/security.gentoo.org\/glsa\/202312-07", - "source": "chrome-cve-admin@google.com" - }, - { - "url": "https:\/\/security.gentoo.org\/glsa\/202401-34", - "source": "chrome-cve-admin@google.com" - }, - { - "url": "https:\/\/www.debian.org\/security\/2023\/dsa-5491", - "source": "chrome-cve-admin@google.com", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-4762", - "sourceIdentifier": "chrome-cve-admin@google.com", - "published": "2023-09-05T22:15:09.677", - "lastModified": "2024-06-10T16:13:42.487", - "vulnStatus": "Analyzed", - "cveTags": [], - "cisaExploitAdd": "2024-02-06", - "cisaActionDue": "2024-02-27", - "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", - "cisaVulnerabilityName": "Google Chromium V8 Type Confusion Vulnerability", - "descriptions": [ - { - "lang": "en", - "value": "Type Confusion in V8 in Google Chrome prior to 116.0.5845.179 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)" - }, - { - "lang": "es", - "value": "Type Confusion en V8 en Google Chrome anterior a 116.0.5845.179 permitía a un atacante remoto ejecutar código arbitrario a través de una página HTML manipulada. (Severidad de seguridad de Chrome: alta)" - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-843" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", - "versionEndExcluding": "116.0.5845.179", - "matchCriteriaId": "8DA933DC-9C49-43BA-B462-A3DBFF8387F2" - } - ] - } - ] - }, - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", - "matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*", - "matchCriteriaId": "46D69DCC-AE4D-4EA5-861C-D60951444C6C" - } - ] - } - ] - }, - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", - "matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*", - "matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*", - "matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646" - } - ] - } - ] - }, - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:*:*:*:*", - "versionEndExcluding": "116.0.1938.76", - "matchCriteriaId": "3C80A8FC-1E9C-4133-9CF9-F2344DC21939" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/chromereleases.googleblog.com\/2023\/09\/stable-channel-update-for-desktop.html", - "source": "chrome-cve-admin@google.com", - "tags": [ - "Release Notes", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/crbug.com\/1473247", - "source": "chrome-cve-admin@google.com", - "tags": [ - "Permissions Required" - ] - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/27NR3KG553CG6LGPMP6SHWEVHTYPL6RC\/", - "source": "chrome-cve-admin@google.com", - "tags": [ - "Mailing List", - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/6T655QF7CQ3DYAMPFV7IECQYGDEUIVVT\/", - "source": "chrome-cve-admin@google.com", - "tags": [ - "Mailing List", - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/KUQ7CTX3W372X3UY56VVNAHCH6H2F4X3\/", - "source": "chrome-cve-admin@google.com", - "tags": [ - "Mailing List", - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-4762", - "source": "chrome-cve-admin@google.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/security.gentoo.org\/glsa\/202311-11", - "source": "chrome-cve-admin@google.com", - "tags": [ - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/security.gentoo.org\/glsa\/202312-07", - "source": "chrome-cve-admin@google.com", - "tags": [ - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/security.gentoo.org\/glsa\/202401-34", - "source": "chrome-cve-admin@google.com", - "tags": [ - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/www.debian.org\/security\/2023\/dsa-5491", - "source": "chrome-cve-admin@google.com", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-4763", - "sourceIdentifier": "chrome-cve-admin@google.com", - "published": "2023-09-05T22:15:09.777", - "lastModified": "2024-01-31T17:15:16.743", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Use after free in Networks in Google Chrome prior to 116.0.5845.179 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)" - }, - { - "lang": "es", - "value": "El uso gratuito en redes en Google Chrome anterior a 116.0.5845.179 permitía a un atacante remoto explotar potencialmente la corrupción de la memoria a través de una página HTML manipulada. (Severidad de seguridad de Chrome: Alta)" - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-416" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", - "versionEndExcluding": "116.0.5845.179", - "matchCriteriaId": "8DA933DC-9C49-43BA-B462-A3DBFF8387F2" - } - ] - } - ] - }, - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", - "matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*", - "matchCriteriaId": "46D69DCC-AE4D-4EA5-861C-D60951444C6C" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/chromereleases.googleblog.com\/2023\/09\/stable-channel-update-for-desktop.html", - "source": "chrome-cve-admin@google.com", - "tags": [ - "Release Notes", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/crbug.com\/1469928", - "source": "chrome-cve-admin@google.com", - "tags": [ - "Permissions Required" - ] - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/27NR3KG553CG6LGPMP6SHWEVHTYPL6RC\/", - "source": "chrome-cve-admin@google.com" - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/6T655QF7CQ3DYAMPFV7IECQYGDEUIVVT\/", - "source": "chrome-cve-admin@google.com" - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/KUQ7CTX3W372X3UY56VVNAHCH6H2F4X3\/", - "source": "chrome-cve-admin@google.com" - }, - { - "url": "https:\/\/security.gentoo.org\/glsa\/202311-11", - "source": "chrome-cve-admin@google.com" - }, - { - "url": "https:\/\/security.gentoo.org\/glsa\/202312-07", - "source": "chrome-cve-admin@google.com" - }, - { - "url": "https:\/\/security.gentoo.org\/glsa\/202401-34", - "source": "chrome-cve-admin@google.com" - }, - { - "url": "https:\/\/www.debian.org\/security\/2023\/dsa-5491", - "source": "chrome-cve-admin@google.com", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-4764", - "sourceIdentifier": "chrome-cve-admin@google.com", - "published": "2023-09-05T22:15:09.883", - "lastModified": "2024-01-31T17:15:16.827", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Incorrect security UI in BFCache in Google Chrome prior to 116.0.5845.179 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: High)" - }, - { - "lang": "es", - "value": "La interfaz de usuario de seguridad incorrecta en BFCache en Google Chrome anterior a 116.0.5845.179 permitió a un atacante remoto falsificar el contenido del Omnibox (barra de URL) a través de una página HTML manipulada. (Severidad de seguridad de Chrome: alta)" - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:U\/C:N\/I:H\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "HIGH", - "availabilityImpact": "NONE", - "baseScore": 6.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "NVD-CWE-noinfo" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", - "versionEndExcluding": "116.0.5845.179", - "matchCriteriaId": "8DA933DC-9C49-43BA-B462-A3DBFF8387F2" - } - ] - } - ] - }, - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", - "matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*", - "matchCriteriaId": "46D69DCC-AE4D-4EA5-861C-D60951444C6C" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/chromereleases.googleblog.com\/2023\/09\/stable-channel-update-for-desktop.html", - "source": "chrome-cve-admin@google.com", - "tags": [ - "Release Notes", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/crbug.com\/1447237", - "source": "chrome-cve-admin@google.com", - "tags": [ - "Permissions Required" - ] - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/27NR3KG553CG6LGPMP6SHWEVHTYPL6RC\/", - "source": "chrome-cve-admin@google.com" - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/6T655QF7CQ3DYAMPFV7IECQYGDEUIVVT\/", - "source": "chrome-cve-admin@google.com" - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/KUQ7CTX3W372X3UY56VVNAHCH6H2F4X3\/", - "source": "chrome-cve-admin@google.com" - }, - { - "url": "https:\/\/security.gentoo.org\/glsa\/202311-11", - "source": "chrome-cve-admin@google.com" - }, - { - "url": "https:\/\/security.gentoo.org\/glsa\/202312-07", - "source": "chrome-cve-admin@google.com" - }, - { - "url": "https:\/\/security.gentoo.org\/glsa\/202401-34", - "source": "chrome-cve-admin@google.com" - }, - { - "url": "https:\/\/www.debian.org\/security\/2023\/dsa-5491", - "source": "chrome-cve-admin@google.com", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-4487", - "sourceIdentifier": "ics-cert@hq.dhs.gov", - "published": "2023-09-05T23:15:08.177", - "lastModified": "2023-09-09T03:52:35.157", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "\nGE CIMPLICITY 2023 is by a process control vulnerability, which could allow a local attacker to insert malicious configuration files in the expected web server execution path to escalate privileges and gain full control of the HMI software.\n\n" - }, - { - "lang": "es", - "value": "GE CIMPLICITY 2023 contiene una vulnerabilidad de control de procesos, que podría permitir a un atacante local insertar archivos de configuración maliciosos en la ruta de ejecución esperada del servidor web para escalar privilegios y obtener el control total del software HMI. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - }, - { - "source": "ics-cert@hq.dhs.gov", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "ics-cert@hq.dhs.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-114" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:ge:cimplicity:2023:-:*:*:*:*:*:*", - "matchCriteriaId": "37C6BB3C-2412-484D-9B4B-7E10E53EC092" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/digitalsupport.ge.com\/s\/article\/GE-Digital-CIMPLICITY-Privilege-Escalation-Vulnerability", - "source": "ics-cert@hq.dhs.gov", - "tags": [ - "Permissions Required" - ] - }, - { - "url": "https:\/\/www.cisa.gov\/news-events\/ics-advisories\/icsa-23-243-02", - "source": "ics-cert@hq.dhs.gov", - "tags": [ - "Third Party Advisory", - "US Government Resource" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-4485", - "sourceIdentifier": "ics-cert@hq.dhs.gov", - "published": "2023-09-06T00:15:07.530", - "lastModified": "2023-11-07T04:22:39.683", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "ARDEREG ​Sistema SCADA Central versions 2.203 and prior\nlogin page are vulnerable to an unauthenticated blind SQL injection attack. An attacker could manipulate the application's SQL query logic to extract sensitive information or perform unauthorized actions within the database. In this case, the vulnerability could allow an attacker to execute arbitrary SQL queries through the login page, potentially leading to unauthorized access, data leakage, or even disruption of critical industrial processes.\n\n" - }, - { - "lang": "es", - "value": "ARDEREG ?Sistema SCADA Central versiones 2.203 y anteriores, la página de inicio de sesión son vulnerables a un ataque de inyección blind SQL no autenticada. Un atacante podría manipular la lógica de consulta SQL de la aplicación para extraer información confidencial o realizar acciones no autorizadas dentro de la base de datos. En este caso, la vulnerabilidad podría permitir a un atacante ejecutar consultas SQL arbitrarias a través de la página de inicio de sesión, lo que podría provocar acceso no autorizado, fuga de datos o incluso interrupción de procesos industriales críticos.\n" - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL" - }, - "exploitabilityScore": 3.9, - "impactScore": 5.9 - }, - { - "source": "ics-cert@hq.dhs.gov", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL" - }, - "exploitabilityScore": 3.9, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-89" - } - ] - }, - { - "source": "ics-cert@hq.dhs.gov", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-89" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:ardereg:sistemas_scada:*:*:*:*:*:*:*:*", - "versionEndIncluding": "2.203", - "matchCriteriaId": "C51DD5B5-A3FA-482B-819F-100F193CEB96" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.cisa.gov\/news-events\/ics-advisories\/icsa-23-243-01", - "source": "ics-cert@hq.dhs.gov", - "tags": [ - "Third Party Advisory", - "US Government Resource" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2022-32920", - "sourceIdentifier": "product-security@apple.com", - "published": "2023-09-06T02:15:07.873", - "lastModified": "2023-09-08T23:43:36.210", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "The issue was addressed with improved checks. This issue is fixed in Xcode 14.0. Parsing a file may lead to disclosure of user information." - }, - { - "lang": "es", - "value": "El problema se solucionó con comprobaciones mejoradas. Este problema se ha solucionado en Xcode 14.0. El análisis de un archivo puede dar lugar a la divulgación de información del usuario. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 5.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.8, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "NVD-CWE-noinfo" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:xcode:*:*:*:*:*:*:*:*", - "versionEndExcluding": "14.0", - "matchCriteriaId": "F3042710-8EF1-419A-A75F-DC52C3803369" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/support.apple.com\/en-us\/HT213883", - "source": "product-security@apple.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-27950", - "sourceIdentifier": "product-security@apple.com", - "published": "2023-09-06T02:15:08.280", - "lastModified": "2023-09-08T15:48:43.720", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3. Processing an image may result in disclosure of process memory." - }, - { - "lang": "es", - "value": "Se solucionó una lectura fuera de límites con una validación de entrada mejorada. Este problema se solucionó en macOS Ventura 13.3. El procesamiento de una imagen puede resultar en la divulgación de la memoria del proceso." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 5.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.8, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-125" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", - "versionStartIncluding": "13.0", - "versionEndExcluding": "13.3", - "matchCriteriaId": "A6D636F7-278A-491B-8960-91A4D5A86A96" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/support.apple.com\/en-us\/HT213670", - "source": "product-security@apple.com", - "tags": [ - "Release Notes", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/support.apple.com\/kb\/HT213670", - "source": "product-security@apple.com", - "tags": [ - "Release Notes", - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-28187", - "sourceIdentifier": "product-security@apple.com", - "published": "2023-09-06T02:15:08.340", - "lastModified": "2023-09-08T15:51:19.097", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3. A user may be able to cause a denial-of-service." - }, - { - "lang": "es", - "value": "Este problema se solucionó con una gestión de estados mejorada. Este problema se ha solucionado en macOS Ventura 13.3. Un usuario puede provocar una denegación de servicio. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:N\/I:N\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "availabilityImpact": "HIGH", - "baseScore": 6.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "NVD-CWE-noinfo" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", - "versionStartIncluding": "13.0", - "versionEndExcluding": "13.3", - "matchCriteriaId": "A6D636F7-278A-491B-8960-91A4D5A86A96" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/support.apple.com\/en-us\/HT213670", - "source": "product-security@apple.com", - "tags": [ - "Release Notes", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/support.apple.com\/kb\/HT213670", - "source": "product-security@apple.com", - "tags": [ - "Release Notes", - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-28188", - "sourceIdentifier": "product-security@apple.com", - "published": "2023-09-06T02:15:08.393", - "lastModified": "2023-09-08T15:51:29.287", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "A denial-of-service issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3. A remote user may be able to cause a denial-of-service." - }, - { - "lang": "es", - "value": "Se solucionó un problema de denegación de servicio con una validación de entrada mejorada. Este problema se solucionó en macOS Ventura 13.3. Un usuario remoto puede provocar una denegación de servicio." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:N\/I:N\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "availabilityImpact": "HIGH", - "baseScore": 6.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-400" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", - "versionStartIncluding": "13.0", - "versionEndExcluding": "13.3", - "matchCriteriaId": "A6D636F7-278A-491B-8960-91A4D5A86A96" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/support.apple.com\/en-us\/HT213670", - "source": "product-security@apple.com", - "tags": [ - "Release Notes", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/support.apple.com\/kb\/HT213670", - "source": "product-security@apple.com", - "tags": [ - "Release Notes", - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-28195", - "sourceIdentifier": "product-security@apple.com", - "published": "2023-09-06T02:15:08.447", - "lastModified": "2023-09-08T15:43:22.570", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.3. An app may be able to read sensitive location information." - }, - { - "lang": "es", - "value": "Se ha solucionado un problema de privacidad con la mejora de la redacción de datos privados para las entradas de registro. Este problema se ha solucionado en macOS Ventura 13.3. Es posible que una aplicación pueda leer información de una ubicación confidencial. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:L\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 3.3, - "baseSeverity": "LOW" - }, - "exploitabilityScore": 1.8, - "impactScore": 1.4 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "NVD-CWE-noinfo" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", - "versionStartIncluding": "13.0", - "versionEndExcluding": "13.3", - "matchCriteriaId": "A6D636F7-278A-491B-8960-91A4D5A86A96" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/support.apple.com\/en-us\/HT213670", - "source": "product-security@apple.com", - "tags": [ - "Release Notes", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/support.apple.com\/kb\/HT213670", - "source": "product-security@apple.com", - "tags": [ - "Release Notes", - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-28208", - "sourceIdentifier": "product-security@apple.com", - "published": "2023-09-06T02:15:08.497", - "lastModified": "2023-09-09T03:43:56.090", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. A user may send a text from a secondary eSIM despite configuring a contact to use a primary eSIM." - }, - { - "lang": "es", - "value": "Se abordó una cuestión lógica con una mejor gestión del estado. Este problema se solucionó en macOS Ventura 13.2, iOS 16.3 y iPadOS 16.3.Un usuario puede enviar un mensaje de texto desde una eSIM secundaria a pesar de configurar un contacto para usar una eSIM principal." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:N\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 4.3, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 1.4 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "NVD-CWE-noinfo" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:apple:ipad_os:*:*:*:*:*:*:*:*", - "versionEndExcluding": "16.3", - "matchCriteriaId": "638F1298-360D-47B5-B3CC-A83E92F967C9" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", - "versionEndExcluding": "16.3", - "matchCriteriaId": "3710A47F-64BC-443A-8E80-F8116A01BD5B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", - "versionStartIncluding": "13.0", - "versionEndExcluding": "13.2", - "matchCriteriaId": "9CEC72CB-1F5B-4BF5-80F0-357E27855D2A" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/support.apple.com\/en-us\/HT213605", - "source": "product-security@apple.com", - "tags": [ - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/support.apple.com\/en-us\/HT213606", - "source": "product-security@apple.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-28209", - "sourceIdentifier": "product-security@apple.com", - "published": "2023-09-06T02:15:08.550", - "lastModified": "2023-09-09T03:44:12.380", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory." - }, - { - "lang": "es", - "value": "Se ha solucionado un problema de desbordamiento del búfer con una gestión mejorada de la memoria. Este problema se ha solucionado en macOS Ventura 13.3. Una aplicación puede provocar la finalización inesperada del sistema o escribir en la memoria del kernel. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-120" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", - "versionStartIncluding": "13.0", - "versionEndExcluding": "13.3", - "matchCriteriaId": "A6D636F7-278A-491B-8960-91A4D5A86A96" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/support.apple.com\/en-us\/HT213670", - "source": "product-security@apple.com", - "tags": [ - "Release Notes", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/support.apple.com\/kb\/HT213670", - "source": "product-security@apple.com", - "tags": [ - "Release Notes", - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-28210", - "sourceIdentifier": "product-security@apple.com", - "published": "2023-09-06T02:15:08.600", - "lastModified": "2023-09-08T15:43:35.903", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory." - }, - { - "lang": "es", - "value": "Se ha solucionado un problema de desbordamiento del búfer con una gestión mejorada de la memoria. Este problema se ha solucionado en macOS Ventura 13.3. Una aplicación puede provocar la finalización inesperada del sistema o escribir en la memoria del kernel." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-120" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", - "versionStartIncluding": "13.0", - "versionEndExcluding": "13.3", - "matchCriteriaId": "A6D636F7-278A-491B-8960-91A4D5A86A96" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/support.apple.com\/en-us\/HT213670", - "source": "product-security@apple.com", - "tags": [ - "Release Notes", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/support.apple.com\/kb\/HT213670", - "source": "product-security@apple.com", - "tags": [ - "Release Notes", - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-28211", - "sourceIdentifier": "product-security@apple.com", - "published": "2023-09-06T02:15:08.653", - "lastModified": "2023-09-08T15:43:43.790", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory." - }, - { - "lang": "es", - "value": "Se ha solucionado un problema de desbordamiento del búfer con una gestión mejorada de la memoria. Este problema se ha solucionado en macOS Ventura 13.3. Una aplicación puede provocar la finalización inesperada del sistema o escribir en la memoria del kernel. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-120" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", - "versionStartIncluding": "13.0", - "versionEndExcluding": "13.3", - "matchCriteriaId": "A6D636F7-278A-491B-8960-91A4D5A86A96" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/support.apple.com\/en-us\/HT213670", - "source": "product-security@apple.com", - "tags": [ - "Release Notes", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/support.apple.com\/kb\/HT213670", - "source": "product-security@apple.com", - "tags": [ - "Release Notes", - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-28212", - "sourceIdentifier": "product-security@apple.com", - "published": "2023-09-06T02:15:08.703", - "lastModified": "2023-09-08T15:43:54.463", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory." - }, - { - "lang": "es", - "value": "Se ha solucionado un problema de desbordamiento del búfer con una gestión mejorada de la memoria. Este problema se ha solucionado en macOS Ventura 13.3. Una aplicación puede provocar la finalización inesperada del sistema o escribir en la memoria del kernel." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-120" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", - "versionStartIncluding": "13.0", - "versionEndExcluding": "13.3", - "matchCriteriaId": "A6D636F7-278A-491B-8960-91A4D5A86A96" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/support.apple.com\/en-us\/HT213670", - "source": "product-security@apple.com", - "tags": [ - "Release Notes", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/support.apple.com\/kb\/HT213670", - "source": "product-security@apple.com", - "tags": [ - "Release Notes", - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-28213", - "sourceIdentifier": "product-security@apple.com", - "published": "2023-09-06T02:15:08.757", - "lastModified": "2023-09-08T15:44:03.280", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory." - }, - { - "lang": "es", - "value": "Se ha solucionado un problema de desbordamiento del búfer con una gestión mejorada de la memoria. Este problema se ha solucionado en macOS Ventura 13.3. Una aplicación puede provocar la finalización inesperada del sistema o escribir en la memoria del kernel." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-120" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", - "versionStartIncluding": "13.0", - "versionEndExcluding": "13.3", - "matchCriteriaId": "A6D636F7-278A-491B-8960-91A4D5A86A96" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/support.apple.com\/en-us\/HT213670", - "source": "product-security@apple.com", - "tags": [ - "Release Notes", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/support.apple.com\/kb\/HT213670", - "source": "product-security@apple.com", - "tags": [ - "Release Notes", - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-28214", - "sourceIdentifier": "product-security@apple.com", - "published": "2023-09-06T02:15:08.807", - "lastModified": "2023-09-08T15:44:10.947", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory." - }, - { - "lang": "es", - "value": "Se ha solucionado un problema de desbordamiento del búfer con una gestión mejorada de la memoria. Este problema se ha solucionado en macOS Ventura 13.3. Una aplicación puede provocar la finalización inesperada del sistema o escribir en la memoria del kernel. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-120" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", - "versionStartIncluding": "13.0", - "versionEndExcluding": "13.3", - "matchCriteriaId": "A6D636F7-278A-491B-8960-91A4D5A86A96" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/support.apple.com\/en-us\/HT213670", - "source": "product-security@apple.com", - "tags": [ - "Release Notes", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/support.apple.com\/kb\/HT213670", - "source": "product-security@apple.com", - "tags": [ - "Release Notes", - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-28215", - "sourceIdentifier": "product-security@apple.com", - "published": "2023-09-06T02:15:08.857", - "lastModified": "2023-09-08T15:44:21.330", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory." - }, - { - "lang": "es", - "value": "Se ha solucionado un problema de desbordamiento del búfer con una gestión mejorada de la memoria. Este problema se ha solucionado en macOS Ventura 13.3. Una aplicación puede provocar la finalización inesperada del sistema o escribir en la memoria del kernel." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-120" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", - "versionStartIncluding": "13.0", - "versionEndExcluding": "13.3", - "matchCriteriaId": "A6D636F7-278A-491B-8960-91A4D5A86A96" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/support.apple.com\/en-us\/HT213670", - "source": "product-security@apple.com", - "tags": [ - "Release Notes", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/support.apple.com\/kb\/HT213670", - "source": "product-security@apple.com", - "tags": [ - "Release Notes", - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-29166", - "sourceIdentifier": "product-security@apple.com", - "published": "2023-09-06T02:15:08.910", - "lastModified": "2023-09-08T15:44:32.397", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "A logic issue was addressed with improved state management. This issue is fixed in Pro Video Formats 2.2.5. A user may be able to elevate privileges." - }, - { - "lang": "es", - "value": "Se ha solucionado un problema lógico con una gestión de estados mejorada. Este problema se ha solucionado en Pro Video Formats 2.2.5. Un usuario puede ser capaz de elevar privilegios. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "NVD-CWE-noinfo" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:pro_video_formats:*:*:*:*:*:*:*:*", - "versionEndExcluding": "2.2.5", - "matchCriteriaId": "9B349DFB-B15D-45D6-A443-861C2E308F47" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/support.apple.com\/en-us\/HT213882", - "source": "product-security@apple.com", - "tags": [ - "Release Notes", - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-32356", - "sourceIdentifier": "product-security@apple.com", - "published": "2023-09-06T02:15:08.967", - "lastModified": "2023-09-08T15:52:10.390", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory." - }, - { - "lang": "es", - "value": "Se ha solucionado un problema de desbordamiento del búfer con una gestión mejorada de la memoria. Este problema se ha solucionado en macOS Ventura 13.3. Una aplicación puede provocar la finalización inesperada del sistema o escribir en la memoria del kernel." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-120" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", - "versionStartIncluding": "13.0", - "versionEndExcluding": "13.3", - "matchCriteriaId": "A6D636F7-278A-491B-8960-91A4D5A86A96" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/support.apple.com\/en-us\/HT213670", - "source": "product-security@apple.com", - "tags": [ - "Release Notes", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/support.apple.com\/kb\/HT213670", - "source": "product-security@apple.com", - "tags": [ - "Release Notes", - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-32362", - "sourceIdentifier": "product-security@apple.com", - "published": "2023-09-06T02:15:09.017", - "lastModified": "2023-09-08T15:51:50.657", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Error handling was changed to not reveal sensitive information. This issue is fixed in macOS Ventura 13.3. A website may be able to track sensitive user information." - }, - { - "lang": "es", - "value": "Se ha modificado la gestión de errores para no revelar información sensible. Este problema se ha solucionado en macOS Ventura 13.3. Un sitio web puede ser capaz de rastrear información sensible del usuario. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:N\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 6.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "NVD-CWE-noinfo" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", - "versionStartIncluding": "13.0", - "versionEndExcluding": "13.3", - "matchCriteriaId": "A6D636F7-278A-491B-8960-91A4D5A86A96" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/support.apple.com\/en-us\/HT213670", - "source": "product-security@apple.com", - "tags": [ - "Release Notes", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/support.apple.com\/kb\/HT213670", - "source": "product-security@apple.com", - "tags": [ - "Release Notes", - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-32370", - "sourceIdentifier": "product-security@apple.com", - "published": "2023-09-06T02:15:09.070", - "lastModified": "2024-01-05T14:15:46.447", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "A logic issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.3. Content Security Policy to block domains with wildcards may fail." - }, - { - "lang": "es", - "value": "Se abordó un problema de lógica con una comprobación mejorada. Este problema es corregido en macOS Ventura 13.3. La política de seguridad de contenido para bloquear dominios con wildcards podría fallar." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:N\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 5.3, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 3.9, - "impactScore": 1.4 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "NVD-CWE-noinfo" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", - "versionStartIncluding": "13.0", - "versionEndExcluding": "13.3", - "matchCriteriaId": "A6D636F7-278A-491B-8960-91A4D5A86A96" - } - ] - } - ] - }, - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:webkitgtk:webkitgtk:*:*:*:*:*:*:*:*", - "versionEndExcluding": "2.40.1", - "matchCriteriaId": "A007F029-38D8-4D0D-8DF2-A2F6CB9ADE60" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:wpewebkit:wpe_webkit:*:*:*:*:*:*:*:*", - "versionEndExcluding": "2.40.1", - "matchCriteriaId": "8C1E75F9-1855-4668-8E78-2A6F0F4FCBA1" - } - ] - } - ] - } - ], - "references": [ - { - "url": "http:\/\/www.openwall.com\/lists\/oss-security\/2023\/09\/11\/1", - "source": "product-security@apple.com", - "tags": [ - "Mailing List", - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/security.gentoo.org\/glsa\/202401-04", - "source": "product-security@apple.com" - }, - { - "url": "https:\/\/support.apple.com\/en-us\/HT213670", - "source": "product-security@apple.com", - "tags": [ - "Release Notes", - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-32379", - "sourceIdentifier": "product-security@apple.com", - "published": "2023-09-06T02:15:09.120", - "lastModified": "2023-09-08T15:29:33.913", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.4. An app may be able to execute arbitrary code with kernel privileges." - }, - { - "lang": "es", - "value": "Se ha solucionado un problema de desbordamiento del búfer con una gestión mejorada de la memoria. Este problema se ha corregido en macOS Ventura 13.4. Una aplicación podría ejecutar código arbitrario con privilegios de kernel. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-120" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", - "versionStartIncluding": "13.0", - "versionEndExcluding": "13.4", - "matchCriteriaId": "DA07361B-D827-471F-9443-4BE4265D6A3B" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/support.apple.com\/en-us\/HT213758", - "source": "product-security@apple.com", - "tags": [ - "Release Notes", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/support.apple.com\/kb\/HT213758", - "source": "product-security@apple.com", - "tags": [ - "Release Notes", - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-32425", - "sourceIdentifier": "product-security@apple.com", - "published": "2023-09-06T02:15:09.177", - "lastModified": "2023-09-09T03:44:20.687", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "The issue was addressed with improved memory handling. This issue is fixed in iOS 16.5 and iPadOS 16.5, watchOS 9.5. An app may be able to gain elevated privileges." - }, - { - "lang": "es", - "value": "El problema se solucionó mejorando el manejo de la memoria. Este problema se solucionó en iOS 16.5 y iPadOS 16.5, watchOS 9.5. Es posible que una aplicación pueda obtener privilegios elevados." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "NVD-CWE-noinfo" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:apple:ipad_os:*:*:*:*:*:*:*:*", - "versionEndExcluding": "16.5", - "matchCriteriaId": "6592C7B1-91F3-43B4-9F09-E52898897A00" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", - "versionEndExcluding": "16.5", - "matchCriteriaId": "CFA59B02-43A5-4865-8560-AA32D69E5C5E" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", - "versionEndExcluding": "9.5", - "matchCriteriaId": "BE5DB973-7B51-4232-8E1D-231078FE275C" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/support.apple.com\/en-us\/HT213757", - "source": "product-security@apple.com", - "tags": [ - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/support.apple.com\/en-us\/HT213764", - "source": "product-security@apple.com", - "tags": [ - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/support.apple.com\/kb\/HT213757", - "source": "product-security@apple.com", - "tags": [ - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/support.apple.com\/kb\/HT213764", - "source": "product-security@apple.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-32426", - "sourceIdentifier": "product-security@apple.com", - "published": "2023-09-06T02:15:09.223", - "lastModified": "2023-09-09T03:44:31.770", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3. An app may be able to gain root privileges." - }, - { - "lang": "es", - "value": "Se ha solucionado un problema lógico con comprobaciones mejoradas. Este problema se ha solucionado en macOS Ventura 13.3. Una aplicación puede obtener privilegios de root. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "NVD-CWE-noinfo" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", - "versionStartIncluding": "13.0", - "versionEndExcluding": "13.3", - "matchCriteriaId": "A6D636F7-278A-491B-8960-91A4D5A86A96" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/support.apple.com\/en-us\/HT213670", - "source": "product-security@apple.com", - "tags": [ - "Release Notes", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/support.apple.com\/kb\/HT213670", - "source": "product-security@apple.com", - "tags": [ - "Release Notes", - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-32428", - "sourceIdentifier": "product-security@apple.com", - "published": "2023-09-06T02:15:09.270", - "lastModified": "2023-09-09T03:44:52.570", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "This issue was addressed with improved file handling. This issue is fixed in macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, watchOS 9.5. An app may be able to gain root privileges." - }, - { - "lang": "es", - "value": "Este problema se solucionó con un mejor manejo de archivos. Este problema se ha solucionado en macOS Ventura 13.4, tvOS 16.5, iOS 16.5, iPadOS 16.5 y watchOS 9.5. Una aplicación puede obtener privilegios de root. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "NVD-CWE-noinfo" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:apple:ipad_os:*:*:*:*:*:*:*:*", - "versionEndExcluding": "16.5", - "matchCriteriaId": "6592C7B1-91F3-43B4-9F09-E52898897A00" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", - "versionEndExcluding": "16.5", - "matchCriteriaId": "CFA59B02-43A5-4865-8560-AA32D69E5C5E" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", - "versionStartIncluding": "13.0", - "versionEndExcluding": "13.4", - "matchCriteriaId": "DA07361B-D827-471F-9443-4BE4265D6A3B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", - "versionEndExcluding": "16.5", - "matchCriteriaId": "D36613A6-BD83-4A57-8EE1-C186EB69DFF9" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", - "versionEndExcluding": "9.5", - "matchCriteriaId": "BE5DB973-7B51-4232-8E1D-231078FE275C" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/support.apple.com\/en-us\/HT213757", - "source": "product-security@apple.com", - "tags": [ - "Release Notes", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/support.apple.com\/en-us\/HT213758", - "source": "product-security@apple.com", - "tags": [ - "Release Notes", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/support.apple.com\/en-us\/HT213761", - "source": "product-security@apple.com", - "tags": [ - "Release Notes", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/support.apple.com\/en-us\/HT213764", - "source": "product-security@apple.com", - "tags": [ - "Release Notes", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/support.apple.com\/kb\/HT213757", - "source": "product-security@apple.com", - "tags": [ - "Release Notes", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/support.apple.com\/kb\/HT213758", - "source": "product-security@apple.com", - "tags": [ - "Release Notes", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/support.apple.com\/kb\/HT213761", - "source": "product-security@apple.com", - "tags": [ - "Release Notes", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/support.apple.com\/kb\/HT213764", - "source": "product-security@apple.com", - "tags": [ - "Release Notes", - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-32432", - "sourceIdentifier": "product-security@apple.com", - "published": "2023-09-06T02:15:09.327", - "lastModified": "2023-09-09T03:46:24.593", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, watchOS 9.5. An app may be able to access user-sensitive data." - }, - { - "lang": "es", - "value": "Se solucionó un problema de privacidad mejorando el manejo de archivos temporales. Este problema se solucionó en macOS Ventura 13.4, tvOS 16.5, iOS 16.5 y iPadOS 16.5, watchOS 9.5. Es posible que una aplicación pueda acceder a datos confidenciales del usuario." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 5.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.8, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "NVD-CWE-noinfo" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:apple:ipad_os:*:*:*:*:*:*:*:*", - "versionEndExcluding": "16.5", - "matchCriteriaId": "6592C7B1-91F3-43B4-9F09-E52898897A00" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", - "versionEndExcluding": "16.5", - "matchCriteriaId": "CFA59B02-43A5-4865-8560-AA32D69E5C5E" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", - "versionStartIncluding": "13.0", - "versionEndExcluding": "13.4", - "matchCriteriaId": "DA07361B-D827-471F-9443-4BE4265D6A3B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", - "versionEndExcluding": "16.5", - "matchCriteriaId": "D36613A6-BD83-4A57-8EE1-C186EB69DFF9" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", - "versionEndExcluding": "9.5", - "matchCriteriaId": "BE5DB973-7B51-4232-8E1D-231078FE275C" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/support.apple.com\/en-us\/HT213757", - "source": "product-security@apple.com", - "tags": [ - "Release Notes", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/support.apple.com\/en-us\/HT213758", - "source": "product-security@apple.com", - "tags": [ - "Release Notes", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/support.apple.com\/en-us\/HT213761", - "source": "product-security@apple.com", - "tags": [ - "Release Notes", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/support.apple.com\/en-us\/HT213764", - "source": "product-security@apple.com", - "tags": [ - "Release Notes", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/support.apple.com\/kb\/HT213757", - "source": "product-security@apple.com", - "tags": [ - "Release Notes", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/support.apple.com\/kb\/HT213758", - "source": "product-security@apple.com", - "tags": [ - "Release Notes", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/support.apple.com\/kb\/HT213761", - "source": "product-security@apple.com", - "tags": [ - "Release Notes", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/support.apple.com\/kb\/HT213764", - "source": "product-security@apple.com", - "tags": [ - "Release Notes", - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-32438", - "sourceIdentifier": "product-security@apple.com", - "published": "2023-09-06T02:15:09.383", - "lastModified": "2023-09-09T03:46:46.527", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "This issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in tvOS 16.3, macOS Ventura 13.2, watchOS 9.3, iOS 16.3 and iPadOS 16.3. An app may be able to bypass Privacy preferences." - }, - { - "lang": "es", - "value": "Este problema ha sido abordado con comprobaciones mejoradas para evitar acciones no autorizadas. Este problema es corregido en tvOS 16.3, macOS Ventura 13.2, watchOS 9.3, iOS 16.3 y iPadOS 16.3. Es posible que una aplicación pueda saltarse los ajustes de Privacidad." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 5.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.8, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "NVD-CWE-noinfo" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:apple:ipad_os:*:*:*:*:*:*:*:*", - "versionEndExcluding": "16.3", - "matchCriteriaId": "638F1298-360D-47B5-B3CC-A83E92F967C9" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", - "versionEndExcluding": "16.3", - "matchCriteriaId": "3710A47F-64BC-443A-8E80-F8116A01BD5B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", - "versionStartIncluding": "13.0", - "versionEndExcluding": "13.2", - "matchCriteriaId": "9CEC72CB-1F5B-4BF5-80F0-357E27855D2A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", - "versionEndExcluding": "9.3", - "matchCriteriaId": "870BF5F9-6408-4EB6-8821-1881E66B003B" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/support.apple.com\/en-us\/HT213599", - "source": "product-security@apple.com", - "tags": [ - "Release Notes", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/support.apple.com\/en-us\/HT213601", - "source": "product-security@apple.com", - "tags": [ - "Release Notes", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/support.apple.com\/en-us\/HT213605", - "source": "product-security@apple.com", - "tags": [ - "Release Notes", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/support.apple.com\/en-us\/HT213606", - "source": "product-security@apple.com", - "tags": [ - "Release Notes", - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-34352", - "sourceIdentifier": "product-security@apple.com", - "published": "2023-09-06T02:15:09.440", - "lastModified": "2023-09-09T03:47:04.510", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "A permissions issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, watchOS 9.5. An attacker may be able to leak user account emails." - }, - { - "lang": "es", - "value": "Se ha solucionado un problema de permisos con la mejora de la redacción de información sensible. Este problema se ha solucionado en macOS Ventura 13.4, tvOS 16.5, iOS 16.5, iPadOS 16.5 y watchOS 9.5. Un atacante podría filtrar correos electrónicos de cuentas de usuario. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:L\/I:N\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 5.3, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 3.9, - "impactScore": 1.4 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-276" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:apple:ipad_os:*:*:*:*:*:*:*:*", - "versionEndExcluding": "16.5", - "matchCriteriaId": "6592C7B1-91F3-43B4-9F09-E52898897A00" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", - "versionEndExcluding": "16.5", - "matchCriteriaId": "CFA59B02-43A5-4865-8560-AA32D69E5C5E" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", - "versionStartIncluding": "13.0", - "versionEndExcluding": "13.4", - "matchCriteriaId": "DA07361B-D827-471F-9443-4BE4265D6A3B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", - "versionEndExcluding": "16.5", - "matchCriteriaId": "D36613A6-BD83-4A57-8EE1-C186EB69DFF9" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", - "versionEndExcluding": "9.5", - "matchCriteriaId": "BE5DB973-7B51-4232-8E1D-231078FE275C" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/support.apple.com\/en-us\/HT213757", - "source": "product-security@apple.com", - "tags": [ - "Release Notes", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/support.apple.com\/en-us\/HT213758", - "source": "product-security@apple.com", - "tags": [ - "Release Notes", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/support.apple.com\/en-us\/HT213761", - "source": "product-security@apple.com", - "tags": [ - "Release Notes", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/support.apple.com\/en-us\/HT213764", - "source": "product-security@apple.com", - "tags": [ - "Release Notes", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/support.apple.com\/kb\/HT213757", - "source": "product-security@apple.com", - "tags": [ - "Release Notes", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/support.apple.com\/kb\/HT213758", - "source": "product-security@apple.com", - "tags": [ - "Release Notes", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/support.apple.com\/kb\/HT213761", - "source": "product-security@apple.com", - "tags": [ - "Release Notes", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/support.apple.com\/kb\/HT213764", - "source": "product-security@apple.com", - "tags": [ - "Release Notes", - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-4719", - "sourceIdentifier": "security@wordfence.com", - "published": "2023-09-06T02:15:09.500", - "lastModified": "2023-11-07T04:22:53.820", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "The Simple Membership plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the `list_type` parameter in versions up to, and including, 4.3.5 due to insufficient input sanitization and output escaping. Using this vulnerability, unauthenticated attackers could inject arbitrary web scripts into pages that are being executed if they can successfully trick a user into taking an action, such as clicking a malicious link." - }, - { - "lang": "es", - "value": "El plugin Simple Membership para WordPress es vulnerable a Cross-Site Scripting (XSS) reflejado a través del parámetro \"list_type\" en versiones hasta, e incluyendo, la 4.3.5 debido a una insuficiente sanitización de entrada y escape de salida. Utilizando esta vulnerabilidad, los atacantes no autenticados podrían inyectar scripts web arbitrarios en las páginas que se están ejecutando si pueden engañar con éxito a un usuario para que realice una acción, como hacer clic en un enlace malicioso. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 6.1, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 2.7 - }, - { - "source": "security@wordfence.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 7.2, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 3.9, - "impactScore": 2.7 - } - ] - }, - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:simple-membership-plugin:simple_membership:*:*:*:*:*:wordpress:*:*", - "versionEndExcluding": "4.3.6", - "matchCriteriaId": "CEA748C7-767E-47EA-A775-702A70311609" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/plugins.trac.wordpress.org\/changeset?sfp_email=&sfph_mail=&reponame=&old=2962730%40simple-membership&new=2962730%40simple-membership&sfp_email=&sfph_mail=", - "source": "security@wordfence.com", - "tags": [ - "Patch" - ] - }, - { - "url": "https:\/\/wordpress.org\/plugins\/simple-membership\/", - "source": "security@wordfence.com", - "tags": [ - "Product" - ] - }, - { - "url": "https:\/\/www.wordfence.com\/threat-intel\/vulnerabilities\/id\/e4b10172-7e54-4ff8-9fbb-41d160ce49e4?source=cve", - "source": "security@wordfence.com", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-30706", - "sourceIdentifier": "mobile.security@samsung.com", - "published": "2023-09-06T04:15:11.063", - "lastModified": "2023-11-07T04:13:58.623", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Improper authorization in Samsung Keyboard prior to SMR Sep-2023 Release 1 allows attacker to read arbitrary file with system privilege." - }, - { - "lang": "es", - "value": "Autorización incorrecta en Samsung Keyboard anterior a SMR Sep-2023 Release 1 permite al atacante leer archivos arbitrarios con privilegios del sistema." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:N\/S:U\/C:H\/I:N\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 4.9, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.2, - "impactScore": 3.6 - }, - { - "source": "mobile.security@samsung.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:N\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 7.5, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "NVD-CWE-Other" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:-:*:*:*:*:*:*", - "matchCriteriaId": "DA3806E2-A780-4BB5-B4DC-D015D841E4C7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-apr-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "8D2D0083-0A85-47F7-A42D-2040A3BEC132" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-apr-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "0332BF16-0F1F-4733-ABCE-A1EA1366A5D9" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-apr-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "D7120696-2440-44EC-B3A4-6FCBB4A60A12" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-aug-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "A3658A42-BCA9-4188-8B36-3C6599BBF83C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-aug-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "D0E55E09-C2C9-43D1-8A1A-6D02F544E34A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-aug-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "693D72EF-1531-4C15-B105-2DEBE02D30F6" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-dec-2020-r1:*:*:*:*:*:*", - "matchCriteriaId": "C26195A5-31BE-4116-8F31-9F25BE57AB52" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-dec-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "4C6114C5-C175-45E7-821E-6BA218F923DE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-dec-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "58BA232B-8D39-473A-91D0-D3AC03FDE8FB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-feb-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "25B42CE0-67DE-4611-8D70-DEEC975E32BA" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-feb-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "AF2EADA0-5976-4711-A7A5-61594F3E2FEB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-feb-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "6B59145B-5506-477C-8F9C-ABB0CE2CF631" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jan-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "AC082E25-1B7D-473D-A066-1463E6321CD5" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jan-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "655BEA94-9A83-4A56-8DDE-79ADC821C707" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jan-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "B894D0C1-E66E-44B0-8FCA-2EE4290C4173" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jul-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "2B088DE9-31F1-4737-8BC8-CC406F208ACB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jul-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "899F6BD2-47AF-4ADA-935D-90AB069E9BA4" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jul-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "60281652-A1DF-4EA4-8CD3-6DCA43F6162F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jun-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "C2592B14-B3B7-4C85-88E8-5E12F6F50ED3" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jun-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "40A783AA-91E7-426B-8A78-4EBE5D69A602" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jun-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "4F46F8F7-0EBA-4D2F-AC53-4BB5956D7B87" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-mar-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "BA51F5D5-D18D-426C-B09F-EE12CE11E9FB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-mar-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "53968A3C-6E71-42B8-8671-6730D8C85603" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-mar-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "FFB0F9B9-C60D-40CC-AC7D-FDB288EB2264" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-may-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "6C946853-D56D-457C-A1CB-AD1A5BD56C41" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-may-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "B35EB1D3-2F29-4A5C-AC9A-6ED72A2E22D2" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-may-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "1DD6CFD3-5341-4069-B4FC-A5E07F13A63F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-nov-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "9BD8E899-427B-47D2-9168-446B0249868F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-nov-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "E923AF0F-34BA-40FE-AA20-B01366263B97" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-oct-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "78B14D1F-C536-4816-A076-B074E41EB0A9" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-oct-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "AF2D00F4-B521-4D8F-84F8-DCE45B6349A1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-sep-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "548BCC15-C6D8-4AE7-B167-4DD74382097B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-sep-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "9C2B6E53-CC07-4590-ADFA-CEF7DB0F4EB7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:-:*:*:*:*:*:*", - "matchCriteriaId": "D757450C-270E-4FB2-A50C-7F769FED558A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-apr-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "EC4A2EBA-038B-44D5-84F3-FF326CD1C62D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-apr-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "40EB3FC1-D79A-40C7-9E2B-573E20780982" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-aug-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "0ABFBBDB-E935-4C54-865A-0E607497DA87" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-aug-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "7B738B6B-78CE-4618-B70D-6BC9ED453105" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-dec-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "3899E3E7-1284-4223-A258-DA691F5D62FE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-dec-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "ECD961EA-6881-4A14-83DE-C6972F6F681C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-feb-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "011CC4F5-6701-41E9-BC7D-CFE6EFF682AC" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-feb-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "13E145E2-CE11-4EE5-9085-B4960FE4F52F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jan-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "A3BBC8B6-1D2B-47C9-93EE-3D3DC43062F1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jan-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "02600CDD-6862-4146-88E8-A2E73B7ED534" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jul-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "35F40D59-034B-44FB-8DCD-D469B50DE7E1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jul-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "CC84021B-9846-40FB-834B-7C5BECEFFEAC" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jun-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "BC3F8572-578B-4D19-9453-1D03DA55EF70" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jun-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "EEABF42E-578E-4689-B80D-B305467AA72D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-mar-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "9137C66C-4966-4C90-ABE9-7E22F7E29BA7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-mar-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "E261C9D8-1E74-44B8-9F11-F5769CF8B7FD" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-may-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "18CD523B-530E-4187-8BFF-729CDAC69282" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-may-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "4C28D3CD-DD34-4334-B03F-794B31A4BF48" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-nov-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "5A81C86D-F1FE-4166-8F37-D7170E6B30FE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-nov-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "A3D80783-523A-455E-B1AD-0961086F79E6" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-oct-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "89BE2958-0BEE-4CFD-A0BA-494DE62E7F32" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-sep-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "B0329C50-B904-480D-8EBB-F2757049FC81" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:-:*:*:*:*:*:*", - "matchCriteriaId": "A123EDB1-3048-44B0-8D4D-39A2B24B5F6B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-apr-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "70825981-F895-4BFD-9B6E-92BFF0D67023" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-aug-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "88DC0A82-CAF3-4E88-8A4D-8AF79D0C226D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-dec-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "299284DA-85AB-4162-B858-E67E5C6C14F7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-feb-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "D98F307E-3B01-4C17-86E5-1C6299919417" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-jan-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "7D7DA96D-9C25-4DDA-A6BF-D998AC346B89" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-jul-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "34114DDC-DCDA-4306-8D23-2E628873171F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-jun-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "85E4E8C1-749F-4A1C-8333-6BAFBF8B64D1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-mar-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "5F73D594-178F-4FC8-9F40-0E545E2647B0" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-may-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "3F3EF3F1-4E54-46E3-A308-69656A29FBD2" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-nov-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "D2B24866-2B3A-4A1A-8B75-EF7A7541797A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-oct-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "EBB29F18-A929-432B-B20C-365401E6CA12" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/security.samsungmobile.com\/securityUpdate.smsb?year=2023&month=09", - "source": "mobile.security@samsung.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-30707", - "sourceIdentifier": "mobile.security@samsung.com", - "published": "2023-09-06T04:15:11.520", - "lastModified": "2023-11-07T04:13:58.830", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Improper input validation vulnerability in FileProviderStatusReceiver in Samsung Keyboard prior to SMR Sep-2023 Release 1 allows local attackers to delete arbitrary files with Samsung Keyboard privilege." - }, - { - "lang": "es", - "value": "Una vulnerabilidad de validación de entrada inadecuada en \"FileProviderStatusReceiver\" en Samsung Keyboard anterior a SMR Sep-2023 Release 1 permite a los atacantes locales eliminar archivos arbitrarios con el privilegio de Samsung Keyboard. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:N\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.1, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.2 - }, - { - "source": "mobile.security@samsung.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:N\/S:U\/C:N\/I:L\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 4.0, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.5, - "impactScore": 1.4 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "NVD-CWE-noinfo" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:-:*:*:*:*:*:*", - "matchCriteriaId": "DA3806E2-A780-4BB5-B4DC-D015D841E4C7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-apr-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "8D2D0083-0A85-47F7-A42D-2040A3BEC132" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-apr-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "0332BF16-0F1F-4733-ABCE-A1EA1366A5D9" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-apr-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "D7120696-2440-44EC-B3A4-6FCBB4A60A12" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-aug-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "A3658A42-BCA9-4188-8B36-3C6599BBF83C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-aug-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "D0E55E09-C2C9-43D1-8A1A-6D02F544E34A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-aug-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "693D72EF-1531-4C15-B105-2DEBE02D30F6" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-dec-2020-r1:*:*:*:*:*:*", - "matchCriteriaId": "C26195A5-31BE-4116-8F31-9F25BE57AB52" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-dec-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "4C6114C5-C175-45E7-821E-6BA218F923DE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-dec-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "58BA232B-8D39-473A-91D0-D3AC03FDE8FB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-feb-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "25B42CE0-67DE-4611-8D70-DEEC975E32BA" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-feb-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "AF2EADA0-5976-4711-A7A5-61594F3E2FEB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-feb-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "6B59145B-5506-477C-8F9C-ABB0CE2CF631" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jan-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "AC082E25-1B7D-473D-A066-1463E6321CD5" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jan-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "655BEA94-9A83-4A56-8DDE-79ADC821C707" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jan-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "B894D0C1-E66E-44B0-8FCA-2EE4290C4173" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jul-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "2B088DE9-31F1-4737-8BC8-CC406F208ACB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jul-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "899F6BD2-47AF-4ADA-935D-90AB069E9BA4" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jul-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "60281652-A1DF-4EA4-8CD3-6DCA43F6162F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jun-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "C2592B14-B3B7-4C85-88E8-5E12F6F50ED3" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jun-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "40A783AA-91E7-426B-8A78-4EBE5D69A602" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jun-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "4F46F8F7-0EBA-4D2F-AC53-4BB5956D7B87" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-mar-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "BA51F5D5-D18D-426C-B09F-EE12CE11E9FB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-mar-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "53968A3C-6E71-42B8-8671-6730D8C85603" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-mar-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "FFB0F9B9-C60D-40CC-AC7D-FDB288EB2264" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-may-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "6C946853-D56D-457C-A1CB-AD1A5BD56C41" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-may-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "B35EB1D3-2F29-4A5C-AC9A-6ED72A2E22D2" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-may-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "1DD6CFD3-5341-4069-B4FC-A5E07F13A63F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-nov-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "9BD8E899-427B-47D2-9168-446B0249868F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-nov-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "E923AF0F-34BA-40FE-AA20-B01366263B97" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-oct-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "78B14D1F-C536-4816-A076-B074E41EB0A9" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-oct-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "AF2D00F4-B521-4D8F-84F8-DCE45B6349A1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-sep-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "548BCC15-C6D8-4AE7-B167-4DD74382097B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-sep-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "9C2B6E53-CC07-4590-ADFA-CEF7DB0F4EB7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:-:*:*:*:*:*:*", - "matchCriteriaId": "D757450C-270E-4FB2-A50C-7F769FED558A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-apr-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "EC4A2EBA-038B-44D5-84F3-FF326CD1C62D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-apr-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "40EB3FC1-D79A-40C7-9E2B-573E20780982" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-aug-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "0ABFBBDB-E935-4C54-865A-0E607497DA87" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-aug-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "7B738B6B-78CE-4618-B70D-6BC9ED453105" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-dec-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "3899E3E7-1284-4223-A258-DA691F5D62FE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-dec-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "ECD961EA-6881-4A14-83DE-C6972F6F681C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-feb-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "011CC4F5-6701-41E9-BC7D-CFE6EFF682AC" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-feb-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "13E145E2-CE11-4EE5-9085-B4960FE4F52F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jan-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "A3BBC8B6-1D2B-47C9-93EE-3D3DC43062F1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jan-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "02600CDD-6862-4146-88E8-A2E73B7ED534" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jul-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "35F40D59-034B-44FB-8DCD-D469B50DE7E1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jul-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "CC84021B-9846-40FB-834B-7C5BECEFFEAC" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jun-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "BC3F8572-578B-4D19-9453-1D03DA55EF70" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jun-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "EEABF42E-578E-4689-B80D-B305467AA72D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-mar-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "9137C66C-4966-4C90-ABE9-7E22F7E29BA7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-mar-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "E261C9D8-1E74-44B8-9F11-F5769CF8B7FD" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-may-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "18CD523B-530E-4187-8BFF-729CDAC69282" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-may-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "4C28D3CD-DD34-4334-B03F-794B31A4BF48" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-nov-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "5A81C86D-F1FE-4166-8F37-D7170E6B30FE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-nov-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "A3D80783-523A-455E-B1AD-0961086F79E6" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-oct-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "89BE2958-0BEE-4CFD-A0BA-494DE62E7F32" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-sep-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "B0329C50-B904-480D-8EBB-F2757049FC81" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:-:*:*:*:*:*:*", - "matchCriteriaId": "A123EDB1-3048-44B0-8D4D-39A2B24B5F6B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-apr-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "70825981-F895-4BFD-9B6E-92BFF0D67023" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-aug-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "88DC0A82-CAF3-4E88-8A4D-8AF79D0C226D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-dec-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "299284DA-85AB-4162-B858-E67E5C6C14F7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-feb-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "D98F307E-3B01-4C17-86E5-1C6299919417" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-jan-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "7D7DA96D-9C25-4DDA-A6BF-D998AC346B89" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-jul-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "34114DDC-DCDA-4306-8D23-2E628873171F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-jun-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "85E4E8C1-749F-4A1C-8333-6BAFBF8B64D1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-mar-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "5F73D594-178F-4FC8-9F40-0E545E2647B0" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-may-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "3F3EF3F1-4E54-46E3-A308-69656A29FBD2" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-nov-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "D2B24866-2B3A-4A1A-8B75-EF7A7541797A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-oct-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "EBB29F18-A929-432B-B20C-365401E6CA12" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/security.samsungmobile.com\/securityUpdate.smsb?year=2023&month=09", - "source": "mobile.security@samsung.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-30708", - "sourceIdentifier": "mobile.security@samsung.com", - "published": "2023-09-06T04:15:11.627", - "lastModified": "2023-11-07T04:13:59.020", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Improper authentication in SecSettings prior to SMR Sep-2023 Release 1 allows attacker to access Captive Portal Wi-Fi in Reactivation Lock status." - }, - { - "lang": "es", - "value": "Una autenticación inadecuada en SecSettings anterior a SMR Sep-2023 Release 1 permite al atacante a acceder al portal cautivo Wi-Fi en el estado de bloqueo de reactivación." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:N\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 7.5, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - }, - { - "source": "mobile.security@samsung.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:P\/AC:L\/PR:N\/UI:N\/S:U\/C:N\/I:N\/A:H", - "attackVector": "PHYSICAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "availabilityImpact": "HIGH", - "baseScore": 4.6, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 0.9, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-287" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:-:*:*:*:*:*:*", - "matchCriteriaId": "DA3806E2-A780-4BB5-B4DC-D015D841E4C7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-apr-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "8D2D0083-0A85-47F7-A42D-2040A3BEC132" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-apr-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "0332BF16-0F1F-4733-ABCE-A1EA1366A5D9" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-apr-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "D7120696-2440-44EC-B3A4-6FCBB4A60A12" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-aug-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "A3658A42-BCA9-4188-8B36-3C6599BBF83C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-aug-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "D0E55E09-C2C9-43D1-8A1A-6D02F544E34A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-aug-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "693D72EF-1531-4C15-B105-2DEBE02D30F6" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-dec-2020-r1:*:*:*:*:*:*", - "matchCriteriaId": "C26195A5-31BE-4116-8F31-9F25BE57AB52" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-dec-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "4C6114C5-C175-45E7-821E-6BA218F923DE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-dec-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "58BA232B-8D39-473A-91D0-D3AC03FDE8FB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-feb-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "25B42CE0-67DE-4611-8D70-DEEC975E32BA" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-feb-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "AF2EADA0-5976-4711-A7A5-61594F3E2FEB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-feb-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "6B59145B-5506-477C-8F9C-ABB0CE2CF631" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jan-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "AC082E25-1B7D-473D-A066-1463E6321CD5" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jan-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "655BEA94-9A83-4A56-8DDE-79ADC821C707" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jan-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "B894D0C1-E66E-44B0-8FCA-2EE4290C4173" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jul-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "2B088DE9-31F1-4737-8BC8-CC406F208ACB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jul-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "899F6BD2-47AF-4ADA-935D-90AB069E9BA4" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jul-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "60281652-A1DF-4EA4-8CD3-6DCA43F6162F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jun-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "C2592B14-B3B7-4C85-88E8-5E12F6F50ED3" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jun-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "40A783AA-91E7-426B-8A78-4EBE5D69A602" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jun-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "4F46F8F7-0EBA-4D2F-AC53-4BB5956D7B87" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-mar-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "BA51F5D5-D18D-426C-B09F-EE12CE11E9FB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-mar-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "53968A3C-6E71-42B8-8671-6730D8C85603" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-mar-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "FFB0F9B9-C60D-40CC-AC7D-FDB288EB2264" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-may-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "6C946853-D56D-457C-A1CB-AD1A5BD56C41" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-may-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "B35EB1D3-2F29-4A5C-AC9A-6ED72A2E22D2" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-may-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "1DD6CFD3-5341-4069-B4FC-A5E07F13A63F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-nov-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "9BD8E899-427B-47D2-9168-446B0249868F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-nov-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "E923AF0F-34BA-40FE-AA20-B01366263B97" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-oct-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "78B14D1F-C536-4816-A076-B074E41EB0A9" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-oct-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "AF2D00F4-B521-4D8F-84F8-DCE45B6349A1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-sep-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "548BCC15-C6D8-4AE7-B167-4DD74382097B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-sep-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "9C2B6E53-CC07-4590-ADFA-CEF7DB0F4EB7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:-:*:*:*:*:*:*", - "matchCriteriaId": "D757450C-270E-4FB2-A50C-7F769FED558A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-apr-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "EC4A2EBA-038B-44D5-84F3-FF326CD1C62D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-apr-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "40EB3FC1-D79A-40C7-9E2B-573E20780982" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-aug-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "0ABFBBDB-E935-4C54-865A-0E607497DA87" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-aug-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "7B738B6B-78CE-4618-B70D-6BC9ED453105" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-dec-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "3899E3E7-1284-4223-A258-DA691F5D62FE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-dec-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "ECD961EA-6881-4A14-83DE-C6972F6F681C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-feb-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "011CC4F5-6701-41E9-BC7D-CFE6EFF682AC" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-feb-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "13E145E2-CE11-4EE5-9085-B4960FE4F52F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jan-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "A3BBC8B6-1D2B-47C9-93EE-3D3DC43062F1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jan-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "02600CDD-6862-4146-88E8-A2E73B7ED534" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jul-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "35F40D59-034B-44FB-8DCD-D469B50DE7E1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jul-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "CC84021B-9846-40FB-834B-7C5BECEFFEAC" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jun-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "BC3F8572-578B-4D19-9453-1D03DA55EF70" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jun-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "EEABF42E-578E-4689-B80D-B305467AA72D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-mar-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "9137C66C-4966-4C90-ABE9-7E22F7E29BA7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-mar-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "E261C9D8-1E74-44B8-9F11-F5769CF8B7FD" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-may-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "18CD523B-530E-4187-8BFF-729CDAC69282" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-may-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "4C28D3CD-DD34-4334-B03F-794B31A4BF48" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-nov-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "5A81C86D-F1FE-4166-8F37-D7170E6B30FE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-nov-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "A3D80783-523A-455E-B1AD-0961086F79E6" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-oct-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "89BE2958-0BEE-4CFD-A0BA-494DE62E7F32" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-sep-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "B0329C50-B904-480D-8EBB-F2757049FC81" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:-:*:*:*:*:*:*", - "matchCriteriaId": "A123EDB1-3048-44B0-8D4D-39A2B24B5F6B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-apr-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "70825981-F895-4BFD-9B6E-92BFF0D67023" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-aug-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "88DC0A82-CAF3-4E88-8A4D-8AF79D0C226D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-dec-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "299284DA-85AB-4162-B858-E67E5C6C14F7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-feb-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "D98F307E-3B01-4C17-86E5-1C6299919417" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-jan-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "7D7DA96D-9C25-4DDA-A6BF-D998AC346B89" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-jul-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "34114DDC-DCDA-4306-8D23-2E628873171F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-jun-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "85E4E8C1-749F-4A1C-8333-6BAFBF8B64D1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-mar-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "5F73D594-178F-4FC8-9F40-0E545E2647B0" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-may-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "3F3EF3F1-4E54-46E3-A308-69656A29FBD2" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-nov-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "D2B24866-2B3A-4A1A-8B75-EF7A7541797A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-oct-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "EBB29F18-A929-432B-B20C-365401E6CA12" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/security.samsungmobile.com\/securityUpdate.smsb?year=2023&month=09", - "source": "mobile.security@samsung.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-30709", - "sourceIdentifier": "mobile.security@samsung.com", - "published": "2023-09-06T04:15:11.833", - "lastModified": "2023-11-07T04:13:59.193", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Improper access control in Dual Messenger prior to SMR Sep-2023 Release 1 allows local attackers launch activity with system privilege." - }, - { - "lang": "es", - "value": "Una vulnerabilidad de control de acceso inadecuado en Dual Messenger anterior a SMR Sep-2023 Release 1 permite a los atacantes locales iniciar actividades con privilegios del sistema. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:H\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 6.7, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 0.8, - "impactScore": 5.9 - }, - { - "source": "mobile.security@samsung.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:N\/S:C\/C:H\/I:L\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "CHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 7.9, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.5, - "impactScore": 4.7 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "NVD-CWE-noinfo" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:-:*:*:*:*:*:*", - "matchCriteriaId": "DA3806E2-A780-4BB5-B4DC-D015D841E4C7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-apr-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "8D2D0083-0A85-47F7-A42D-2040A3BEC132" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-apr-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "0332BF16-0F1F-4733-ABCE-A1EA1366A5D9" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-apr-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "D7120696-2440-44EC-B3A4-6FCBB4A60A12" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-aug-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "A3658A42-BCA9-4188-8B36-3C6599BBF83C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-aug-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "D0E55E09-C2C9-43D1-8A1A-6D02F544E34A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-aug-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "693D72EF-1531-4C15-B105-2DEBE02D30F6" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-dec-2020-r1:*:*:*:*:*:*", - "matchCriteriaId": "C26195A5-31BE-4116-8F31-9F25BE57AB52" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-dec-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "4C6114C5-C175-45E7-821E-6BA218F923DE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-dec-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "58BA232B-8D39-473A-91D0-D3AC03FDE8FB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-feb-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "25B42CE0-67DE-4611-8D70-DEEC975E32BA" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-feb-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "AF2EADA0-5976-4711-A7A5-61594F3E2FEB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-feb-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "6B59145B-5506-477C-8F9C-ABB0CE2CF631" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jan-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "AC082E25-1B7D-473D-A066-1463E6321CD5" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jan-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "655BEA94-9A83-4A56-8DDE-79ADC821C707" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jan-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "B894D0C1-E66E-44B0-8FCA-2EE4290C4173" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jul-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "2B088DE9-31F1-4737-8BC8-CC406F208ACB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jul-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "899F6BD2-47AF-4ADA-935D-90AB069E9BA4" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jul-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "60281652-A1DF-4EA4-8CD3-6DCA43F6162F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jun-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "C2592B14-B3B7-4C85-88E8-5E12F6F50ED3" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jun-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "40A783AA-91E7-426B-8A78-4EBE5D69A602" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jun-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "4F46F8F7-0EBA-4D2F-AC53-4BB5956D7B87" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-mar-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "BA51F5D5-D18D-426C-B09F-EE12CE11E9FB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-mar-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "53968A3C-6E71-42B8-8671-6730D8C85603" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-mar-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "FFB0F9B9-C60D-40CC-AC7D-FDB288EB2264" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-may-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "6C946853-D56D-457C-A1CB-AD1A5BD56C41" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-may-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "B35EB1D3-2F29-4A5C-AC9A-6ED72A2E22D2" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-may-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "1DD6CFD3-5341-4069-B4FC-A5E07F13A63F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-nov-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "9BD8E899-427B-47D2-9168-446B0249868F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-nov-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "E923AF0F-34BA-40FE-AA20-B01366263B97" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-oct-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "78B14D1F-C536-4816-A076-B074E41EB0A9" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-oct-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "AF2D00F4-B521-4D8F-84F8-DCE45B6349A1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-sep-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "548BCC15-C6D8-4AE7-B167-4DD74382097B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-sep-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "9C2B6E53-CC07-4590-ADFA-CEF7DB0F4EB7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:-:*:*:*:*:*:*", - "matchCriteriaId": "D757450C-270E-4FB2-A50C-7F769FED558A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-apr-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "EC4A2EBA-038B-44D5-84F3-FF326CD1C62D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-apr-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "40EB3FC1-D79A-40C7-9E2B-573E20780982" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-aug-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "0ABFBBDB-E935-4C54-865A-0E607497DA87" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-aug-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "7B738B6B-78CE-4618-B70D-6BC9ED453105" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-dec-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "3899E3E7-1284-4223-A258-DA691F5D62FE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-dec-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "ECD961EA-6881-4A14-83DE-C6972F6F681C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-feb-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "011CC4F5-6701-41E9-BC7D-CFE6EFF682AC" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-feb-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "13E145E2-CE11-4EE5-9085-B4960FE4F52F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jan-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "A3BBC8B6-1D2B-47C9-93EE-3D3DC43062F1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jan-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "02600CDD-6862-4146-88E8-A2E73B7ED534" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jul-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "35F40D59-034B-44FB-8DCD-D469B50DE7E1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jul-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "CC84021B-9846-40FB-834B-7C5BECEFFEAC" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jun-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "BC3F8572-578B-4D19-9453-1D03DA55EF70" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jun-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "EEABF42E-578E-4689-B80D-B305467AA72D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-mar-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "9137C66C-4966-4C90-ABE9-7E22F7E29BA7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-mar-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "E261C9D8-1E74-44B8-9F11-F5769CF8B7FD" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-may-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "18CD523B-530E-4187-8BFF-729CDAC69282" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-may-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "4C28D3CD-DD34-4334-B03F-794B31A4BF48" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-nov-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "5A81C86D-F1FE-4166-8F37-D7170E6B30FE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-nov-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "A3D80783-523A-455E-B1AD-0961086F79E6" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-oct-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "89BE2958-0BEE-4CFD-A0BA-494DE62E7F32" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-sep-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "B0329C50-B904-480D-8EBB-F2757049FC81" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:-:*:*:*:*:*:*", - "matchCriteriaId": "A123EDB1-3048-44B0-8D4D-39A2B24B5F6B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-apr-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "70825981-F895-4BFD-9B6E-92BFF0D67023" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-aug-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "88DC0A82-CAF3-4E88-8A4D-8AF79D0C226D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-dec-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "299284DA-85AB-4162-B858-E67E5C6C14F7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-feb-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "D98F307E-3B01-4C17-86E5-1C6299919417" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-jan-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "7D7DA96D-9C25-4DDA-A6BF-D998AC346B89" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-jul-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "34114DDC-DCDA-4306-8D23-2E628873171F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-jun-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "85E4E8C1-749F-4A1C-8333-6BAFBF8B64D1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-mar-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "5F73D594-178F-4FC8-9F40-0E545E2647B0" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-may-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "3F3EF3F1-4E54-46E3-A308-69656A29FBD2" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-nov-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "D2B24866-2B3A-4A1A-8B75-EF7A7541797A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-oct-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "EBB29F18-A929-432B-B20C-365401E6CA12" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/security.samsungmobile.com\/securityUpdate.smsb?year=2023&month=09", - "source": "mobile.security@samsung.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-30710", - "sourceIdentifier": "mobile.security@samsung.com", - "published": "2023-09-06T04:15:12.220", - "lastModified": "2023-11-07T04:13:59.377", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Improper input validation vulnerability in Knox AI prior to SMR Sep-2023 Release 1 allows local attackers to launch privileged activities." - }, - { - "lang": "es", - "value": "Vulnerabilidad de validación de entrada incorrecta en Knox AI anterior a SMR Sep-2023 Release 1 permite a atacantes locales iniciar actividades privilegiadas." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - }, - { - "source": "mobile.security@samsung.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:N\/S:C\/C:H\/I:L\/A:L", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "CHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "LOW", - "availabilityImpact": "LOW", - "baseScore": 8.5, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.5, - "impactScore": 5.3 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "NVD-CWE-noinfo" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:-:*:*:*:*:*:*", - "matchCriteriaId": "DA3806E2-A780-4BB5-B4DC-D015D841E4C7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-apr-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "8D2D0083-0A85-47F7-A42D-2040A3BEC132" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-apr-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "0332BF16-0F1F-4733-ABCE-A1EA1366A5D9" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-apr-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "D7120696-2440-44EC-B3A4-6FCBB4A60A12" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-aug-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "A3658A42-BCA9-4188-8B36-3C6599BBF83C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-aug-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "D0E55E09-C2C9-43D1-8A1A-6D02F544E34A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-aug-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "693D72EF-1531-4C15-B105-2DEBE02D30F6" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-dec-2020-r1:*:*:*:*:*:*", - "matchCriteriaId": "C26195A5-31BE-4116-8F31-9F25BE57AB52" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-dec-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "4C6114C5-C175-45E7-821E-6BA218F923DE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-dec-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "58BA232B-8D39-473A-91D0-D3AC03FDE8FB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-feb-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "25B42CE0-67DE-4611-8D70-DEEC975E32BA" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-feb-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "AF2EADA0-5976-4711-A7A5-61594F3E2FEB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-feb-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "6B59145B-5506-477C-8F9C-ABB0CE2CF631" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jan-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "AC082E25-1B7D-473D-A066-1463E6321CD5" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jan-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "655BEA94-9A83-4A56-8DDE-79ADC821C707" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jan-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "B894D0C1-E66E-44B0-8FCA-2EE4290C4173" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jul-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "2B088DE9-31F1-4737-8BC8-CC406F208ACB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jul-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "899F6BD2-47AF-4ADA-935D-90AB069E9BA4" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jul-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "60281652-A1DF-4EA4-8CD3-6DCA43F6162F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jun-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "C2592B14-B3B7-4C85-88E8-5E12F6F50ED3" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jun-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "40A783AA-91E7-426B-8A78-4EBE5D69A602" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jun-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "4F46F8F7-0EBA-4D2F-AC53-4BB5956D7B87" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-mar-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "BA51F5D5-D18D-426C-B09F-EE12CE11E9FB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-mar-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "53968A3C-6E71-42B8-8671-6730D8C85603" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-mar-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "FFB0F9B9-C60D-40CC-AC7D-FDB288EB2264" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-may-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "6C946853-D56D-457C-A1CB-AD1A5BD56C41" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-may-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "B35EB1D3-2F29-4A5C-AC9A-6ED72A2E22D2" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-may-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "1DD6CFD3-5341-4069-B4FC-A5E07F13A63F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-nov-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "9BD8E899-427B-47D2-9168-446B0249868F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-nov-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "E923AF0F-34BA-40FE-AA20-B01366263B97" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-oct-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "78B14D1F-C536-4816-A076-B074E41EB0A9" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-oct-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "AF2D00F4-B521-4D8F-84F8-DCE45B6349A1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-sep-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "548BCC15-C6D8-4AE7-B167-4DD74382097B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-sep-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "9C2B6E53-CC07-4590-ADFA-CEF7DB0F4EB7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:-:*:*:*:*:*:*", - "matchCriteriaId": "D757450C-270E-4FB2-A50C-7F769FED558A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-apr-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "EC4A2EBA-038B-44D5-84F3-FF326CD1C62D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-apr-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "40EB3FC1-D79A-40C7-9E2B-573E20780982" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-aug-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "0ABFBBDB-E935-4C54-865A-0E607497DA87" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-aug-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "7B738B6B-78CE-4618-B70D-6BC9ED453105" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-dec-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "3899E3E7-1284-4223-A258-DA691F5D62FE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-dec-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "ECD961EA-6881-4A14-83DE-C6972F6F681C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-feb-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "011CC4F5-6701-41E9-BC7D-CFE6EFF682AC" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-feb-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "13E145E2-CE11-4EE5-9085-B4960FE4F52F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jan-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "A3BBC8B6-1D2B-47C9-93EE-3D3DC43062F1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jan-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "02600CDD-6862-4146-88E8-A2E73B7ED534" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jul-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "35F40D59-034B-44FB-8DCD-D469B50DE7E1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jul-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "CC84021B-9846-40FB-834B-7C5BECEFFEAC" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jun-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "BC3F8572-578B-4D19-9453-1D03DA55EF70" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jun-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "EEABF42E-578E-4689-B80D-B305467AA72D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-mar-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "9137C66C-4966-4C90-ABE9-7E22F7E29BA7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-mar-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "E261C9D8-1E74-44B8-9F11-F5769CF8B7FD" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-may-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "18CD523B-530E-4187-8BFF-729CDAC69282" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-may-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "4C28D3CD-DD34-4334-B03F-794B31A4BF48" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-nov-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "5A81C86D-F1FE-4166-8F37-D7170E6B30FE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-nov-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "A3D80783-523A-455E-B1AD-0961086F79E6" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-oct-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "89BE2958-0BEE-4CFD-A0BA-494DE62E7F32" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-sep-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "B0329C50-B904-480D-8EBB-F2757049FC81" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:-:*:*:*:*:*:*", - "matchCriteriaId": "A123EDB1-3048-44B0-8D4D-39A2B24B5F6B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-apr-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "70825981-F895-4BFD-9B6E-92BFF0D67023" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-aug-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "88DC0A82-CAF3-4E88-8A4D-8AF79D0C226D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-dec-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "299284DA-85AB-4162-B858-E67E5C6C14F7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-feb-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "D98F307E-3B01-4C17-86E5-1C6299919417" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-jan-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "7D7DA96D-9C25-4DDA-A6BF-D998AC346B89" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-jul-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "34114DDC-DCDA-4306-8D23-2E628873171F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-jun-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "85E4E8C1-749F-4A1C-8333-6BAFBF8B64D1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-mar-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "5F73D594-178F-4FC8-9F40-0E545E2647B0" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-may-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "3F3EF3F1-4E54-46E3-A308-69656A29FBD2" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-nov-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "D2B24866-2B3A-4A1A-8B75-EF7A7541797A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-oct-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "EBB29F18-A929-432B-B20C-365401E6CA12" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/security.samsungmobile.com\/securityUpdate.smsb?year=2023&month=09", - "source": "mobile.security@samsung.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-30711", - "sourceIdentifier": "mobile.security@samsung.com", - "published": "2023-09-06T04:15:12.570", - "lastModified": "2023-11-07T04:13:59.557", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Improper authentication in Phone and Messaging Storage SMR SEP-2023 Release 1 allows attacker to insert arbitrary data to the provider." - }, - { - "lang": "es", - "value": "Una vulnerabilidad de autenticación incorrecta en Phone and Messaging Storage SMR SEP-2023 Release 1 permite a un atacante insertar datos arbitrarios en el proveedor. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:N\/I:L\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 3.3, - "baseSeverity": "LOW" - }, - "exploitabilityScore": 1.8, - "impactScore": 1.4 - }, - { - "source": "mobile.security@samsung.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:N\/S:U\/C:N\/I:L\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 4.0, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.5, - "impactScore": 1.4 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "NVD-CWE-Other" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:-:*:*:*:*:*:*", - "matchCriteriaId": "DA3806E2-A780-4BB5-B4DC-D015D841E4C7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-apr-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "8D2D0083-0A85-47F7-A42D-2040A3BEC132" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-apr-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "0332BF16-0F1F-4733-ABCE-A1EA1366A5D9" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-apr-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "D7120696-2440-44EC-B3A4-6FCBB4A60A12" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-aug-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "A3658A42-BCA9-4188-8B36-3C6599BBF83C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-aug-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "D0E55E09-C2C9-43D1-8A1A-6D02F544E34A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-aug-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "693D72EF-1531-4C15-B105-2DEBE02D30F6" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-dec-2020-r1:*:*:*:*:*:*", - "matchCriteriaId": "C26195A5-31BE-4116-8F31-9F25BE57AB52" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-dec-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "4C6114C5-C175-45E7-821E-6BA218F923DE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-dec-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "58BA232B-8D39-473A-91D0-D3AC03FDE8FB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-feb-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "25B42CE0-67DE-4611-8D70-DEEC975E32BA" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-feb-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "AF2EADA0-5976-4711-A7A5-61594F3E2FEB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-feb-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "6B59145B-5506-477C-8F9C-ABB0CE2CF631" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jan-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "AC082E25-1B7D-473D-A066-1463E6321CD5" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jan-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "655BEA94-9A83-4A56-8DDE-79ADC821C707" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jan-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "B894D0C1-E66E-44B0-8FCA-2EE4290C4173" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jul-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "2B088DE9-31F1-4737-8BC8-CC406F208ACB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jul-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "899F6BD2-47AF-4ADA-935D-90AB069E9BA4" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jul-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "60281652-A1DF-4EA4-8CD3-6DCA43F6162F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jun-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "C2592B14-B3B7-4C85-88E8-5E12F6F50ED3" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jun-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "40A783AA-91E7-426B-8A78-4EBE5D69A602" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jun-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "4F46F8F7-0EBA-4D2F-AC53-4BB5956D7B87" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-mar-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "BA51F5D5-D18D-426C-B09F-EE12CE11E9FB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-mar-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "53968A3C-6E71-42B8-8671-6730D8C85603" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-mar-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "FFB0F9B9-C60D-40CC-AC7D-FDB288EB2264" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-may-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "6C946853-D56D-457C-A1CB-AD1A5BD56C41" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-may-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "B35EB1D3-2F29-4A5C-AC9A-6ED72A2E22D2" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-may-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "1DD6CFD3-5341-4069-B4FC-A5E07F13A63F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-nov-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "9BD8E899-427B-47D2-9168-446B0249868F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-nov-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "E923AF0F-34BA-40FE-AA20-B01366263B97" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-oct-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "78B14D1F-C536-4816-A076-B074E41EB0A9" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-oct-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "AF2D00F4-B521-4D8F-84F8-DCE45B6349A1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-sep-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "548BCC15-C6D8-4AE7-B167-4DD74382097B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-sep-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "9C2B6E53-CC07-4590-ADFA-CEF7DB0F4EB7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:-:*:*:*:*:*:*", - "matchCriteriaId": "D757450C-270E-4FB2-A50C-7F769FED558A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-apr-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "EC4A2EBA-038B-44D5-84F3-FF326CD1C62D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-apr-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "40EB3FC1-D79A-40C7-9E2B-573E20780982" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-aug-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "0ABFBBDB-E935-4C54-865A-0E607497DA87" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-aug-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "7B738B6B-78CE-4618-B70D-6BC9ED453105" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-dec-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "3899E3E7-1284-4223-A258-DA691F5D62FE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-dec-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "ECD961EA-6881-4A14-83DE-C6972F6F681C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-feb-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "011CC4F5-6701-41E9-BC7D-CFE6EFF682AC" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-feb-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "13E145E2-CE11-4EE5-9085-B4960FE4F52F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jan-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "A3BBC8B6-1D2B-47C9-93EE-3D3DC43062F1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jan-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "02600CDD-6862-4146-88E8-A2E73B7ED534" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jul-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "35F40D59-034B-44FB-8DCD-D469B50DE7E1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jul-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "CC84021B-9846-40FB-834B-7C5BECEFFEAC" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jun-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "BC3F8572-578B-4D19-9453-1D03DA55EF70" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jun-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "EEABF42E-578E-4689-B80D-B305467AA72D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-mar-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "9137C66C-4966-4C90-ABE9-7E22F7E29BA7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-mar-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "E261C9D8-1E74-44B8-9F11-F5769CF8B7FD" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-may-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "18CD523B-530E-4187-8BFF-729CDAC69282" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-may-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "4C28D3CD-DD34-4334-B03F-794B31A4BF48" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-nov-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "5A81C86D-F1FE-4166-8F37-D7170E6B30FE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-nov-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "A3D80783-523A-455E-B1AD-0961086F79E6" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-oct-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "89BE2958-0BEE-4CFD-A0BA-494DE62E7F32" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-sep-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "B0329C50-B904-480D-8EBB-F2757049FC81" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:-:*:*:*:*:*:*", - "matchCriteriaId": "A123EDB1-3048-44B0-8D4D-39A2B24B5F6B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-apr-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "70825981-F895-4BFD-9B6E-92BFF0D67023" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-aug-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "88DC0A82-CAF3-4E88-8A4D-8AF79D0C226D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-dec-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "299284DA-85AB-4162-B858-E67E5C6C14F7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-feb-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "D98F307E-3B01-4C17-86E5-1C6299919417" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-jan-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "7D7DA96D-9C25-4DDA-A6BF-D998AC346B89" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-jul-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "34114DDC-DCDA-4306-8D23-2E628873171F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-jun-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "85E4E8C1-749F-4A1C-8333-6BAFBF8B64D1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-mar-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "5F73D594-178F-4FC8-9F40-0E545E2647B0" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-may-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "3F3EF3F1-4E54-46E3-A308-69656A29FBD2" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-nov-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "D2B24866-2B3A-4A1A-8B75-EF7A7541797A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-oct-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "EBB29F18-A929-432B-B20C-365401E6CA12" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/security.samsungmobile.com\/securityUpdate.smsb?year=2023&month=09", - "source": "mobile.security@samsung.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-30712", - "sourceIdentifier": "mobile.security@samsung.com", - "published": "2023-09-06T04:15:13.007", - "lastModified": "2023-11-07T04:13:59.747", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Improper input validation in Settings Suggestions prior to SMR Sep-2023 Release 1 allows attackers to launch arbitrary activity." - }, - { - "lang": "es", - "value": "Validación de entrada incorrecta en Settings Suggestions anterior a SMR Sep-2023 Release 1 permite a los atacantes lanzar una actividad arbitraria." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - }, - { - "source": "mobile.security@samsung.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:L\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 6.8, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.5, - "impactScore": 4.2 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-20" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:-:*:*:*:*:*:*", - "matchCriteriaId": "DA3806E2-A780-4BB5-B4DC-D015D841E4C7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-apr-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "8D2D0083-0A85-47F7-A42D-2040A3BEC132" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-apr-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "0332BF16-0F1F-4733-ABCE-A1EA1366A5D9" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-apr-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "D7120696-2440-44EC-B3A4-6FCBB4A60A12" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-aug-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "A3658A42-BCA9-4188-8B36-3C6599BBF83C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-aug-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "D0E55E09-C2C9-43D1-8A1A-6D02F544E34A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-aug-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "693D72EF-1531-4C15-B105-2DEBE02D30F6" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-dec-2020-r1:*:*:*:*:*:*", - "matchCriteriaId": "C26195A5-31BE-4116-8F31-9F25BE57AB52" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-dec-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "4C6114C5-C175-45E7-821E-6BA218F923DE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-dec-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "58BA232B-8D39-473A-91D0-D3AC03FDE8FB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-feb-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "25B42CE0-67DE-4611-8D70-DEEC975E32BA" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-feb-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "AF2EADA0-5976-4711-A7A5-61594F3E2FEB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-feb-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "6B59145B-5506-477C-8F9C-ABB0CE2CF631" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jan-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "AC082E25-1B7D-473D-A066-1463E6321CD5" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jan-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "655BEA94-9A83-4A56-8DDE-79ADC821C707" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jan-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "B894D0C1-E66E-44B0-8FCA-2EE4290C4173" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jul-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "2B088DE9-31F1-4737-8BC8-CC406F208ACB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jul-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "899F6BD2-47AF-4ADA-935D-90AB069E9BA4" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jul-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "60281652-A1DF-4EA4-8CD3-6DCA43F6162F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jun-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "C2592B14-B3B7-4C85-88E8-5E12F6F50ED3" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jun-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "40A783AA-91E7-426B-8A78-4EBE5D69A602" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jun-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "4F46F8F7-0EBA-4D2F-AC53-4BB5956D7B87" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-mar-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "BA51F5D5-D18D-426C-B09F-EE12CE11E9FB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-mar-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "53968A3C-6E71-42B8-8671-6730D8C85603" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-mar-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "FFB0F9B9-C60D-40CC-AC7D-FDB288EB2264" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-may-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "6C946853-D56D-457C-A1CB-AD1A5BD56C41" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-may-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "B35EB1D3-2F29-4A5C-AC9A-6ED72A2E22D2" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-may-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "1DD6CFD3-5341-4069-B4FC-A5E07F13A63F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-nov-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "9BD8E899-427B-47D2-9168-446B0249868F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-nov-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "E923AF0F-34BA-40FE-AA20-B01366263B97" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-oct-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "78B14D1F-C536-4816-A076-B074E41EB0A9" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-oct-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "AF2D00F4-B521-4D8F-84F8-DCE45B6349A1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-sep-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "548BCC15-C6D8-4AE7-B167-4DD74382097B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-sep-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "9C2B6E53-CC07-4590-ADFA-CEF7DB0F4EB7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:-:*:*:*:*:*:*", - "matchCriteriaId": "D757450C-270E-4FB2-A50C-7F769FED558A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-apr-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "EC4A2EBA-038B-44D5-84F3-FF326CD1C62D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-apr-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "40EB3FC1-D79A-40C7-9E2B-573E20780982" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-aug-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "0ABFBBDB-E935-4C54-865A-0E607497DA87" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-aug-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "7B738B6B-78CE-4618-B70D-6BC9ED453105" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-dec-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "3899E3E7-1284-4223-A258-DA691F5D62FE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-dec-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "ECD961EA-6881-4A14-83DE-C6972F6F681C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-feb-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "011CC4F5-6701-41E9-BC7D-CFE6EFF682AC" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-feb-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "13E145E2-CE11-4EE5-9085-B4960FE4F52F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jan-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "A3BBC8B6-1D2B-47C9-93EE-3D3DC43062F1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jan-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "02600CDD-6862-4146-88E8-A2E73B7ED534" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jul-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "35F40D59-034B-44FB-8DCD-D469B50DE7E1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jul-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "CC84021B-9846-40FB-834B-7C5BECEFFEAC" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jun-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "BC3F8572-578B-4D19-9453-1D03DA55EF70" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jun-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "EEABF42E-578E-4689-B80D-B305467AA72D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-mar-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "9137C66C-4966-4C90-ABE9-7E22F7E29BA7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-mar-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "E261C9D8-1E74-44B8-9F11-F5769CF8B7FD" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-may-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "18CD523B-530E-4187-8BFF-729CDAC69282" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-may-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "4C28D3CD-DD34-4334-B03F-794B31A4BF48" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-nov-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "5A81C86D-F1FE-4166-8F37-D7170E6B30FE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-nov-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "A3D80783-523A-455E-B1AD-0961086F79E6" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-oct-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "89BE2958-0BEE-4CFD-A0BA-494DE62E7F32" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-sep-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "B0329C50-B904-480D-8EBB-F2757049FC81" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:-:*:*:*:*:*:*", - "matchCriteriaId": "A123EDB1-3048-44B0-8D4D-39A2B24B5F6B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-apr-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "70825981-F895-4BFD-9B6E-92BFF0D67023" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-aug-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "88DC0A82-CAF3-4E88-8A4D-8AF79D0C226D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-dec-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "299284DA-85AB-4162-B858-E67E5C6C14F7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-feb-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "D98F307E-3B01-4C17-86E5-1C6299919417" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-jan-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "7D7DA96D-9C25-4DDA-A6BF-D998AC346B89" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-jul-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "34114DDC-DCDA-4306-8D23-2E628873171F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-jun-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "85E4E8C1-749F-4A1C-8333-6BAFBF8B64D1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-mar-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "5F73D594-178F-4FC8-9F40-0E545E2647B0" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-may-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "3F3EF3F1-4E54-46E3-A308-69656A29FBD2" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-nov-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "D2B24866-2B3A-4A1A-8B75-EF7A7541797A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-oct-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "EBB29F18-A929-432B-B20C-365401E6CA12" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/security.samsungmobile.com\/securityUpdate.smsb?year=2023&month=09", - "source": "mobile.security@samsung.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-30713", - "sourceIdentifier": "mobile.security@samsung.com", - "published": "2023-09-06T04:15:13.383", - "lastModified": "2023-11-07T04:13:59.943", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Improper privilege management vulnerability in FolderLockNotifier in One UI Home prior to SMR Sep-2023 Release 1 allows local attackers to change some settings of the folder lock." - }, - { - "lang": "es", - "value": "Una vulnerabilidad de gestión de privilegios inadecuada en FolderLockNotifier en One UI Home anterior a SMR Sep-2023 Release 1 permite a los atacantes locales cambiar algunos ajustes del bloqueo de carpetas. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:N\/I:H\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "HIGH", - "availabilityImpact": "NONE", - "baseScore": 5.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.8, - "impactScore": 3.6 - }, - { - "source": "mobile.security@samsung.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:N\/S:U\/C:N\/I:H\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "HIGH", - "availabilityImpact": "NONE", - "baseScore": 6.2, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.5, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-269" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:-:*:*:*:*:*:*", - "matchCriteriaId": "DA3806E2-A780-4BB5-B4DC-D015D841E4C7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-apr-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "8D2D0083-0A85-47F7-A42D-2040A3BEC132" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-apr-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "0332BF16-0F1F-4733-ABCE-A1EA1366A5D9" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-apr-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "D7120696-2440-44EC-B3A4-6FCBB4A60A12" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-aug-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "A3658A42-BCA9-4188-8B36-3C6599BBF83C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-aug-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "D0E55E09-C2C9-43D1-8A1A-6D02F544E34A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-aug-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "693D72EF-1531-4C15-B105-2DEBE02D30F6" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-dec-2020-r1:*:*:*:*:*:*", - "matchCriteriaId": "C26195A5-31BE-4116-8F31-9F25BE57AB52" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-dec-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "4C6114C5-C175-45E7-821E-6BA218F923DE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-dec-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "58BA232B-8D39-473A-91D0-D3AC03FDE8FB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-feb-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "25B42CE0-67DE-4611-8D70-DEEC975E32BA" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-feb-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "AF2EADA0-5976-4711-A7A5-61594F3E2FEB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-feb-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "6B59145B-5506-477C-8F9C-ABB0CE2CF631" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jan-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "AC082E25-1B7D-473D-A066-1463E6321CD5" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jan-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "655BEA94-9A83-4A56-8DDE-79ADC821C707" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jan-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "B894D0C1-E66E-44B0-8FCA-2EE4290C4173" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jul-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "2B088DE9-31F1-4737-8BC8-CC406F208ACB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jul-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "899F6BD2-47AF-4ADA-935D-90AB069E9BA4" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jul-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "60281652-A1DF-4EA4-8CD3-6DCA43F6162F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jun-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "C2592B14-B3B7-4C85-88E8-5E12F6F50ED3" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jun-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "40A783AA-91E7-426B-8A78-4EBE5D69A602" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jun-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "4F46F8F7-0EBA-4D2F-AC53-4BB5956D7B87" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-mar-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "BA51F5D5-D18D-426C-B09F-EE12CE11E9FB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-mar-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "53968A3C-6E71-42B8-8671-6730D8C85603" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-mar-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "FFB0F9B9-C60D-40CC-AC7D-FDB288EB2264" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-may-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "6C946853-D56D-457C-A1CB-AD1A5BD56C41" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-may-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "B35EB1D3-2F29-4A5C-AC9A-6ED72A2E22D2" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-may-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "1DD6CFD3-5341-4069-B4FC-A5E07F13A63F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-nov-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "9BD8E899-427B-47D2-9168-446B0249868F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-nov-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "E923AF0F-34BA-40FE-AA20-B01366263B97" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-oct-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "78B14D1F-C536-4816-A076-B074E41EB0A9" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-oct-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "AF2D00F4-B521-4D8F-84F8-DCE45B6349A1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-sep-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "548BCC15-C6D8-4AE7-B167-4DD74382097B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-sep-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "9C2B6E53-CC07-4590-ADFA-CEF7DB0F4EB7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:-:*:*:*:*:*:*", - "matchCriteriaId": "D757450C-270E-4FB2-A50C-7F769FED558A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-apr-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "EC4A2EBA-038B-44D5-84F3-FF326CD1C62D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-apr-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "40EB3FC1-D79A-40C7-9E2B-573E20780982" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-aug-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "0ABFBBDB-E935-4C54-865A-0E607497DA87" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-aug-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "7B738B6B-78CE-4618-B70D-6BC9ED453105" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-dec-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "3899E3E7-1284-4223-A258-DA691F5D62FE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-dec-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "ECD961EA-6881-4A14-83DE-C6972F6F681C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-feb-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "011CC4F5-6701-41E9-BC7D-CFE6EFF682AC" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-feb-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "13E145E2-CE11-4EE5-9085-B4960FE4F52F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jan-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "A3BBC8B6-1D2B-47C9-93EE-3D3DC43062F1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jan-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "02600CDD-6862-4146-88E8-A2E73B7ED534" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jul-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "35F40D59-034B-44FB-8DCD-D469B50DE7E1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jul-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "CC84021B-9846-40FB-834B-7C5BECEFFEAC" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jun-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "BC3F8572-578B-4D19-9453-1D03DA55EF70" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jun-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "EEABF42E-578E-4689-B80D-B305467AA72D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-mar-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "9137C66C-4966-4C90-ABE9-7E22F7E29BA7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-mar-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "E261C9D8-1E74-44B8-9F11-F5769CF8B7FD" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-may-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "18CD523B-530E-4187-8BFF-729CDAC69282" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-may-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "4C28D3CD-DD34-4334-B03F-794B31A4BF48" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-nov-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "5A81C86D-F1FE-4166-8F37-D7170E6B30FE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-nov-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "A3D80783-523A-455E-B1AD-0961086F79E6" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-oct-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "89BE2958-0BEE-4CFD-A0BA-494DE62E7F32" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-sep-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "B0329C50-B904-480D-8EBB-F2757049FC81" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:-:*:*:*:*:*:*", - "matchCriteriaId": "A123EDB1-3048-44B0-8D4D-39A2B24B5F6B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-apr-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "70825981-F895-4BFD-9B6E-92BFF0D67023" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-aug-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "88DC0A82-CAF3-4E88-8A4D-8AF79D0C226D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-dec-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "299284DA-85AB-4162-B858-E67E5C6C14F7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-feb-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "D98F307E-3B01-4C17-86E5-1C6299919417" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-jan-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "7D7DA96D-9C25-4DDA-A6BF-D998AC346B89" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-jul-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "34114DDC-DCDA-4306-8D23-2E628873171F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-jun-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "85E4E8C1-749F-4A1C-8333-6BAFBF8B64D1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-mar-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "5F73D594-178F-4FC8-9F40-0E545E2647B0" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-may-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "3F3EF3F1-4E54-46E3-A308-69656A29FBD2" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-nov-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "D2B24866-2B3A-4A1A-8B75-EF7A7541797A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-oct-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "EBB29F18-A929-432B-B20C-365401E6CA12" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/security.samsungmobile.com\/securityUpdate.smsb?year=2023&month=09", - "source": "mobile.security@samsung.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-30714", - "sourceIdentifier": "mobile.security@samsung.com", - "published": "2023-09-06T04:15:13.740", - "lastModified": "2023-11-07T04:14:00.133", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Improper authorization vulnerability in FolderContainerDragDelegate in One UI Home prior to SMR Sep-2023 Release 1 allows physical attackers to change some settings of the folder lock." - }, - { - "lang": "es", - "value": "Vulnerabilidad de autorización incorrecta en FolderContainerDragDelegate en One UI Home anterior a SMR Sep-2023 Release 1 permite a atacantes físicos cambiar algunas configuraciones del bloqueo de carpetas." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:P\/AC:L\/PR:N\/UI:N\/S:U\/C:N\/I:H\/A:N", - "attackVector": "PHYSICAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "HIGH", - "availabilityImpact": "NONE", - "baseScore": 4.6, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 0.9, - "impactScore": 3.6 - }, - { - "source": "mobile.security@samsung.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:P\/AC:L\/PR:N\/UI:N\/S:U\/C:N\/I:H\/A:N", - "attackVector": "PHYSICAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "HIGH", - "availabilityImpact": "NONE", - "baseScore": 4.6, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 0.9, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "NVD-CWE-Other" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:-:*:*:*:*:*:*", - "matchCriteriaId": "DA3806E2-A780-4BB5-B4DC-D015D841E4C7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-apr-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "8D2D0083-0A85-47F7-A42D-2040A3BEC132" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-apr-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "0332BF16-0F1F-4733-ABCE-A1EA1366A5D9" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-apr-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "D7120696-2440-44EC-B3A4-6FCBB4A60A12" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-aug-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "A3658A42-BCA9-4188-8B36-3C6599BBF83C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-aug-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "D0E55E09-C2C9-43D1-8A1A-6D02F544E34A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-aug-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "693D72EF-1531-4C15-B105-2DEBE02D30F6" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-dec-2020-r1:*:*:*:*:*:*", - "matchCriteriaId": "C26195A5-31BE-4116-8F31-9F25BE57AB52" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-dec-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "4C6114C5-C175-45E7-821E-6BA218F923DE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-dec-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "58BA232B-8D39-473A-91D0-D3AC03FDE8FB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-feb-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "25B42CE0-67DE-4611-8D70-DEEC975E32BA" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-feb-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "AF2EADA0-5976-4711-A7A5-61594F3E2FEB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-feb-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "6B59145B-5506-477C-8F9C-ABB0CE2CF631" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jan-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "AC082E25-1B7D-473D-A066-1463E6321CD5" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jan-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "655BEA94-9A83-4A56-8DDE-79ADC821C707" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jan-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "B894D0C1-E66E-44B0-8FCA-2EE4290C4173" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jul-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "2B088DE9-31F1-4737-8BC8-CC406F208ACB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jul-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "899F6BD2-47AF-4ADA-935D-90AB069E9BA4" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jul-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "60281652-A1DF-4EA4-8CD3-6DCA43F6162F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jun-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "C2592B14-B3B7-4C85-88E8-5E12F6F50ED3" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jun-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "40A783AA-91E7-426B-8A78-4EBE5D69A602" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jun-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "4F46F8F7-0EBA-4D2F-AC53-4BB5956D7B87" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-mar-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "BA51F5D5-D18D-426C-B09F-EE12CE11E9FB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-mar-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "53968A3C-6E71-42B8-8671-6730D8C85603" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-mar-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "FFB0F9B9-C60D-40CC-AC7D-FDB288EB2264" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-may-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "6C946853-D56D-457C-A1CB-AD1A5BD56C41" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-may-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "B35EB1D3-2F29-4A5C-AC9A-6ED72A2E22D2" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-may-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "1DD6CFD3-5341-4069-B4FC-A5E07F13A63F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-nov-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "9BD8E899-427B-47D2-9168-446B0249868F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-nov-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "E923AF0F-34BA-40FE-AA20-B01366263B97" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-oct-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "78B14D1F-C536-4816-A076-B074E41EB0A9" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-oct-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "AF2D00F4-B521-4D8F-84F8-DCE45B6349A1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-sep-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "548BCC15-C6D8-4AE7-B167-4DD74382097B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-sep-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "9C2B6E53-CC07-4590-ADFA-CEF7DB0F4EB7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:-:*:*:*:*:*:*", - "matchCriteriaId": "D757450C-270E-4FB2-A50C-7F769FED558A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-apr-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "EC4A2EBA-038B-44D5-84F3-FF326CD1C62D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-apr-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "40EB3FC1-D79A-40C7-9E2B-573E20780982" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-aug-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "0ABFBBDB-E935-4C54-865A-0E607497DA87" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-aug-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "7B738B6B-78CE-4618-B70D-6BC9ED453105" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-dec-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "3899E3E7-1284-4223-A258-DA691F5D62FE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-dec-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "ECD961EA-6881-4A14-83DE-C6972F6F681C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-feb-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "011CC4F5-6701-41E9-BC7D-CFE6EFF682AC" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-feb-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "13E145E2-CE11-4EE5-9085-B4960FE4F52F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jan-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "A3BBC8B6-1D2B-47C9-93EE-3D3DC43062F1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jan-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "02600CDD-6862-4146-88E8-A2E73B7ED534" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jul-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "35F40D59-034B-44FB-8DCD-D469B50DE7E1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jul-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "CC84021B-9846-40FB-834B-7C5BECEFFEAC" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jun-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "BC3F8572-578B-4D19-9453-1D03DA55EF70" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jun-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "EEABF42E-578E-4689-B80D-B305467AA72D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-mar-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "9137C66C-4966-4C90-ABE9-7E22F7E29BA7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-mar-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "E261C9D8-1E74-44B8-9F11-F5769CF8B7FD" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-may-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "18CD523B-530E-4187-8BFF-729CDAC69282" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-may-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "4C28D3CD-DD34-4334-B03F-794B31A4BF48" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-nov-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "5A81C86D-F1FE-4166-8F37-D7170E6B30FE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-nov-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "A3D80783-523A-455E-B1AD-0961086F79E6" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-oct-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "89BE2958-0BEE-4CFD-A0BA-494DE62E7F32" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-sep-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "B0329C50-B904-480D-8EBB-F2757049FC81" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:-:*:*:*:*:*:*", - "matchCriteriaId": "A123EDB1-3048-44B0-8D4D-39A2B24B5F6B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-apr-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "70825981-F895-4BFD-9B6E-92BFF0D67023" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-aug-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "88DC0A82-CAF3-4E88-8A4D-8AF79D0C226D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-dec-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "299284DA-85AB-4162-B858-E67E5C6C14F7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-feb-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "D98F307E-3B01-4C17-86E5-1C6299919417" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-jan-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "7D7DA96D-9C25-4DDA-A6BF-D998AC346B89" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-jul-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "34114DDC-DCDA-4306-8D23-2E628873171F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-jun-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "85E4E8C1-749F-4A1C-8333-6BAFBF8B64D1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-mar-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "5F73D594-178F-4FC8-9F40-0E545E2647B0" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-may-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "3F3EF3F1-4E54-46E3-A308-69656A29FBD2" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-nov-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "D2B24866-2B3A-4A1A-8B75-EF7A7541797A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-oct-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "EBB29F18-A929-432B-B20C-365401E6CA12" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/security.samsungmobile.com\/securityUpdate.smsb?year=2023&month=09", - "source": "mobile.security@samsung.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-30715", - "sourceIdentifier": "mobile.security@samsung.com", - "published": "2023-09-06T04:15:14.080", - "lastModified": "2023-11-07T04:14:00.307", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Improper access control vulnerability in Weather prior to SMR Sep-2023 Release 1 allows attackers to access location information set in Weather without permission." - }, - { - "lang": "es", - "value": "Una vulnerabilidad de control de acceso inadecuado en Weather anterior a SMR Sep-2023 Release 1 permite a los atacantes acceder a la información de ubicación establecida en Weather sin permiso. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:L\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 3.3, - "baseSeverity": "LOW" - }, - "exploitabilityScore": 1.8, - "impactScore": 1.4 - }, - { - "source": "mobile.security@samsung.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:N\/S:U\/C:L\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 4.0, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.5, - "impactScore": 1.4 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "NVD-CWE-noinfo" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:-:*:*:*:*:*:*", - "matchCriteriaId": "DA3806E2-A780-4BB5-B4DC-D015D841E4C7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-apr-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "8D2D0083-0A85-47F7-A42D-2040A3BEC132" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-apr-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "0332BF16-0F1F-4733-ABCE-A1EA1366A5D9" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-apr-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "D7120696-2440-44EC-B3A4-6FCBB4A60A12" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-aug-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "A3658A42-BCA9-4188-8B36-3C6599BBF83C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-aug-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "D0E55E09-C2C9-43D1-8A1A-6D02F544E34A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-aug-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "693D72EF-1531-4C15-B105-2DEBE02D30F6" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-dec-2020-r1:*:*:*:*:*:*", - "matchCriteriaId": "C26195A5-31BE-4116-8F31-9F25BE57AB52" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-dec-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "4C6114C5-C175-45E7-821E-6BA218F923DE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-dec-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "58BA232B-8D39-473A-91D0-D3AC03FDE8FB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-feb-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "25B42CE0-67DE-4611-8D70-DEEC975E32BA" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-feb-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "AF2EADA0-5976-4711-A7A5-61594F3E2FEB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-feb-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "6B59145B-5506-477C-8F9C-ABB0CE2CF631" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jan-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "AC082E25-1B7D-473D-A066-1463E6321CD5" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jan-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "655BEA94-9A83-4A56-8DDE-79ADC821C707" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jan-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "B894D0C1-E66E-44B0-8FCA-2EE4290C4173" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jul-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "2B088DE9-31F1-4737-8BC8-CC406F208ACB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jul-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "899F6BD2-47AF-4ADA-935D-90AB069E9BA4" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jul-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "60281652-A1DF-4EA4-8CD3-6DCA43F6162F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jun-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "C2592B14-B3B7-4C85-88E8-5E12F6F50ED3" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jun-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "40A783AA-91E7-426B-8A78-4EBE5D69A602" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jun-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "4F46F8F7-0EBA-4D2F-AC53-4BB5956D7B87" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-mar-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "BA51F5D5-D18D-426C-B09F-EE12CE11E9FB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-mar-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "53968A3C-6E71-42B8-8671-6730D8C85603" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-mar-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "FFB0F9B9-C60D-40CC-AC7D-FDB288EB2264" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-may-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "6C946853-D56D-457C-A1CB-AD1A5BD56C41" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-may-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "B35EB1D3-2F29-4A5C-AC9A-6ED72A2E22D2" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-may-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "1DD6CFD3-5341-4069-B4FC-A5E07F13A63F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-nov-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "9BD8E899-427B-47D2-9168-446B0249868F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-nov-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "E923AF0F-34BA-40FE-AA20-B01366263B97" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-oct-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "78B14D1F-C536-4816-A076-B074E41EB0A9" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-oct-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "AF2D00F4-B521-4D8F-84F8-DCE45B6349A1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-sep-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "548BCC15-C6D8-4AE7-B167-4DD74382097B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-sep-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "9C2B6E53-CC07-4590-ADFA-CEF7DB0F4EB7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:-:*:*:*:*:*:*", - "matchCriteriaId": "D757450C-270E-4FB2-A50C-7F769FED558A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-apr-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "EC4A2EBA-038B-44D5-84F3-FF326CD1C62D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-apr-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "40EB3FC1-D79A-40C7-9E2B-573E20780982" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-aug-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "0ABFBBDB-E935-4C54-865A-0E607497DA87" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-aug-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "7B738B6B-78CE-4618-B70D-6BC9ED453105" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-dec-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "3899E3E7-1284-4223-A258-DA691F5D62FE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-dec-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "ECD961EA-6881-4A14-83DE-C6972F6F681C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-feb-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "011CC4F5-6701-41E9-BC7D-CFE6EFF682AC" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-feb-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "13E145E2-CE11-4EE5-9085-B4960FE4F52F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jan-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "A3BBC8B6-1D2B-47C9-93EE-3D3DC43062F1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jan-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "02600CDD-6862-4146-88E8-A2E73B7ED534" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jul-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "35F40D59-034B-44FB-8DCD-D469B50DE7E1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jul-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "CC84021B-9846-40FB-834B-7C5BECEFFEAC" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jun-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "BC3F8572-578B-4D19-9453-1D03DA55EF70" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jun-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "EEABF42E-578E-4689-B80D-B305467AA72D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-mar-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "9137C66C-4966-4C90-ABE9-7E22F7E29BA7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-mar-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "E261C9D8-1E74-44B8-9F11-F5769CF8B7FD" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-may-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "18CD523B-530E-4187-8BFF-729CDAC69282" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-may-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "4C28D3CD-DD34-4334-B03F-794B31A4BF48" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-nov-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "5A81C86D-F1FE-4166-8F37-D7170E6B30FE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-nov-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "A3D80783-523A-455E-B1AD-0961086F79E6" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-oct-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "89BE2958-0BEE-4CFD-A0BA-494DE62E7F32" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-sep-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "B0329C50-B904-480D-8EBB-F2757049FC81" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:-:*:*:*:*:*:*", - "matchCriteriaId": "A123EDB1-3048-44B0-8D4D-39A2B24B5F6B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-apr-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "70825981-F895-4BFD-9B6E-92BFF0D67023" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-aug-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "88DC0A82-CAF3-4E88-8A4D-8AF79D0C226D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-dec-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "299284DA-85AB-4162-B858-E67E5C6C14F7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-feb-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "D98F307E-3B01-4C17-86E5-1C6299919417" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-jan-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "7D7DA96D-9C25-4DDA-A6BF-D998AC346B89" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-jul-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "34114DDC-DCDA-4306-8D23-2E628873171F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-jun-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "85E4E8C1-749F-4A1C-8333-6BAFBF8B64D1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-mar-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "5F73D594-178F-4FC8-9F40-0E545E2647B0" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-may-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "3F3EF3F1-4E54-46E3-A308-69656A29FBD2" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-nov-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "D2B24866-2B3A-4A1A-8B75-EF7A7541797A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-oct-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "EBB29F18-A929-432B-B20C-365401E6CA12" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/security.samsungmobile.com\/securityUpdate.smsb?year=2023&month=09", - "source": "mobile.security@samsung.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-30716", - "sourceIdentifier": "mobile.security@samsung.com", - "published": "2023-09-06T04:15:14.283", - "lastModified": "2023-11-07T04:14:00.470", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Improper access control vulnerability in SVCAgent prior to SMR Sep-2023 Release 1 allows attackers to trigger certain commands." - }, - { - "lang": "es", - "value": "Una vulnerabilidad de control de acceso inadecuado en SVCAgent anterior a SMR Sep-2023 Release 1 permite a los atacantes activar ciertos comandos." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:N\/I:H\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "HIGH", - "availabilityImpact": "NONE", - "baseScore": 5.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.8, - "impactScore": 3.6 - }, - { - "source": "mobile.security@samsung.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:N\/S:U\/C:L\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 4.0, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.5, - "impactScore": 1.4 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "NVD-CWE-noinfo" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:-:*:*:*:*:*:*", - "matchCriteriaId": "DA3806E2-A780-4BB5-B4DC-D015D841E4C7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-apr-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "8D2D0083-0A85-47F7-A42D-2040A3BEC132" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-apr-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "0332BF16-0F1F-4733-ABCE-A1EA1366A5D9" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-apr-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "D7120696-2440-44EC-B3A4-6FCBB4A60A12" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-aug-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "A3658A42-BCA9-4188-8B36-3C6599BBF83C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-aug-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "D0E55E09-C2C9-43D1-8A1A-6D02F544E34A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-aug-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "693D72EF-1531-4C15-B105-2DEBE02D30F6" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-dec-2020-r1:*:*:*:*:*:*", - "matchCriteriaId": "C26195A5-31BE-4116-8F31-9F25BE57AB52" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-dec-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "4C6114C5-C175-45E7-821E-6BA218F923DE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-dec-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "58BA232B-8D39-473A-91D0-D3AC03FDE8FB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-feb-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "25B42CE0-67DE-4611-8D70-DEEC975E32BA" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-feb-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "AF2EADA0-5976-4711-A7A5-61594F3E2FEB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-feb-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "6B59145B-5506-477C-8F9C-ABB0CE2CF631" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jan-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "AC082E25-1B7D-473D-A066-1463E6321CD5" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jan-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "655BEA94-9A83-4A56-8DDE-79ADC821C707" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jan-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "B894D0C1-E66E-44B0-8FCA-2EE4290C4173" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jul-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "2B088DE9-31F1-4737-8BC8-CC406F208ACB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jul-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "899F6BD2-47AF-4ADA-935D-90AB069E9BA4" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jul-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "60281652-A1DF-4EA4-8CD3-6DCA43F6162F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jun-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "C2592B14-B3B7-4C85-88E8-5E12F6F50ED3" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jun-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "40A783AA-91E7-426B-8A78-4EBE5D69A602" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jun-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "4F46F8F7-0EBA-4D2F-AC53-4BB5956D7B87" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-mar-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "BA51F5D5-D18D-426C-B09F-EE12CE11E9FB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-mar-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "53968A3C-6E71-42B8-8671-6730D8C85603" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-mar-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "FFB0F9B9-C60D-40CC-AC7D-FDB288EB2264" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-may-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "6C946853-D56D-457C-A1CB-AD1A5BD56C41" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-may-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "B35EB1D3-2F29-4A5C-AC9A-6ED72A2E22D2" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-may-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "1DD6CFD3-5341-4069-B4FC-A5E07F13A63F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-nov-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "9BD8E899-427B-47D2-9168-446B0249868F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-nov-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "E923AF0F-34BA-40FE-AA20-B01366263B97" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-oct-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "78B14D1F-C536-4816-A076-B074E41EB0A9" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-oct-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "AF2D00F4-B521-4D8F-84F8-DCE45B6349A1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-sep-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "548BCC15-C6D8-4AE7-B167-4DD74382097B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-sep-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "9C2B6E53-CC07-4590-ADFA-CEF7DB0F4EB7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:-:*:*:*:*:*:*", - "matchCriteriaId": "D757450C-270E-4FB2-A50C-7F769FED558A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-apr-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "EC4A2EBA-038B-44D5-84F3-FF326CD1C62D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-apr-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "40EB3FC1-D79A-40C7-9E2B-573E20780982" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-aug-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "0ABFBBDB-E935-4C54-865A-0E607497DA87" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-aug-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "7B738B6B-78CE-4618-B70D-6BC9ED453105" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-dec-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "3899E3E7-1284-4223-A258-DA691F5D62FE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-dec-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "ECD961EA-6881-4A14-83DE-C6972F6F681C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-feb-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "011CC4F5-6701-41E9-BC7D-CFE6EFF682AC" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-feb-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "13E145E2-CE11-4EE5-9085-B4960FE4F52F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jan-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "A3BBC8B6-1D2B-47C9-93EE-3D3DC43062F1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jan-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "02600CDD-6862-4146-88E8-A2E73B7ED534" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jul-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "35F40D59-034B-44FB-8DCD-D469B50DE7E1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jul-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "CC84021B-9846-40FB-834B-7C5BECEFFEAC" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jun-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "BC3F8572-578B-4D19-9453-1D03DA55EF70" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jun-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "EEABF42E-578E-4689-B80D-B305467AA72D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-mar-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "9137C66C-4966-4C90-ABE9-7E22F7E29BA7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-mar-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "E261C9D8-1E74-44B8-9F11-F5769CF8B7FD" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-may-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "18CD523B-530E-4187-8BFF-729CDAC69282" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-may-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "4C28D3CD-DD34-4334-B03F-794B31A4BF48" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-nov-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "5A81C86D-F1FE-4166-8F37-D7170E6B30FE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-nov-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "A3D80783-523A-455E-B1AD-0961086F79E6" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-oct-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "89BE2958-0BEE-4CFD-A0BA-494DE62E7F32" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-sep-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "B0329C50-B904-480D-8EBB-F2757049FC81" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:-:*:*:*:*:*:*", - "matchCriteriaId": "A123EDB1-3048-44B0-8D4D-39A2B24B5F6B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-apr-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "70825981-F895-4BFD-9B6E-92BFF0D67023" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-aug-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "88DC0A82-CAF3-4E88-8A4D-8AF79D0C226D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-dec-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "299284DA-85AB-4162-B858-E67E5C6C14F7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-feb-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "D98F307E-3B01-4C17-86E5-1C6299919417" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-jan-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "7D7DA96D-9C25-4DDA-A6BF-D998AC346B89" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-jul-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "34114DDC-DCDA-4306-8D23-2E628873171F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-jun-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "85E4E8C1-749F-4A1C-8333-6BAFBF8B64D1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-mar-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "5F73D594-178F-4FC8-9F40-0E545E2647B0" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-may-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "3F3EF3F1-4E54-46E3-A308-69656A29FBD2" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-nov-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "D2B24866-2B3A-4A1A-8B75-EF7A7541797A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-oct-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "EBB29F18-A929-432B-B20C-365401E6CA12" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/security.samsungmobile.com\/securityUpdate.smsb?year=2023&month=09", - "source": "mobile.security@samsung.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-30717", - "sourceIdentifier": "mobile.security@samsung.com", - "published": "2023-09-06T04:15:14.467", - "lastModified": "2023-11-07T04:14:00.653", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Sensitive information exposure vulnerability in SVCAgent prior to SMR Sep-2023 Release 1 allows attackers to get unresettable identifiers." - }, - { - "lang": "es", - "value": "Una vulnerabilidad de exposición de información sensible en SVCAgent anterior a SMR Sep-2023 Release 1 permite a los atacantes obtener identificadores no reseteables. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:L\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 3.3, - "baseSeverity": "LOW" - }, - "exploitabilityScore": 1.8, - "impactScore": 1.4 - }, - { - "source": "mobile.security@samsung.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:N\/S:U\/C:L\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 4.0, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.5, - "impactScore": 1.4 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "NVD-CWE-noinfo" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:-:*:*:*:*:*:*", - "matchCriteriaId": "DA3806E2-A780-4BB5-B4DC-D015D841E4C7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-apr-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "8D2D0083-0A85-47F7-A42D-2040A3BEC132" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-apr-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "0332BF16-0F1F-4733-ABCE-A1EA1366A5D9" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-apr-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "D7120696-2440-44EC-B3A4-6FCBB4A60A12" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-aug-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "A3658A42-BCA9-4188-8B36-3C6599BBF83C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-aug-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "D0E55E09-C2C9-43D1-8A1A-6D02F544E34A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-aug-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "693D72EF-1531-4C15-B105-2DEBE02D30F6" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-dec-2020-r1:*:*:*:*:*:*", - "matchCriteriaId": "C26195A5-31BE-4116-8F31-9F25BE57AB52" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-dec-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "4C6114C5-C175-45E7-821E-6BA218F923DE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-dec-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "58BA232B-8D39-473A-91D0-D3AC03FDE8FB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-feb-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "25B42CE0-67DE-4611-8D70-DEEC975E32BA" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-feb-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "AF2EADA0-5976-4711-A7A5-61594F3E2FEB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-feb-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "6B59145B-5506-477C-8F9C-ABB0CE2CF631" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jan-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "AC082E25-1B7D-473D-A066-1463E6321CD5" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jan-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "655BEA94-9A83-4A56-8DDE-79ADC821C707" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jan-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "B894D0C1-E66E-44B0-8FCA-2EE4290C4173" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jul-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "2B088DE9-31F1-4737-8BC8-CC406F208ACB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jul-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "899F6BD2-47AF-4ADA-935D-90AB069E9BA4" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jul-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "60281652-A1DF-4EA4-8CD3-6DCA43F6162F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jun-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "C2592B14-B3B7-4C85-88E8-5E12F6F50ED3" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jun-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "40A783AA-91E7-426B-8A78-4EBE5D69A602" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jun-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "4F46F8F7-0EBA-4D2F-AC53-4BB5956D7B87" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-mar-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "BA51F5D5-D18D-426C-B09F-EE12CE11E9FB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-mar-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "53968A3C-6E71-42B8-8671-6730D8C85603" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-mar-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "FFB0F9B9-C60D-40CC-AC7D-FDB288EB2264" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-may-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "6C946853-D56D-457C-A1CB-AD1A5BD56C41" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-may-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "B35EB1D3-2F29-4A5C-AC9A-6ED72A2E22D2" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-may-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "1DD6CFD3-5341-4069-B4FC-A5E07F13A63F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-nov-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "9BD8E899-427B-47D2-9168-446B0249868F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-nov-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "E923AF0F-34BA-40FE-AA20-B01366263B97" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-oct-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "78B14D1F-C536-4816-A076-B074E41EB0A9" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-oct-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "AF2D00F4-B521-4D8F-84F8-DCE45B6349A1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-sep-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "548BCC15-C6D8-4AE7-B167-4DD74382097B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-sep-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "9C2B6E53-CC07-4590-ADFA-CEF7DB0F4EB7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:-:*:*:*:*:*:*", - "matchCriteriaId": "D757450C-270E-4FB2-A50C-7F769FED558A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-apr-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "EC4A2EBA-038B-44D5-84F3-FF326CD1C62D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-apr-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "40EB3FC1-D79A-40C7-9E2B-573E20780982" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-aug-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "0ABFBBDB-E935-4C54-865A-0E607497DA87" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-aug-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "7B738B6B-78CE-4618-B70D-6BC9ED453105" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-dec-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "3899E3E7-1284-4223-A258-DA691F5D62FE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-dec-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "ECD961EA-6881-4A14-83DE-C6972F6F681C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-feb-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "011CC4F5-6701-41E9-BC7D-CFE6EFF682AC" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-feb-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "13E145E2-CE11-4EE5-9085-B4960FE4F52F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jan-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "A3BBC8B6-1D2B-47C9-93EE-3D3DC43062F1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jan-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "02600CDD-6862-4146-88E8-A2E73B7ED534" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jul-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "35F40D59-034B-44FB-8DCD-D469B50DE7E1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jul-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "CC84021B-9846-40FB-834B-7C5BECEFFEAC" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jun-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "BC3F8572-578B-4D19-9453-1D03DA55EF70" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jun-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "EEABF42E-578E-4689-B80D-B305467AA72D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-mar-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "9137C66C-4966-4C90-ABE9-7E22F7E29BA7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-mar-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "E261C9D8-1E74-44B8-9F11-F5769CF8B7FD" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-may-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "18CD523B-530E-4187-8BFF-729CDAC69282" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-may-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "4C28D3CD-DD34-4334-B03F-794B31A4BF48" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-nov-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "5A81C86D-F1FE-4166-8F37-D7170E6B30FE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-nov-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "A3D80783-523A-455E-B1AD-0961086F79E6" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-oct-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "89BE2958-0BEE-4CFD-A0BA-494DE62E7F32" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-sep-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "B0329C50-B904-480D-8EBB-F2757049FC81" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:-:*:*:*:*:*:*", - "matchCriteriaId": "A123EDB1-3048-44B0-8D4D-39A2B24B5F6B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-apr-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "70825981-F895-4BFD-9B6E-92BFF0D67023" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-aug-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "88DC0A82-CAF3-4E88-8A4D-8AF79D0C226D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-dec-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "299284DA-85AB-4162-B858-E67E5C6C14F7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-feb-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "D98F307E-3B01-4C17-86E5-1C6299919417" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-jan-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "7D7DA96D-9C25-4DDA-A6BF-D998AC346B89" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-jul-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "34114DDC-DCDA-4306-8D23-2E628873171F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-jun-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "85E4E8C1-749F-4A1C-8333-6BAFBF8B64D1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-mar-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "5F73D594-178F-4FC8-9F40-0E545E2647B0" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-may-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "3F3EF3F1-4E54-46E3-A308-69656A29FBD2" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-nov-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "D2B24866-2B3A-4A1A-8B75-EF7A7541797A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-oct-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "EBB29F18-A929-432B-B20C-365401E6CA12" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/security.samsungmobile.com\/securityUpdate.smsb?year=2023&month=09", - "source": "mobile.security@samsung.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-30718", - "sourceIdentifier": "mobile.security@samsung.com", - "published": "2023-09-06T04:15:14.640", - "lastModified": "2023-11-07T04:14:00.840", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Improper export of android application components vulnerability in WifiApAutoHotspotEnablingActivity prior to SMR Sep-2023 Release 1 allows local attacker to change a Auto Hotspot setting." - }, - { - "lang": "es", - "value": "La exportación incorrecta de la vulnerabilidad de componentes de aplicaciones de Android en WifiApAutoHotspotEnablingActivity anterior a SMR Sep-2023 Release 1 permite al atacante local cambiar una configuración de Auto Hotspot.\n" - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:N\/I:L\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 3.3, - "baseSeverity": "LOW" - }, - "exploitabilityScore": 1.8, - "impactScore": 1.4 - }, - { - "source": "mobile.security@samsung.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:N\/S:U\/C:N\/I:L\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 4.0, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.5, - "impactScore": 1.4 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "NVD-CWE-Other" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:-:*:*:*:*:*:*", - "matchCriteriaId": "DA3806E2-A780-4BB5-B4DC-D015D841E4C7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-apr-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "8D2D0083-0A85-47F7-A42D-2040A3BEC132" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-apr-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "0332BF16-0F1F-4733-ABCE-A1EA1366A5D9" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-apr-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "D7120696-2440-44EC-B3A4-6FCBB4A60A12" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-aug-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "A3658A42-BCA9-4188-8B36-3C6599BBF83C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-aug-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "D0E55E09-C2C9-43D1-8A1A-6D02F544E34A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-aug-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "693D72EF-1531-4C15-B105-2DEBE02D30F6" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-dec-2020-r1:*:*:*:*:*:*", - "matchCriteriaId": "C26195A5-31BE-4116-8F31-9F25BE57AB52" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-dec-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "4C6114C5-C175-45E7-821E-6BA218F923DE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-dec-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "58BA232B-8D39-473A-91D0-D3AC03FDE8FB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-feb-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "25B42CE0-67DE-4611-8D70-DEEC975E32BA" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-feb-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "AF2EADA0-5976-4711-A7A5-61594F3E2FEB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-feb-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "6B59145B-5506-477C-8F9C-ABB0CE2CF631" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jan-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "AC082E25-1B7D-473D-A066-1463E6321CD5" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jan-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "655BEA94-9A83-4A56-8DDE-79ADC821C707" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jan-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "B894D0C1-E66E-44B0-8FCA-2EE4290C4173" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jul-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "2B088DE9-31F1-4737-8BC8-CC406F208ACB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jul-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "899F6BD2-47AF-4ADA-935D-90AB069E9BA4" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jul-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "60281652-A1DF-4EA4-8CD3-6DCA43F6162F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jun-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "C2592B14-B3B7-4C85-88E8-5E12F6F50ED3" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jun-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "40A783AA-91E7-426B-8A78-4EBE5D69A602" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jun-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "4F46F8F7-0EBA-4D2F-AC53-4BB5956D7B87" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-mar-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "BA51F5D5-D18D-426C-B09F-EE12CE11E9FB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-mar-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "53968A3C-6E71-42B8-8671-6730D8C85603" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-mar-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "FFB0F9B9-C60D-40CC-AC7D-FDB288EB2264" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-may-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "6C946853-D56D-457C-A1CB-AD1A5BD56C41" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-may-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "B35EB1D3-2F29-4A5C-AC9A-6ED72A2E22D2" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-may-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "1DD6CFD3-5341-4069-B4FC-A5E07F13A63F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-nov-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "9BD8E899-427B-47D2-9168-446B0249868F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-nov-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "E923AF0F-34BA-40FE-AA20-B01366263B97" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-oct-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "78B14D1F-C536-4816-A076-B074E41EB0A9" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-oct-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "AF2D00F4-B521-4D8F-84F8-DCE45B6349A1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-sep-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "548BCC15-C6D8-4AE7-B167-4DD74382097B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-sep-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "9C2B6E53-CC07-4590-ADFA-CEF7DB0F4EB7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:-:*:*:*:*:*:*", - "matchCriteriaId": "D757450C-270E-4FB2-A50C-7F769FED558A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-apr-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "EC4A2EBA-038B-44D5-84F3-FF326CD1C62D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-apr-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "40EB3FC1-D79A-40C7-9E2B-573E20780982" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-aug-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "0ABFBBDB-E935-4C54-865A-0E607497DA87" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-aug-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "7B738B6B-78CE-4618-B70D-6BC9ED453105" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-dec-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "3899E3E7-1284-4223-A258-DA691F5D62FE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-dec-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "ECD961EA-6881-4A14-83DE-C6972F6F681C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-feb-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "011CC4F5-6701-41E9-BC7D-CFE6EFF682AC" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-feb-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "13E145E2-CE11-4EE5-9085-B4960FE4F52F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jan-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "A3BBC8B6-1D2B-47C9-93EE-3D3DC43062F1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jan-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "02600CDD-6862-4146-88E8-A2E73B7ED534" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jul-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "35F40D59-034B-44FB-8DCD-D469B50DE7E1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jul-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "CC84021B-9846-40FB-834B-7C5BECEFFEAC" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jun-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "BC3F8572-578B-4D19-9453-1D03DA55EF70" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jun-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "EEABF42E-578E-4689-B80D-B305467AA72D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-mar-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "9137C66C-4966-4C90-ABE9-7E22F7E29BA7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-mar-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "E261C9D8-1E74-44B8-9F11-F5769CF8B7FD" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-may-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "18CD523B-530E-4187-8BFF-729CDAC69282" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-may-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "4C28D3CD-DD34-4334-B03F-794B31A4BF48" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-nov-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "5A81C86D-F1FE-4166-8F37-D7170E6B30FE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-nov-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "A3D80783-523A-455E-B1AD-0961086F79E6" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-oct-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "89BE2958-0BEE-4CFD-A0BA-494DE62E7F32" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-sep-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "B0329C50-B904-480D-8EBB-F2757049FC81" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:-:*:*:*:*:*:*", - "matchCriteriaId": "A123EDB1-3048-44B0-8D4D-39A2B24B5F6B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-apr-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "70825981-F895-4BFD-9B6E-92BFF0D67023" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-aug-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "88DC0A82-CAF3-4E88-8A4D-8AF79D0C226D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-dec-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "299284DA-85AB-4162-B858-E67E5C6C14F7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-feb-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "D98F307E-3B01-4C17-86E5-1C6299919417" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-jan-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "7D7DA96D-9C25-4DDA-A6BF-D998AC346B89" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-jul-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "34114DDC-DCDA-4306-8D23-2E628873171F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-jun-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "85E4E8C1-749F-4A1C-8333-6BAFBF8B64D1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-mar-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "5F73D594-178F-4FC8-9F40-0E545E2647B0" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-may-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "3F3EF3F1-4E54-46E3-A308-69656A29FBD2" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-nov-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "D2B24866-2B3A-4A1A-8B75-EF7A7541797A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-oct-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "EBB29F18-A929-432B-B20C-365401E6CA12" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/security.samsungmobile.com\/securityUpdate.smsb?year=2023&month=09", - "source": "mobile.security@samsung.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-30719", - "sourceIdentifier": "mobile.security@samsung.com", - "published": "2023-09-06T04:15:14.860", - "lastModified": "2023-11-07T04:14:01.013", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Exposure of Sensitive Information vulnerability in InboundSmsHandler prior to SMR Sep-2023 Release 1 allows local attackers to access certain message data." - }, - { - "lang": "es", - "value": "Una vulnerabilidad de exposición de información sensible en InboundSmsHandler anterior a SMR Sep-2023 Release 1 permite a atacantes locales acceder a ciertos datos de mensajes. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:L\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 3.3, - "baseSeverity": "LOW" - }, - "exploitabilityScore": 1.8, - "impactScore": 1.4 - }, - { - "source": "mobile.security@samsung.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:N\/S:U\/C:L\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 4.0, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.5, - "impactScore": 1.4 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "NVD-CWE-noinfo" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:-:*:*:*:*:*:*", - "matchCriteriaId": "DA3806E2-A780-4BB5-B4DC-D015D841E4C7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-apr-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "8D2D0083-0A85-47F7-A42D-2040A3BEC132" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-apr-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "0332BF16-0F1F-4733-ABCE-A1EA1366A5D9" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-apr-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "D7120696-2440-44EC-B3A4-6FCBB4A60A12" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-aug-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "A3658A42-BCA9-4188-8B36-3C6599BBF83C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-aug-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "D0E55E09-C2C9-43D1-8A1A-6D02F544E34A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-aug-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "693D72EF-1531-4C15-B105-2DEBE02D30F6" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-dec-2020-r1:*:*:*:*:*:*", - "matchCriteriaId": "C26195A5-31BE-4116-8F31-9F25BE57AB52" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-dec-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "4C6114C5-C175-45E7-821E-6BA218F923DE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-dec-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "58BA232B-8D39-473A-91D0-D3AC03FDE8FB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-feb-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "25B42CE0-67DE-4611-8D70-DEEC975E32BA" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-feb-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "AF2EADA0-5976-4711-A7A5-61594F3E2FEB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-feb-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "6B59145B-5506-477C-8F9C-ABB0CE2CF631" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jan-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "AC082E25-1B7D-473D-A066-1463E6321CD5" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jan-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "655BEA94-9A83-4A56-8DDE-79ADC821C707" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jan-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "B894D0C1-E66E-44B0-8FCA-2EE4290C4173" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jul-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "2B088DE9-31F1-4737-8BC8-CC406F208ACB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jul-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "899F6BD2-47AF-4ADA-935D-90AB069E9BA4" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jul-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "60281652-A1DF-4EA4-8CD3-6DCA43F6162F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jun-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "C2592B14-B3B7-4C85-88E8-5E12F6F50ED3" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jun-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "40A783AA-91E7-426B-8A78-4EBE5D69A602" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jun-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "4F46F8F7-0EBA-4D2F-AC53-4BB5956D7B87" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-mar-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "BA51F5D5-D18D-426C-B09F-EE12CE11E9FB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-mar-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "53968A3C-6E71-42B8-8671-6730D8C85603" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-mar-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "FFB0F9B9-C60D-40CC-AC7D-FDB288EB2264" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-may-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "6C946853-D56D-457C-A1CB-AD1A5BD56C41" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-may-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "B35EB1D3-2F29-4A5C-AC9A-6ED72A2E22D2" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-may-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "1DD6CFD3-5341-4069-B4FC-A5E07F13A63F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-nov-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "9BD8E899-427B-47D2-9168-446B0249868F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-nov-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "E923AF0F-34BA-40FE-AA20-B01366263B97" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-oct-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "78B14D1F-C536-4816-A076-B074E41EB0A9" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-oct-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "AF2D00F4-B521-4D8F-84F8-DCE45B6349A1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-sep-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "548BCC15-C6D8-4AE7-B167-4DD74382097B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-sep-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "9C2B6E53-CC07-4590-ADFA-CEF7DB0F4EB7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:-:*:*:*:*:*:*", - "matchCriteriaId": "D757450C-270E-4FB2-A50C-7F769FED558A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-apr-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "EC4A2EBA-038B-44D5-84F3-FF326CD1C62D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-apr-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "40EB3FC1-D79A-40C7-9E2B-573E20780982" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-aug-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "0ABFBBDB-E935-4C54-865A-0E607497DA87" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-aug-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "7B738B6B-78CE-4618-B70D-6BC9ED453105" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-dec-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "3899E3E7-1284-4223-A258-DA691F5D62FE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-dec-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "ECD961EA-6881-4A14-83DE-C6972F6F681C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-feb-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "011CC4F5-6701-41E9-BC7D-CFE6EFF682AC" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-feb-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "13E145E2-CE11-4EE5-9085-B4960FE4F52F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jan-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "A3BBC8B6-1D2B-47C9-93EE-3D3DC43062F1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jan-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "02600CDD-6862-4146-88E8-A2E73B7ED534" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jul-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "35F40D59-034B-44FB-8DCD-D469B50DE7E1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jul-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "CC84021B-9846-40FB-834B-7C5BECEFFEAC" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jun-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "BC3F8572-578B-4D19-9453-1D03DA55EF70" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jun-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "EEABF42E-578E-4689-B80D-B305467AA72D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-mar-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "9137C66C-4966-4C90-ABE9-7E22F7E29BA7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-mar-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "E261C9D8-1E74-44B8-9F11-F5769CF8B7FD" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-may-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "18CD523B-530E-4187-8BFF-729CDAC69282" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-may-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "4C28D3CD-DD34-4334-B03F-794B31A4BF48" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-nov-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "5A81C86D-F1FE-4166-8F37-D7170E6B30FE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-nov-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "A3D80783-523A-455E-B1AD-0961086F79E6" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-oct-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "89BE2958-0BEE-4CFD-A0BA-494DE62E7F32" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-sep-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "B0329C50-B904-480D-8EBB-F2757049FC81" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:-:*:*:*:*:*:*", - "matchCriteriaId": "A123EDB1-3048-44B0-8D4D-39A2B24B5F6B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-apr-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "70825981-F895-4BFD-9B6E-92BFF0D67023" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-aug-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "88DC0A82-CAF3-4E88-8A4D-8AF79D0C226D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-dec-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "299284DA-85AB-4162-B858-E67E5C6C14F7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-feb-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "D98F307E-3B01-4C17-86E5-1C6299919417" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-jan-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "7D7DA96D-9C25-4DDA-A6BF-D998AC346B89" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-jul-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "34114DDC-DCDA-4306-8D23-2E628873171F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-jun-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "85E4E8C1-749F-4A1C-8333-6BAFBF8B64D1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-mar-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "5F73D594-178F-4FC8-9F40-0E545E2647B0" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-may-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "3F3EF3F1-4E54-46E3-A308-69656A29FBD2" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-nov-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "D2B24866-2B3A-4A1A-8B75-EF7A7541797A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-oct-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "EBB29F18-A929-432B-B20C-365401E6CA12" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/security.samsungmobile.com\/securityUpdate.smsb?year=2023&month=09", - "source": "mobile.security@samsung.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-30720", - "sourceIdentifier": "mobile.security@samsung.com", - "published": "2023-09-06T04:15:15.067", - "lastModified": "2023-11-07T04:14:01.200", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "PendingIntent hijacking in LmsAssemblyTrackerCTC prior to SMR Sep-2023 Release 1 allows local attacker to gain arbitrary file access." - }, - { - "lang": "es", - "value": "Un secuestro de PendingIntent en LmsAssemblyTrackerCTC anterior a SMR Sep-2023 Release 1 permite a un atacante local obtener acceso a archivos arbitrarios." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 5.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.8, - "impactScore": 3.6 - }, - { - "source": "mobile.security@samsung.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:H\/PR:N\/UI:R\/S:U\/C:H\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "HIGH", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 4.7, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.0, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "NVD-CWE-noinfo" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:-:*:*:*:*:*:*", - "matchCriteriaId": "DA3806E2-A780-4BB5-B4DC-D015D841E4C7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-apr-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "8D2D0083-0A85-47F7-A42D-2040A3BEC132" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-apr-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "0332BF16-0F1F-4733-ABCE-A1EA1366A5D9" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-apr-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "D7120696-2440-44EC-B3A4-6FCBB4A60A12" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-aug-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "A3658A42-BCA9-4188-8B36-3C6599BBF83C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-aug-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "D0E55E09-C2C9-43D1-8A1A-6D02F544E34A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-aug-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "693D72EF-1531-4C15-B105-2DEBE02D30F6" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-dec-2020-r1:*:*:*:*:*:*", - "matchCriteriaId": "C26195A5-31BE-4116-8F31-9F25BE57AB52" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-dec-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "4C6114C5-C175-45E7-821E-6BA218F923DE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-dec-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "58BA232B-8D39-473A-91D0-D3AC03FDE8FB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-feb-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "25B42CE0-67DE-4611-8D70-DEEC975E32BA" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-feb-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "AF2EADA0-5976-4711-A7A5-61594F3E2FEB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-feb-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "6B59145B-5506-477C-8F9C-ABB0CE2CF631" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jan-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "AC082E25-1B7D-473D-A066-1463E6321CD5" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jan-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "655BEA94-9A83-4A56-8DDE-79ADC821C707" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jan-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "B894D0C1-E66E-44B0-8FCA-2EE4290C4173" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jul-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "2B088DE9-31F1-4737-8BC8-CC406F208ACB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jul-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "899F6BD2-47AF-4ADA-935D-90AB069E9BA4" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jul-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "60281652-A1DF-4EA4-8CD3-6DCA43F6162F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jun-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "C2592B14-B3B7-4C85-88E8-5E12F6F50ED3" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jun-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "40A783AA-91E7-426B-8A78-4EBE5D69A602" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jun-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "4F46F8F7-0EBA-4D2F-AC53-4BB5956D7B87" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-mar-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "BA51F5D5-D18D-426C-B09F-EE12CE11E9FB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-mar-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "53968A3C-6E71-42B8-8671-6730D8C85603" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-mar-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "FFB0F9B9-C60D-40CC-AC7D-FDB288EB2264" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-may-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "6C946853-D56D-457C-A1CB-AD1A5BD56C41" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-may-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "B35EB1D3-2F29-4A5C-AC9A-6ED72A2E22D2" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-may-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "1DD6CFD3-5341-4069-B4FC-A5E07F13A63F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-nov-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "9BD8E899-427B-47D2-9168-446B0249868F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-nov-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "E923AF0F-34BA-40FE-AA20-B01366263B97" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-oct-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "78B14D1F-C536-4816-A076-B074E41EB0A9" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-oct-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "AF2D00F4-B521-4D8F-84F8-DCE45B6349A1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-sep-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "548BCC15-C6D8-4AE7-B167-4DD74382097B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-sep-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "9C2B6E53-CC07-4590-ADFA-CEF7DB0F4EB7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:-:*:*:*:*:*:*", - "matchCriteriaId": "D757450C-270E-4FB2-A50C-7F769FED558A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-apr-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "EC4A2EBA-038B-44D5-84F3-FF326CD1C62D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-apr-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "40EB3FC1-D79A-40C7-9E2B-573E20780982" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-aug-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "0ABFBBDB-E935-4C54-865A-0E607497DA87" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-aug-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "7B738B6B-78CE-4618-B70D-6BC9ED453105" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-dec-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "3899E3E7-1284-4223-A258-DA691F5D62FE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-dec-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "ECD961EA-6881-4A14-83DE-C6972F6F681C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-feb-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "011CC4F5-6701-41E9-BC7D-CFE6EFF682AC" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-feb-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "13E145E2-CE11-4EE5-9085-B4960FE4F52F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jan-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "A3BBC8B6-1D2B-47C9-93EE-3D3DC43062F1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jan-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "02600CDD-6862-4146-88E8-A2E73B7ED534" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jul-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "35F40D59-034B-44FB-8DCD-D469B50DE7E1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jul-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "CC84021B-9846-40FB-834B-7C5BECEFFEAC" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jun-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "BC3F8572-578B-4D19-9453-1D03DA55EF70" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jun-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "EEABF42E-578E-4689-B80D-B305467AA72D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-mar-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "9137C66C-4966-4C90-ABE9-7E22F7E29BA7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-mar-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "E261C9D8-1E74-44B8-9F11-F5769CF8B7FD" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-may-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "18CD523B-530E-4187-8BFF-729CDAC69282" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-may-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "4C28D3CD-DD34-4334-B03F-794B31A4BF48" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-nov-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "5A81C86D-F1FE-4166-8F37-D7170E6B30FE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-nov-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "A3D80783-523A-455E-B1AD-0961086F79E6" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-oct-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "89BE2958-0BEE-4CFD-A0BA-494DE62E7F32" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-sep-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "B0329C50-B904-480D-8EBB-F2757049FC81" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:-:*:*:*:*:*:*", - "matchCriteriaId": "A123EDB1-3048-44B0-8D4D-39A2B24B5F6B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-apr-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "70825981-F895-4BFD-9B6E-92BFF0D67023" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-aug-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "88DC0A82-CAF3-4E88-8A4D-8AF79D0C226D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-dec-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "299284DA-85AB-4162-B858-E67E5C6C14F7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-feb-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "D98F307E-3B01-4C17-86E5-1C6299919417" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-jan-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "7D7DA96D-9C25-4DDA-A6BF-D998AC346B89" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-jul-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "34114DDC-DCDA-4306-8D23-2E628873171F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-jun-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "85E4E8C1-749F-4A1C-8333-6BAFBF8B64D1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-mar-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "5F73D594-178F-4FC8-9F40-0E545E2647B0" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-may-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "3F3EF3F1-4E54-46E3-A308-69656A29FBD2" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-nov-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "D2B24866-2B3A-4A1A-8B75-EF7A7541797A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-oct-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "EBB29F18-A929-432B-B20C-365401E6CA12" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/security.samsungmobile.com\/securityUpdate.smsb?year=2023&month=09", - "source": "mobile.security@samsung.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-30721", - "sourceIdentifier": "mobile.security@samsung.com", - "published": "2023-09-06T04:15:15.263", - "lastModified": "2023-11-07T04:14:01.373", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Insertion of sensitive information into log vulnerability in Locksettings prior to SMR Sep-2023 Release 1 allows a privileged local attacker to get lock screen match information from the log." - }, - { - "lang": "es", - "value": "La vulnerabilidad de inserción de información sensible en el registro en Locksettings anterior a SMR Sep-2023 Release 1 permite a un atacante local con privilegios obtener información de coincidencia de pantalla de bloqueo del registro. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:H\/UI:N\/S:U\/C:H\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 4.4, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 0.8, - "impactScore": 3.6 - }, - { - "source": "mobile.security@samsung.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:H\/UI:N\/S:U\/C:H\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 4.4, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 0.8, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-532" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:-:*:*:*:*:*:*", - "matchCriteriaId": "DA3806E2-A780-4BB5-B4DC-D015D841E4C7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-apr-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "8D2D0083-0A85-47F7-A42D-2040A3BEC132" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-apr-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "0332BF16-0F1F-4733-ABCE-A1EA1366A5D9" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-apr-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "D7120696-2440-44EC-B3A4-6FCBB4A60A12" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-aug-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "A3658A42-BCA9-4188-8B36-3C6599BBF83C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-aug-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "D0E55E09-C2C9-43D1-8A1A-6D02F544E34A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-aug-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "693D72EF-1531-4C15-B105-2DEBE02D30F6" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-dec-2020-r1:*:*:*:*:*:*", - "matchCriteriaId": "C26195A5-31BE-4116-8F31-9F25BE57AB52" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-dec-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "4C6114C5-C175-45E7-821E-6BA218F923DE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-dec-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "58BA232B-8D39-473A-91D0-D3AC03FDE8FB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-feb-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "25B42CE0-67DE-4611-8D70-DEEC975E32BA" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-feb-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "AF2EADA0-5976-4711-A7A5-61594F3E2FEB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-feb-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "6B59145B-5506-477C-8F9C-ABB0CE2CF631" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jan-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "AC082E25-1B7D-473D-A066-1463E6321CD5" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jan-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "655BEA94-9A83-4A56-8DDE-79ADC821C707" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jan-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "B894D0C1-E66E-44B0-8FCA-2EE4290C4173" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jul-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "2B088DE9-31F1-4737-8BC8-CC406F208ACB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jul-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "899F6BD2-47AF-4ADA-935D-90AB069E9BA4" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jul-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "60281652-A1DF-4EA4-8CD3-6DCA43F6162F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jun-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "C2592B14-B3B7-4C85-88E8-5E12F6F50ED3" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jun-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "40A783AA-91E7-426B-8A78-4EBE5D69A602" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jun-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "4F46F8F7-0EBA-4D2F-AC53-4BB5956D7B87" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-mar-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "BA51F5D5-D18D-426C-B09F-EE12CE11E9FB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-mar-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "53968A3C-6E71-42B8-8671-6730D8C85603" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-mar-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "FFB0F9B9-C60D-40CC-AC7D-FDB288EB2264" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-may-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "6C946853-D56D-457C-A1CB-AD1A5BD56C41" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-may-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "B35EB1D3-2F29-4A5C-AC9A-6ED72A2E22D2" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-may-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "1DD6CFD3-5341-4069-B4FC-A5E07F13A63F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-nov-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "9BD8E899-427B-47D2-9168-446B0249868F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-nov-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "E923AF0F-34BA-40FE-AA20-B01366263B97" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-oct-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "78B14D1F-C536-4816-A076-B074E41EB0A9" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-oct-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "AF2D00F4-B521-4D8F-84F8-DCE45B6349A1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-sep-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "548BCC15-C6D8-4AE7-B167-4DD74382097B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:11.0:smr-sep-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "9C2B6E53-CC07-4590-ADFA-CEF7DB0F4EB7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:-:*:*:*:*:*:*", - "matchCriteriaId": "D757450C-270E-4FB2-A50C-7F769FED558A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-apr-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "EC4A2EBA-038B-44D5-84F3-FF326CD1C62D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-apr-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "40EB3FC1-D79A-40C7-9E2B-573E20780982" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-aug-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "0ABFBBDB-E935-4C54-865A-0E607497DA87" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-aug-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "7B738B6B-78CE-4618-B70D-6BC9ED453105" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-dec-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "3899E3E7-1284-4223-A258-DA691F5D62FE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-dec-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "ECD961EA-6881-4A14-83DE-C6972F6F681C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-feb-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "011CC4F5-6701-41E9-BC7D-CFE6EFF682AC" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-feb-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "13E145E2-CE11-4EE5-9085-B4960FE4F52F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jan-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "A3BBC8B6-1D2B-47C9-93EE-3D3DC43062F1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jan-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "02600CDD-6862-4146-88E8-A2E73B7ED534" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jul-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "35F40D59-034B-44FB-8DCD-D469B50DE7E1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jul-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "CC84021B-9846-40FB-834B-7C5BECEFFEAC" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jun-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "BC3F8572-578B-4D19-9453-1D03DA55EF70" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jun-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "EEABF42E-578E-4689-B80D-B305467AA72D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-mar-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "9137C66C-4966-4C90-ABE9-7E22F7E29BA7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-mar-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "E261C9D8-1E74-44B8-9F11-F5769CF8B7FD" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-may-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "18CD523B-530E-4187-8BFF-729CDAC69282" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-may-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "4C28D3CD-DD34-4334-B03F-794B31A4BF48" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-nov-2021-r1:*:*:*:*:*:*", - "matchCriteriaId": "5A81C86D-F1FE-4166-8F37-D7170E6B30FE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-nov-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "A3D80783-523A-455E-B1AD-0961086F79E6" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-oct-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "89BE2958-0BEE-4CFD-A0BA-494DE62E7F32" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:12.0:smr-sep-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "B0329C50-B904-480D-8EBB-F2757049FC81" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:-:*:*:*:*:*:*", - "matchCriteriaId": "A123EDB1-3048-44B0-8D4D-39A2B24B5F6B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-apr-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "70825981-F895-4BFD-9B6E-92BFF0D67023" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-aug-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "88DC0A82-CAF3-4E88-8A4D-8AF79D0C226D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-dec-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "299284DA-85AB-4162-B858-E67E5C6C14F7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-feb-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "D98F307E-3B01-4C17-86E5-1C6299919417" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-jan-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "7D7DA96D-9C25-4DDA-A6BF-D998AC346B89" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-jul-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "34114DDC-DCDA-4306-8D23-2E628873171F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-jun-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "85E4E8C1-749F-4A1C-8333-6BAFBF8B64D1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-mar-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "5F73D594-178F-4FC8-9F40-0E545E2647B0" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-may-2023-r1:*:*:*:*:*:*", - "matchCriteriaId": "3F3EF3F1-4E54-46E3-A308-69656A29FBD2" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-nov-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "D2B24866-2B3A-4A1A-8B75-EF7A7541797A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:android:13.0:smr-oct-2022-r1:*:*:*:*:*:*", - "matchCriteriaId": "EBB29F18-A929-432B-B20C-365401E6CA12" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/security.samsungmobile.com\/securityUpdate.smsb?year=2023&month=09", - "source": "mobile.security@samsung.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-30722", - "sourceIdentifier": "mobile.security@samsung.com", - "published": "2023-09-06T04:15:15.493", - "lastModified": "2023-11-07T04:14:01.540", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Protection Mechanism Failure in bc_tui trustlet from Samsung Blockchain Keystore prior to version 1.3.13.5 allows local attacker to execute arbitrary code." - }, - { - "lang": "es", - "value": "La falla del mecanismo de protección en bc_tui trustlet de Samsung Blockchain Keystore anterior a la version 1.3.13.5 permite a un atacante local ejecutar código arbitrario." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - }, - { - "source": "mobile.security@samsung.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:N\/I:H\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "HIGH", - "availabilityImpact": "NONE", - "baseScore": 5.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.8, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "NVD-CWE-Other" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:samsung:blockchain_keystore:*:*:*:*:*:*:*:*", - "versionEndExcluding": "1.3.13.5", - "matchCriteriaId": "58D7527A-A43D-41CB-9519-70B03EB7F1EC" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/security.samsungmobile.com\/serviceWeb.smsb?year=2023&month=09", - "source": "mobile.security@samsung.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-30723", - "sourceIdentifier": "mobile.security@samsung.com", - "published": "2023-09-06T04:15:15.703", - "lastModified": "2023-11-07T04:14:01.710", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Improper input validation vulnerability in Samsung Health prior to version 6.24.2.011 allows attackers to write arbitrary file with Samsung Health privilege." - }, - { - "lang": "es", - "value": "Una vulnerabilidad de validación de entrada inadecuada en Samsung Health anterior a la versión 6.24.2.011 permite a los atacantes escribir archivos arbitrarios con privilegios de Samsung Health. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL" - }, - "exploitabilityScore": 3.9, - "impactScore": 5.9 - }, - { - "source": "mobile.security@samsung.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 5.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.8, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "NVD-CWE-noinfo" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:samsung:health:*:*:*:*:*:*:*:*", - "versionEndExcluding": "6.24.2.011", - "matchCriteriaId": "13960D1E-D252-4AB8-BAAD-09612C802BE7" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/security.samsungmobile.com\/serviceWeb.smsb?year=2023&month=09", - "source": "mobile.security@samsung.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-30724", - "sourceIdentifier": "mobile.security@samsung.com", - "published": "2023-09-06T04:15:15.987", - "lastModified": "2023-11-07T04:14:01.873", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Improper authentication in GallerySearchProvider of Gallery prior to version 14.5.01.2 allows attacker to access search history." - }, - { - "lang": "es", - "value": "Una autenticación inadecuada en GallerySearchProvider de Gallery anterior a la versión 14.5.01.2 permite a los atacantes el acceso al historial de búsqueda." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:L\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 3.3, - "baseSeverity": "LOW" - }, - "exploitabilityScore": 1.8, - "impactScore": 1.4 - }, - { - "source": "mobile.security@samsung.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:N\/S:U\/C:L\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 4.0, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.5, - "impactScore": 1.4 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-287" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:samsung:gallery:*:*:*:*:*:*:*:*", - "versionEndExcluding": "14.5.01.2", - "matchCriteriaId": "A2DEFCFF-2F45-4C02-8E39-F2553A9FF33C" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/security.samsungmobile.com\/serviceWeb.smsb?year=2023&month=09", - "source": "mobile.security@samsung.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-30725", - "sourceIdentifier": "mobile.security@samsung.com", - "published": "2023-09-06T04:15:16.277", - "lastModified": "2023-11-07T04:14:02.040", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Improper authentication in LocalProvier of Gallery prior to version 14.5.01.2 allows attacker to access the data in content provider." - }, - { - "lang": "es", - "value": "La autenticación incorrecta en LocalProvier of Gallery anterior a la versión 14.5.01.2 permite a un atacante acceder a los datos del proveedor de contenidos. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 5.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.8, - "impactScore": 3.6 - }, - { - "source": "mobile.security@samsung.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:N\/S:U\/C:L\/I:L\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 5.1, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.5, - "impactScore": 2.5 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-287" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:samsung:gallery:*:*:*:*:*:*:*:*", - "versionEndExcluding": "14.5.01.2", - "matchCriteriaId": "A2DEFCFF-2F45-4C02-8E39-F2553A9FF33C" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/security.samsungmobile.com\/serviceWeb.smsb?year=2023&month=09", - "source": "mobile.security@samsung.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-30726", - "sourceIdentifier": "mobile.security@samsung.com", - "published": "2023-09-06T04:15:16.470", - "lastModified": "2023-11-07T04:14:02.233", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "PendingIntent hijacking vulnerability in GameLauncher prior to version 4.2.59.5 allows local attackers to access data." - }, - { - "lang": "es", - "value": "La vulnerabilidad de secuestro PendingIntent en GameLauncher anterior a la versión 4.2.59.5 permite a atacantes locales acceder a los datos." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 5.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.8, - "impactScore": 3.6 - }, - { - "source": "mobile.security@samsung.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:H\/PR:N\/UI:R\/S:U\/C:H\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "HIGH", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 4.7, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.0, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "NVD-CWE-noinfo" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:samsung:gamelauncher:*:*:*:*:*:*:*:*", - "versionEndExcluding": "4.2.59.5", - "matchCriteriaId": "B7FB2BC4-128A-4FBD-8B1E-CD9A240E1A3D" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/security.samsungmobile.com\/serviceWeb.smsb?year=2023&month=09", - "source": "mobile.security@samsung.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-30728", - "sourceIdentifier": "mobile.security@samsung.com", - "published": "2023-09-06T04:15:16.673", - "lastModified": "2023-11-07T04:14:02.600", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Intent redirection vulnerability in PackageInstallerCHN prior to version 13.1.03.00 allows local attacker to access arbitrary file. This vulnerability requires user interaction." - }, - { - "lang": "es", - "value": "Una vulnerabilidad de redirección de intenciones en PackageInstallerCHN anterior a la versión 13.1.03.00 permite a un atacante local acceder a un archivo arbitrario. Esta vulnerabilidad requiere la interacción del usuario. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 5.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.8, - "impactScore": 3.6 - }, - { - "source": "mobile.security@samsung.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:L\/I:L\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 4.4, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.8, - "impactScore": 2.5 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "NVD-CWE-noinfo" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:samsung:packageinstallerchn:*:*:*:*:*:*:*:*", - "versionEndExcluding": "13.1.03.00", - "matchCriteriaId": "A551D1BD-BA1C-4D4E-94E7-5F9109D2B95B" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/security.samsungmobile.com\/serviceWeb.smsb?year=2023&month=09", - "source": "mobile.security@samsung.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-30729", - "sourceIdentifier": "mobile.security@samsung.com", - "published": "2023-09-06T04:15:16.890", - "lastModified": "2023-11-07T04:14:02.773", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Improper Certificate Validation in Samsung Email prior to version 6.1.82.0 allows remote attacker to intercept the network traffic including sensitive information." - }, - { - "lang": "es", - "value": "La validación inadecuada de certificados en Samsung Email antes de la versión 6.1.82.0 permite a un atacante remoto interceptar el tráfico de red, incluida información confidencial. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:N\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 7.5, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - }, - { - "source": "mobile.security@samsung.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:H\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "HIGH", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.1, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.2, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-295" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:samsung:email:*:*:*:*:*:*:*:*", - "versionEndExcluding": "6.1.82.0", - "matchCriteriaId": "748B4E5A-6445-469A-B6C2-247AC38AAD19" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/security.samsungmobile.com\/serviceWeb.smsb?year=2023&month=09", - "source": "mobile.security@samsung.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-30730", - "sourceIdentifier": "mobile.security@samsung.com", - "published": "2023-09-06T04:15:17.130", - "lastModified": "2023-11-07T04:14:02.930", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Implicit intent hijacking vulnerability in Camera prior to versions 11.0.16.43 in Android 11, 12.1.00.30, 12.0.07.53, 12.1.03.10 in Android 12, and 13.0.01.43, 13.1.00.83 in Android 13 allows local attacker to access specific file." - }, - { - "lang": "es", - "value": "Una vulnerabilidad de secuestro de intención implícita en la aplicación Camera anterior a las versiones 11.0.16.43 en Android 11,12.1.00.30, 12.0.07.53, 12.1.03.10 en Android 12, y 13.0.01.43, 13.1.00.83 en Android 13 permite a un atacante local acceder a un archivo específico." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 5.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.8, - "impactScore": 3.6 - }, - { - "source": "mobile.security@samsung.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:L\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 3.3, - "baseSeverity": "LOW" - }, - "exploitabilityScore": 1.8, - "impactScore": 1.4 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "NVD-CWE-noinfo" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:samsung:camera:*:*:*:*:*:*:*:*", - "versionStartIncluding": "11.0.00.00", - "versionEndExcluding": "11.0.16.43", - "matchCriteriaId": "227E57F4-C888-4AA6-8865-5CE83D32C87A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:o:google:android:11.0:-:*:*:*:*:*:*", - "matchCriteriaId": "F120D280-287A-474F-9DC5-CBBC4B4C7237" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:samsung:camera:*:*:*:*:*:*:*:*", - "versionStartIncluding": "12.0.00.00", - "versionEndExcluding": "12.0.07.53", - "matchCriteriaId": "638D6350-E394-4402-818C-95D38B7602D7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:samsung:camera:*:*:*:*:*:*:*:*", - "versionStartIncluding": "12.1.00.00", - "versionEndExcluding": "12.1.00.30", - "matchCriteriaId": "53B10221-F53C-4A7F-8B35-719091432AD8" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:samsung:camera:*:*:*:*:*:*:*:*", - "versionStartIncluding": "12.1.03.00", - "versionEndExcluding": "12.1.03.10", - "matchCriteriaId": "67E18AC6-91F5-4AB5-A8E2-790126F8E420" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:o:google:android:12.0:-:*:*:*:*:*:*", - "matchCriteriaId": "16820CAF-0A8A-45C8-B5A8-979EA0407389" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:samsung:camera:*:*:*:*:*:*:*:*", - "versionEndExcluding": "13.0.01.43", - "matchCriteriaId": "D58B02D8-9EF9-4FF1-B89C-6978B15C8DDC" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:samsung:camera:*:*:*:*:*:*:*:*", - "versionStartIncluding": "13.1.00.00", - "versionEndExcluding": "13.1.00.83", - "matchCriteriaId": "22EAE84E-1584-4FA4-B0B0-917A87469AEB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:o:google:android:13.0:-:*:*:*:*:*:*", - "matchCriteriaId": "08A26AC2-409E-499A-B0D5-8C2B5038947D" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/security.samsungmobile.com\/serviceWeb.smsb?year=2023&month=09", - "source": "mobile.security@samsung.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-4773", - "sourceIdentifier": "security@wordfence.com", - "published": "2023-09-06T04:15:17.377", - "lastModified": "2023-11-07T04:22:57.903", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "The WordPress Social Login plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'wordpress_social_login_meta' shortcode in versions up to, and including, 3.0.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." - }, - { - "lang": "es", - "value": "El plugin WordPress Social Login para WordPress es vulnerable a Cross-Site Scripting (XSS) almacenado a través del shortcode \"wordpress_social_login_meta\" en versiones hasta, e incluyendo, la 3.0.4 debido a la insuficiente sanitización de entrada y escape de salida en los atributos suministrados por el usuario. Esto hace posible que atacantes autenticados con permisos de nivel de colaborador y superiores inyecten scripts web arbitrarios en páginas que se ejecutarán cada vez que un usuario acceda a una página inyectada. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 6.4, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 3.1, - "impactScore": 2.7 - }, - { - "source": "security@wordfence.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 6.4, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 3.1, - "impactScore": 2.7 - } - ] - }, - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:wordpress_social_login_project:wordpress_social_login:*:*:*:*:*:wordpress:*:*", - "versionEndIncluding": "3.0.4", - "matchCriteriaId": "20550142-980D-4DA9-B8FB-0521C4E1E07F" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/plugins.trac.wordpress.org\/browser\/wordpress-social-login\/tags\/3.0.4\/includes\/widgets\/wsl.auth.widgets.php#L413", - "source": "security@wordfence.com", - "tags": [ - "Product" - ] - }, - { - "url": "https:\/\/www.wordfence.com\/threat-intel\/vulnerabilities\/id\/b987822d-2b1b-4f79-988b-4bd731864b63?source=cve", - "source": "security@wordfence.com", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-32162", - "sourceIdentifier": "zdi-disclosures@trendmicro.com", - "published": "2023-09-06T05:15:42.243", - "lastModified": "2023-09-11T18:53:22.077", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Wacom Drivers for Windows Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Wacom Drivers for Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\n\nThe specific flaw exists within the handling of the WacomInstallI.txt file by the PrefUtil.exe utility. The issue results from incorrect permissions on the WacomInstallI.txt file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-16318." - }, - { - "lang": "es", - "value": "Controladores Wacom para Windows Asignación de permisos incorrecta Vulnerabilidad de escalada de privilegios locales. Esta vulnerabilidad permite a atacantes locales escalar privilegios en las instalaciones afectadas de controladores Wacom para Windows. Un atacante primero debe obtener la capacidad de ejecutar código con pocos privilegios en el sistema de destino para poder explotar esta vulnerabilidad. La falla específica existe en el manejo del archivo WacomInstallI.txt por parte de la utilidad PrefUtil.exe. El problema se debe a permisos incorrectos en el archivo WacomInstallI.txt. Un atacante puede aprovechar esta vulnerabilidad para escalar privilegios y ejecutar código arbitrario en el contexto de SYSTEM. Era la vulnerabilidad ZDI-CAN-16318." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - } - ], - "cvssMetricV30": [ - { - "source": "zdi-disclosures@trendmicro.com", - "type": "Secondary", - "cvssData": { - "version": "3.0", - "vectorString": "CVSS:3.0\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "zdi-disclosures@trendmicro.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-732" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:wacom:driver:6.3.45-1:*:*:*:*:*:*:*", - "matchCriteriaId": "26E56854-D72B-4447-9341-09B948EFAEBB" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.zerodayinitiative.com\/advisories\/ZDI-23-741", - "source": "zdi-disclosures@trendmicro.com", - "tags": [ - "Third Party Advisory", - "VDB Entry" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-32163", - "sourceIdentifier": "zdi-disclosures@trendmicro.com", - "published": "2023-09-06T05:15:42.347", - "lastModified": "2023-09-11T18:52:49.417", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Wacom Drivers for Windows Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Wacom Drivers for Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\n\nThe specific flaw exists within the Tablet Service. By creating a symbolic link, an attacker can abuse the service to create a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-16857." - }, - { - "lang": "es", - "value": "Los controladores Wacom para Windows se vinculan tras una vulnerabilidad de escalada de privilegios locales. Esta vulnerabilidad permite a atacantes locales escalar privilegios en las instalaciones afectadas de controladores Wacom para Windows. Un atacante primero debe obtener la capacidad de ejecutar código con pocos privilegios en el sistema de destino para poder explotar esta vulnerabilidad. La falla específica existe dentro del Servicio de Tableta. Al crear un enlace simbólico, un atacante puede abusar del servicio para crear un archivo. Un atacante puede aprovechar esta vulnerabilidad para escalar privilegios y ejecutar código arbitrario en el contexto de SYSTEM. Era la vulnerabilidad ZDI-CAN-16857." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - } - ], - "cvssMetricV30": [ - { - "source": "zdi-disclosures@trendmicro.com", - "type": "Secondary", - "cvssData": { - "version": "3.0", - "vectorString": "CVSS:3.0\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "zdi-disclosures@trendmicro.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-59" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:wacom:driver:6.3.45-1:*:*:*:*:*:*:*", - "matchCriteriaId": "26E56854-D72B-4447-9341-09B948EFAEBB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.zerodayinitiative.com\/advisories\/ZDI-23-742", - "source": "zdi-disclosures@trendmicro.com", - "tags": [ - "Third Party Advisory", - "VDB Entry" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-35719", - "sourceIdentifier": "zdi-disclosures@trendmicro.com", - "published": "2023-09-06T05:15:42.437", - "lastModified": "2023-09-11T20:15:08.767", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "ManageEngine ADSelfService Plus GINA Client Insufficient Verification of Data Authenticity Authentication Bypass Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of ManageEngine ADSelfService Plus. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the Password Reset Portal used by the GINA client. The issue results from the lack of proper authentication of data received via HTTP. An attacker can leverage this vulnerability to bypass authentication and execute code in the context of SYSTEM. Was ZDI-CAN-17009." - }, - { - "lang": "es", - "value": "ManageEngine ADSelfService Plus GINA Client Verificación insuficiente de autenticidad de datos Vulnerabilidad de omisión de autenticación. Esta vulnerabilidad permite a atacantes físicamente presentes ejecutar código arbitrario en instalaciones afectadas de ManageEngine ADSelfService Plus. No se requiere autenticación para aprovechar esta vulnerabilidad. La falla específica existe en el Portal de restablecimiento de contraseña utilizado por el cliente GINA. El problema se debe a la falta de autenticación adecuada de los datos recibidos a través de HTTP. Un atacante puede aprovechar esta vulnerabilidad para eludir la autenticación y ejecutar código en el contexto de SYSTEM. Era ZDI-CAN-17009." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:P\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "PHYSICAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 6.8, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 0.9, - "impactScore": 5.9 - } - ], - "cvssMetricV30": [ - { - "source": "zdi-disclosures@trendmicro.com", - "type": "Secondary", - "cvssData": { - "version": "3.0", - "vectorString": "CVSS:3.0\/AV:P\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "PHYSICAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 6.8, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 0.9, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "zdi-disclosures@trendmicro.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-345" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6122:*:*:*:*:*:*", - "matchCriteriaId": "D3EFB734-E7F3-482E-9A64-DD1A0A6B1E5F" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.manageengine.com\/products\/self-service-password\/kb\/our-response-to-CVE-2023-35719.html", - "source": "zdi-disclosures@trendmicro.com" - }, - { - "url": "https:\/\/www.zerodayinitiative.com\/advisories\/ZDI-23-891", - "source": "zdi-disclosures@trendmicro.com", - "tags": [ - "Third Party Advisory", - "VDB Entry" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-3471", - "sourceIdentifier": "product-security@gg.jp.panasonic.com", - "published": "2023-09-06T05:15:42.520", - "lastModified": "2023-09-08T21:26:46.520", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Buffer overflow vulnerability in Panasonic KW Watcher versions 1.00 through 2.82 may allow attackers to execute arbitrary code." - }, - { - "lang": "es", - "value": "La vulnerabilidad de desbordamiento de búfer en las versiones 1.00 a 2.82 de Panasonic KW Watcher puede permitir a los atacantes ejecutar código arbitrario." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - }, - { - "source": "product-security@gg.jp.panasonic.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:C\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.6, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 6.0 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-120" - } - ] - }, - { - "source": "product-security@gg.jp.panasonic.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-119" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:panasonic:kw_watcher:*:*:*:*:*:*:*:*", - "versionStartIncluding": "1.00", - "versionEndExcluding": "2.83", - "matchCriteriaId": "DCE4BEB8-8929-4EC1-BDF0-912A77FC59F3" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www3.panasonic.biz\/ac\/e\/fasys\/software_info\/eco\/kwwatcher_versioninfo.jsp", - "source": "product-security@gg.jp.panasonic.com", - "tags": [ - "Release Notes" - ] - }, - { - "url": "https:\/\/www3.panasonic.biz\/ac\/j\/fasys\/software_info\/eco\/tol_kwwatcher.jsp", - "source": "product-security@gg.jp.panasonic.com", - "tags": [ - "Release Notes" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-3472", - "sourceIdentifier": "product-security@gg.jp.panasonic.com", - "published": "2023-09-06T05:15:42.613", - "lastModified": "2023-09-08T21:27:03.933", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Use after free vulnerability in Panasonic KW Watcher versions 1.00 through 2.82 may allow attackers to execute arbitrary code." - }, - { - "lang": "es", - "value": "Una vulnerabilidad de Use After Free en Panasonic KW Watcher desde la versión 1.00 hasta la 2.82 puede permitir a los atacantes ejecutar código arbitrario. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - }, - { - "source": "product-security@gg.jp.panasonic.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:C\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.6, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 6.0 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-416" - } - ] - }, - { - "source": "product-security@gg.jp.panasonic.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-416" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:panasonic:kw_watcher:*:*:*:*:*:*:*:*", - "versionStartIncluding": "1.00", - "versionEndExcluding": "2.83", - "matchCriteriaId": "DCE4BEB8-8929-4EC1-BDF0-912A77FC59F3" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www3.panasonic.biz\/ac\/e\/fasys\/software_info\/eco\/kwwatcher_versioninfo.jsp", - "source": "product-security@gg.jp.panasonic.com", - "tags": [ - "Release Notes" - ] - }, - { - "url": "https:\/\/www3.panasonic.biz\/ac\/j\/fasys\/software_info\/eco\/tol_kwwatcher.jsp", - "source": "product-security@gg.jp.panasonic.com", - "tags": [ - "Release Notes" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-4779", - "sourceIdentifier": "security@wordfence.com", - "published": "2023-09-06T07:15:09.690", - "lastModified": "2023-11-07T04:22:58.437", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "The User Submitted Posts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's [usp_gallery] shortcode in versions up to, and including, 20230811 due to insufficient input sanitization and output escaping on user supplied attributes like 'before'. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." - }, - { - "lang": "es", - "value": "El plugin User Submitted Posts para WordPress es vulnerable a Cross-Site Scripting (XSS) almacenado a través del shortcode del plugin [usp_gallery] en versiones hasta, e incluyendo, la 20230811 debido a una insuficiente sanitización de entrada y escape de salida en atributos suministrados por el usuario como \"before\". Esto hace posible que atacantes autenticados con permisos de nivel de colaborador y superiores inyecten scripts web arbitrarios en páginas que se ejecutarán cada vez que un usuario acceda a una página inyectada. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:R\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 5.4, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.3, - "impactScore": 2.7 - }, - { - "source": "security@wordfence.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 6.4, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 3.1, - "impactScore": 2.7 - } - ] - }, - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:plugin-planet:user_submitted_posts:*:*:*:*:*:wordpress:*:*", - "versionEndIncluding": "20230811", - "matchCriteriaId": "342FFEE3-BDD6-4090-A281-AF11460E1CA2" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/plugins.trac.wordpress.org\/changeset\/2961841", - "source": "security@wordfence.com", - "tags": [ - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/www.wordfence.com\/threat-intel\/vulnerabilities\/id\/d21ca709-183f-4dd1-849c-f1b2a4f7ec43?source=cve", - "source": "security@wordfence.com", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-29441", - "sourceIdentifier": "audit@patchstack.com", - "published": "2023-09-06T08:15:43.077", - "lastModified": "2023-09-08T14:33:55.883", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Robert Heller WebLibrarian plugin <= 3.5.8.1 versions." - }, - { - "lang": "es", - "value": "Vulnerabilidad de Cross-Site Scripting (XSS) Reflejada No Autenticada en el plugin Robert Heller WebLibrarian en versiones <= 3.5.8.1." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 6.1, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 2.7 - }, - { - "source": "audit@patchstack.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:C\/C:L\/I:L\/A:L", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "LOW", - "baseScore": 7.1, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.8, - "impactScore": 3.7 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-79" - } - ] - }, - { - "source": "audit@patchstack.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-79" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:deepsoft:weblibrarian:*:*:*:*:*:wordpress:*:*", - "versionEndIncluding": "3.5.8.1", - "matchCriteriaId": "EBC82B54-448F-4492-AA2E-75511594B949" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/patchstack.com\/database\/vulnerability\/weblibrarian\/wordpress-weblibrarian-plugin-3-5-8-1-multiple-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-4705", - "sourceIdentifier": "secalert@redhat.com", - "published": "2023-09-06T08:15:44.380", - "lastModified": "2023-11-07T04:22:51.320", - "vulnStatus": "Rejected", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Rejected reason: CVE-2023-4705 was wrongly assigned to a bug that was deemed to be a non-security issue by the Linux kernel security team." - } - ], - "metrics": {}, - "references": [] - } - }, - { - "cve": { - "id": "CVE-2023-30497", - "sourceIdentifier": "audit@patchstack.com", - "published": "2023-09-06T09:15:07.707", - "lastModified": "2023-09-08T21:27:14.507", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Simon Chuang WP LINE Notify plugin <= 1.4.4 versions." - }, - { - "lang": "es", - "value": "Vulnerabilidad de Cross-Site Scripting (XSS) reflejado y no autenticado en el plugin de Simon Chuang WP LINE Notify en versiones anteriores, e incluyendo, la 1.4.4." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 6.1, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 2.7 - }, - { - "source": "audit@patchstack.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:C\/C:L\/I:L\/A:L", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "LOW", - "baseScore": 7.1, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.8, - "impactScore": 3.7 - } - ] - }, - "weaknesses": [ - { - "source": "audit@patchstack.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-79" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:simonchuang:wp_line_notify:*:*:*:*:*:wordpress:*:*", - "versionEndIncluding": "1.4.4", - "matchCriteriaId": "8B390D6B-0A50-46A8-B83F-EA69E8AE58C1" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/patchstack.com\/database\/vulnerability\/wp-line-notify\/wordpress-wordpress-line-notify-plugin-1-4-2-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-40007", - "sourceIdentifier": "audit@patchstack.com", - "published": "2023-09-06T09:15:08.137", - "lastModified": "2023-09-08T21:27:24.257", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Ujwol Bastakoti CT Commerce plugin <= 2.0.1 versions." - }, - { - "lang": "es", - "value": "Vulnerabilidad de Cross-Site Scripting (XSS) autenticada (con permisos de admin o superiores) almacenada en el complemento Ujwol Bastakoti CT Commerce en versiones <= 2.0.1." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:R\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 4.8, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.7, - "impactScore": 2.7 - }, - { - "source": "audit@patchstack.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:R\/S:C\/C:L\/I:L\/A:L", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "LOW", - "baseScore": 5.9, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.7, - "impactScore": 3.7 - } - ] - }, - "weaknesses": [ - { - "source": "audit@patchstack.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-79" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:ujwolbastakoti:ct_commerce:*:*:*:*:*:wordpress:*:*", - "versionEndIncluding": "2.0.1", - "matchCriteriaId": "F36053B7-6BF0-4C1C-8388-55642374C626" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/patchstack.com\/database\/vulnerability\/ct-commerce\/wordpress-ct-commerce-plugin-2-0-1-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-40328", - "sourceIdentifier": "audit@patchstack.com", - "published": "2023-09-06T09:15:08.243", - "lastModified": "2023-09-08T21:27:34.837", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Carrrot plugin <= 1.1.0 versions." - }, - { - "lang": "es", - "value": "Vulnerabilidad de Cross-Site Scripting (XSS) almacenado y autenticado (con permisos de administrador o superior) en el plugin Carrrot en versiones anteriores, e incluyendo, la 1.1.0." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:R\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 4.8, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.7, - "impactScore": 2.7 - }, - { - "source": "audit@patchstack.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:R\/S:C\/C:L\/I:L\/A:L", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "LOW", - "baseScore": 5.9, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.7, - "impactScore": 3.7 - } - ] - }, - "weaknesses": [ - { - "source": "audit@patchstack.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-79" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:carrrot:carrrot:*:*:*:*:*:wordpress:*:*", - "versionEndIncluding": "1.1.0", - "matchCriteriaId": "7ED449D1-FD47-4A29-BF3D-531E49D2FFAF" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/patchstack.com\/database\/vulnerability\/carrrot\/wordpress-carrot-plugin-1-1-0-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-40329", - "sourceIdentifier": "audit@patchstack.com", - "published": "2023-09-06T09:15:08.330", - "lastModified": "2023-09-08T21:27:48.020", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WPZest Custom Admin Login Page | WPZest plugin <= 1.2.0 versions." - }, - { - "lang": "es", - "value": "Vulnerabilidad de Cross-Site Scripting (XSS) autenticada (con permisos de admin o superiores) almacenada en el complemento WPZest Custom Admin Login Page | WPZest en versiones <= 1.2.0." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:R\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 4.8, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.7, - "impactScore": 2.7 - }, - { - "source": "audit@patchstack.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:R\/S:C\/C:L\/I:L\/A:L", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "LOW", - "baseScore": 5.9, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.7, - "impactScore": 3.7 - } - ] - }, - "weaknesses": [ - { - "source": "audit@patchstack.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-79" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:wpzest:custom_admin_login_page_\\|_wpzest_plugin:*:*:*:*:*:wordpress:*:*", - "versionEndIncluding": "1.2.0", - "matchCriteriaId": "81638A09-8E22-4BB1-B009-DE7A9D19C164" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/patchstack.com\/database\/vulnerability\/custom-admin-login-styler-wpzest\/wordpress-custom-admin-login-page-wpzest-plugin-1-2-0-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-40552", - "sourceIdentifier": "audit@patchstack.com", - "published": "2023-09-06T09:15:08.413", - "lastModified": "2023-09-08T21:27:56.877", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gurcharan Singh Fitness calculators plugin plugin <= 2.0.7 versions." - }, - { - "lang": "es", - "value": "Vulnerabilidad de Cross-Site Scripting (XSS) Almacenado y autenticado (con permisos de administrador o superior) en el plugin Gurcharan Singh Fitness calculators en versiones anteriores, e incluyendo, la 2.0.7. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:R\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 4.8, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.7, - "impactScore": 2.7 - }, - { - "source": "audit@patchstack.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:R\/S:C\/C:L\/I:L\/A:L", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "LOW", - "baseScore": 5.9, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.7, - "impactScore": 3.7 - } - ] - }, - "weaknesses": [ - { - "source": "audit@patchstack.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-79" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:codeinitiator:fitness_calculators_plugin:*:*:*:*:*:wordpress:*:*", - "versionEndIncluding": "2.0.7", - "matchCriteriaId": "5FBDCBFD-E0D1-4DCA-AE76-BAC18343728F" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/patchstack.com\/database\/vulnerability\/fitness-calculators\/wordpress-fitness-calculators-plugin-plugin-2-0-7-cross-site-scripting-xss?_s_id=cve", - "source": "audit@patchstack.com", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-40553", - "sourceIdentifier": "audit@patchstack.com", - "published": "2023-09-06T09:15:08.507", - "lastModified": "2023-09-08T21:22:31.697", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Plausible.Io Plausible Analytics plugin <= 1.3.3 versions." - }, - { - "lang": "es", - "value": "Vulnerabilidad de Cross-Site Scripting (XSS) Reflejada No Autenticada en el complemento Plausible.Io Plausible Analytics en versiones <= 1.3.3." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 6.1, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 2.7 - }, - { - "source": "audit@patchstack.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:H\/PR:N\/UI:R\/S:C\/C:L\/I:L\/A:L", - "attackVector": "NETWORK", - "attackComplexity": "HIGH", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "LOW", - "baseScore": 5.8, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.6, - "impactScore": 3.7 - } - ] - }, - "weaknesses": [ - { - "source": "audit@patchstack.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-79" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:plausible:plausible_analytics:*:*:*:*:*:wordpress:*:*", - "versionEndIncluding": "1.3.3", - "matchCriteriaId": "0F1B5F6F-26F5-44D4-8F39-76A1AB5B38DB" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/patchstack.com\/database\/vulnerability\/plausible-analytics\/wordpress-plausible-analytics-plugin-1-3-3-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-40554", - "sourceIdentifier": "audit@patchstack.com", - "published": "2023-09-06T09:15:08.587", - "lastModified": "2023-09-08T21:22:23.213", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Blog2Social, Adenion Blog2Social: Social Media Auto Post & Scheduler plugin <= 7.2.0 versions." - }, - { - "lang": "es", - "value": "Vulnerabilidad de Cross-Site Scripting (XSS) Reflejada no autenticada en el plugin Blog2Social, Adenion Blog2Social: Social Media Auto Post & Scheduler en versiones anteriores, e incluyendo, la 7.2.0." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 6.1, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 2.7 - }, - { - "source": "audit@patchstack.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:C\/C:L\/I:L\/A:L", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "LOW", - "baseScore": 7.1, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.8, - "impactScore": 3.7 - } - ] - }, - "weaknesses": [ - { - "source": "audit@patchstack.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-79" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adenion:blog2social:*:*:*:*:*:wordpress:*:*", - "versionEndIncluding": "7.2.0", - "matchCriteriaId": "4C1E0250-2C9F-4941-A20E-74C0A96702C1" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/patchstack.com\/database\/vulnerability\/blog2social\/wordpress-blog2social-plugin-7-2-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-40560", - "sourceIdentifier": "audit@patchstack.com", - "published": "2023-09-06T09:15:08.670", - "lastModified": "2023-09-08T21:22:09.650", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Greg Ross Schedule Posts Calendar plugin <= 5.2 versions." - }, - { - "lang": "es", - "value": "Vulnerabilidad de Cross-Site Scripting (XSS) autenticada (con permisos de admin o superiores) almacenada en el complemento Greg Ross Schedule Posts Calendar versiones <= 5.2." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:R\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 4.8, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.7, - "impactScore": 2.7 - }, - { - "source": "audit@patchstack.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:R\/S:C\/C:L\/I:L\/A:L", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "LOW", - "baseScore": 5.9, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.7, - "impactScore": 3.7 - } - ] - }, - "weaknesses": [ - { - "source": "audit@patchstack.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-79" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:toolstack:schedule_posts_calendar:*:*:*:*:*:wordpress:*:*", - "versionEndIncluding": "5.2", - "matchCriteriaId": "D81E8F17-10B2-4BA3-9741-15FD00E4EA5E" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/patchstack.com\/database\/vulnerability\/schedule-posts-calendar\/wordpress-schedule-posts-calendar-plugin-5-2-cross-site-scripting-xss?_s_id=cve", - "source": "audit@patchstack.com", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-40601", - "sourceIdentifier": "audit@patchstack.com", - "published": "2023-09-06T09:15:08.753", - "lastModified": "2023-09-08T21:21:57.833", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Estatik Estatik Mortgage Calculator plugin <= 2.0.7 versions." - }, - { - "lang": "es", - "value": "Vulnerabilidad de Cross-Site Scripting (XSS) Reflejada no autenticada en el plugin Estatik Mortgage Calculator en versiones anteriores, e incluyendo, la 2.0.7." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 6.1, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 2.7 - }, - { - "source": "audit@patchstack.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:C\/C:L\/I:L\/A:L", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "LOW", - "baseScore": 7.1, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.8, - "impactScore": 3.7 - } - ] - }, - "weaknesses": [ - { - "source": "audit@patchstack.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-79" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:estatik:estatik_mortgage_calculator:*:*:*:*:*:wordpress:*:*", - "versionEndIncluding": "2.0.7", - "matchCriteriaId": "E3D4815A-99F2-4590-B222-B7222D0BC7A6" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/patchstack.com\/database\/vulnerability\/estatik-mortgage-calculator\/wordpress-mortgage-calculator-estatik-plugin-2-0-7-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-4634", - "sourceIdentifier": "security@wordfence.com", - "published": "2023-09-06T09:15:08.873", - "lastModified": "2023-11-07T04:22:48.157", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "The Media Library Assistant plugin for WordPress is vulnerable to Local File Inclusion and Remote Code Execution in versions up to, and including, 3.09. This is due to insufficient controls on file paths being supplied to the 'mla_stream_file' parameter from the ~\/includes\/mla-stream-image.php file, where images are processed via Imagick(). This makes it possible for unauthenticated attackers to supply files via FTP that will make directory lists, local file inclusion, and remote code execution possible." - }, - { - "lang": "es", - "value": "El complemento Media Library Assistant para WordPress es vulnerable a la inclusión de archivos locales y la ejecución remota de código en versiones hasta la 3.09 incluida. Esto se debe a controles insuficientes en las rutas de archivo que se suministran al parámetro 'mla_stream_file' desde el archivo ~\/includes\/mla-stream-image.php, donde las imágenes se procesan a través de Imagick(). Esto hace posible que atacantes no autenticados proporcionen archivos a través de FTP que harán posible las listas de directorios, la inclusión de archivos locales y la ejecución remota de código.\n" - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "security@wordfence.com", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL" - }, - "exploitabilityScore": 3.9, - "impactScore": 5.9 - } - ] - }, - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:davidlingren:media_library_assistant:*:*:*:*:*:wordpress:*:*", - "versionEndExcluding": "3.10", - "matchCriteriaId": "5C1D11EB-8D81-458F-972A-2143B2D66FB7" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/github.com\/Patrowl\/CVE-2023-4634\/", - "source": "security@wordfence.com", - "tags": [ - "Exploit", - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/packetstormsecurity.com\/files\/174508\/wpmla309-lfiexec.tgz", - "source": "security@wordfence.com", - "tags": [ - "Third Party Advisory", - "VDB Entry" - ] - }, - { - "url": "https:\/\/patrowl.io\/blog-wordpress-media-library-rce-cve-2023-4634\/", - "source": "security@wordfence.com", - "tags": [ - "Exploit", - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/plugins.trac.wordpress.org\/changeset?sfp_email=&sfph_mail=&reponame=&old=2955933%40media-library-assistant&new=2955933%40media-library-assistant&sfp_email=&sfph_mail=#file4", - "source": "security@wordfence.com", - "tags": [ - "Patch" - ] - }, - { - "url": "https:\/\/www.wordfence.com\/threat-intel\/vulnerabilities\/id\/05c68377-feb6-442d-a3a0-1fbc246c7cbf?source=cve", - "source": "security@wordfence.com", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-31188", - "sourceIdentifier": "vultures@jpcert.or.jp", - "published": "2023-09-06T10:15:13.183", - "lastModified": "2023-09-11T13:33:19.063", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Multiple TP-LINK products allow a network-adjacent authenticated attacker to execute arbitrary OS commands. Affected products\/versions are as follows: Archer C50 firmware versions prior to 'Archer C50(JP)_V3_230505', Archer C55 firmware versions prior to 'Archer C55(JP)_V1_230506', and Archer C20 firmware versions prior to 'Archer C20(JP)_V1_230616'." - }, - { - "lang": "es", - "value": "Múltiples productos TP-LINK permiten que un atacante autenticado adyacente a la red ejecute comandos arbitrarios del sistema operativo. Los productos\/versiones afectados son los siguientes: versiones de firmware de Archer C50 anteriores a 'Archer C50(JP)_V3_230505', versiones de firmware de Archer C55 anteriores a 'Archer C55(JP)_V1_230506' y versiones de firmware de Archer C20 anteriores a 'Archer C20(JP) )_V1_230616'.\n" - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:A\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "ADJACENT_NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.0, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.1, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-78" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:tp-link:archer_c55:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1DE7FC0D-0A09-42F6-BA31-597D38208F61" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:tp-link:archer_c55_firmware:*:*:*:*:*:*:*:*", - "versionEndExcluding": "230506", - "matchCriteriaId": "4AF28B84-B90E-47B6-B2E8-F78CC909EEC0" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:tp-link:archer_c50_v3:-:*:*:*:*:*:*:*", - "matchCriteriaId": "01EE9C6D-D758-4015-B197-545269BF2283" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:tp-link:archer_c50_v3_firmware:*:*:*:*:*:*:*:*", - "versionEndExcluding": "230505", - "matchCriteriaId": "7B4081EE-A5EE-41E0-BA3F-39F1BE7799AC" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/jvn.jp\/en\/vu\/JVNVU99392903\/", - "source": "vultures@jpcert.or.jp", - "tags": [ - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/www.tp-link.com\/jp\/support\/download\/archer-c20\/v1\/#Firmware", - "source": "vultures@jpcert.or.jp", - "tags": [ - "Product" - ] - }, - { - "url": "https:\/\/www.tp-link.com\/jp\/support\/download\/archer-c50\/v3\/#Firmware", - "source": "vultures@jpcert.or.jp", - "tags": [ - "Product" - ] - }, - { - "url": "https:\/\/www.tp-link.com\/jp\/support\/download\/archer-c55\/#Firmware", - "source": "vultures@jpcert.or.jp", - "tags": [ - "Product" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-32619", - "sourceIdentifier": "vultures@jpcert.or.jp", - "published": "2023-09-06T10:15:13.650", - "lastModified": "2023-09-11T13:35:49.373", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Archer C50 firmware versions prior to 'Archer C50(JP)_V3_230505' and Archer C55 firmware versions prior to 'Archer C55(JP)_V1_230506' use hard-coded credentials to login to the affected device, which may allow a network-adjacent unauthenticated attacker to execute an arbitrary OS command." - }, - { - "lang": "es", - "value": "Las versiones de firmware de Archer C50 anteriores a 'Archer C50(JP)_V3_230505' y las versiones de firmware de Archer C55 anteriores a 'Archer C55(JP)_V1_230506' utilizan credenciales codificadas para iniciar sesión en el dispositivo afectado, lo que puede permitir que un atacante no autenticado adyacente a la red para ejecutar un comando arbitrario del sistema operativo.\n" - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:A\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "ADJACENT_NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-798" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:tp-link:archer_c55_firmware:*:*:*:*:*:*:*:*", - "versionEndExcluding": "230506", - "matchCriteriaId": "4AF28B84-B90E-47B6-B2E8-F78CC909EEC0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:tp-link:archer_c55:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1DE7FC0D-0A09-42F6-BA31-597D38208F61" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:tp-link:archer_c50_v3_firmware:*:*:*:*:*:*:*:*", - "versionEndExcluding": "230505", - "matchCriteriaId": "7B4081EE-A5EE-41E0-BA3F-39F1BE7799AC" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:tp-link:archer_c50_v3:-:*:*:*:*:*:*:*", - "matchCriteriaId": "01EE9C6D-D758-4015-B197-545269BF2283" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/jvn.jp\/en\/vu\/JVNVU99392903\/", - "source": "vultures@jpcert.or.jp", - "tags": [ - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/www.tp-link.com\/jp\/support\/download\/archer-c50\/v3\/#Firmware", - "source": "vultures@jpcert.or.jp", - "tags": [ - "Product" - ] - }, - { - "url": "https:\/\/www.tp-link.com\/jp\/support\/download\/archer-c55\/#Firmware", - "source": "vultures@jpcert.or.jp", - "tags": [ - "Product" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-36489", - "sourceIdentifier": "vultures@jpcert.or.jp", - "published": "2023-09-06T10:15:13.710", - "lastModified": "2023-09-11T13:36:35.507", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Multiple TP-LINK products allow a network-adjacent unauthenticated attacker to execute arbitrary OS commands. Affected products\/versions are as follows: TL-WR802N firmware versions prior to 'TL-WR802N(JP)_V4_221008', TL-WR841N firmware versions prior to 'TL-WR841N(JP)_V14_230506', and TL-WR902AC firmware versions prior to 'TL-WR902AC(JP)_V3_230506'." - }, - { - "lang": "es", - "value": "Múltiples productos TP-LINK permiten que un atacante no autenticado adyacente a la red ejecute comandos arbitrarios del sistema operativo. Los productos\/versiones afectados son los siguientes: versiones de firmware del TL-WR802N anteriores a 'TL-WR802N(JP)_V4_221008', versiones de firmware del TL-WR841N anteriores a 'TL-WR841N(JP)_V14_230506' y versiones de firmware del TL-WR902AC anteriores a 'TL-WR902AC(JP)_V3_230506'.\n" - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:A\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "ADJACENT_NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-78" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:tp-link:tl-wr902ac:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5541D281-8231-4724-BF9B-4E0FF61215A0" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:tp-link:tl-wr902ac_firmware:*:*:*:*:*:*:*:*", - "versionEndExcluding": "230506", - "matchCriteriaId": "3376E9AB-5749-4129-BF47-B9378E073B5A" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:tp-link:tl-wr802n:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2E1B4F55-1FCF-4557-A051-2EBC1414DD00" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:tp-link:tl-wr802n_firmware:*:*:*:*:*:*:*:*", - "versionEndExcluding": "221008", - "matchCriteriaId": "EC40A74F-6DCC-4DEB-A38F-D293BE80303F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:tp-link:tl-wr841n:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AD44582F-0CC5-4A71-8FE8-2BEF65EB717E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:tp-link:tl-wr841n_firmware:*:*:*:*:*:*:*:*", - "versionEndExcluding": "230506", - "matchCriteriaId": "93ED2916-46C6-43BE-A163-4AC82874869A" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/jvn.jp\/en\/vu\/JVNVU99392903\/", - "source": "vultures@jpcert.or.jp", - "tags": [ - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/www.tp-link.com\/jp\/support\/download\/tl-wr802n\/#Firmware", - "source": "vultures@jpcert.or.jp", - "tags": [ - "Product" - ] - }, - { - "url": "https:\/\/www.tp-link.com\/jp\/support\/download\/tl-wr841n\/v14\/#Firmware", - "source": "vultures@jpcert.or.jp", - "tags": [ - "Product" - ] - }, - { - "url": "https:\/\/www.tp-link.com\/jp\/support\/download\/tl-wr902ac\/#Firmware", - "source": "vultures@jpcert.or.jp", - "tags": [ - "Product" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-37284", - "sourceIdentifier": "vultures@jpcert.or.jp", - "published": "2023-09-06T10:15:13.770", - "lastModified": "2023-09-11T13:39:06.927", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Improper authentication vulnerability in Archer C20 firmware versions prior to 'Archer C20(JP)_V1_230616' allows a network-adjacent unauthenticated attacker to execute an arbitrary OS command via a crafted request to bypass authentication." - }, - { - "lang": "es", - "value": "Una vulnerabilidad de autenticación incorrecta en las versiones de firmware de Archer C20 anteriores a 'Archer C20(JP)_V1_230616' permite a un atacante no autenticado adyacente a la red ejecutar un comando arbitrario del sistema operativo a través de una solicitud manipulada para evitar la autenticación." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:A\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "ADJACENT_NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-287" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:tp-link:archer_c20_firmware:*:*:*:*:*:*:*:*", - "versionEndExcluding": "230616", - "matchCriteriaId": "8ACB29AC-C8FF-44C0-AB62-3F7B62F2EAC7" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:tp-link:archer_c20:1:*:*:*:*:*:*:*", - "matchCriteriaId": "9D159009-CF48-4631-9139-5AB553B58018" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/jvn.jp\/en\/vu\/JVNVU99392903\/", - "source": "vultures@jpcert.or.jp", - "tags": [ - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/www.tp-link.com\/jp\/support\/download\/archer-c20\/v1\/#Firmware", - "source": "vultures@jpcert.or.jp", - "tags": [ - "Product" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-38563", - "sourceIdentifier": "vultures@jpcert.or.jp", - "published": "2023-09-06T10:15:14.030", - "lastModified": "2023-09-11T13:39:23.730", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Archer C1200 firmware versions prior to 'Archer C1200(JP)_V2_230508' and Archer C9 firmware versions prior to 'Archer C9(JP)_V3_230508' allow a network-adjacent unauthenticated attacker to execute arbitrary OS commands." - }, - { - "lang": "es", - "value": "Las versiones de firmware de Archer C1200 anteriores a 'Archer C1200(JP)_V2_230508' y las versiones de firmware de Archer C9 anteriores a 'Archer C9(JP)_V3_230508' permiten que un atacante no autenticado adyacente a la red ejecute comandos arbitrarios del sistema operativo.\n" - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:A\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "ADJACENT_NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-78" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:tp-link:archer_c1200_firmware:*:*:*:*:*:*:*:*", - "versionEndExcluding": "230508", - "matchCriteriaId": "C389ECDD-7BF0-4BF6-94AB-09BC0E1A8BEF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:tp-link:archer_c1200:2.0:*:*:*:*:*:*:*", - "matchCriteriaId": "A981E118-B897-4B68-A1FB-379C803FD5DC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:tp-link:archer_c9_firmware:*:*:*:*:*:*:*:*", - "versionEndExcluding": "230508", - "matchCriteriaId": "ED0E2942-F39F-4A96-8FC0-A14225B58FA5" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:tp-link:archer_c9:2.0:*:*:*:*:*:*:*", - "matchCriteriaId": "18F528AA-045C-4111-BFD7-0597CC758E52" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/jvn.jp\/en\/vu\/JVNVU99392903\/", - "source": "vultures@jpcert.or.jp", - "tags": [ - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/www.tp-link.com\/jp\/support\/download\/archer-c1200\/#Firmware", - "source": "vultures@jpcert.or.jp", - "tags": [ - "Product" - ] - }, - { - "url": "https:\/\/www.tp-link.com\/jp\/support\/download\/archer-c9\/v3\/#Firmware", - "source": "vultures@jpcert.or.jp", - "tags": [ - "Product" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-38568", - "sourceIdentifier": "vultures@jpcert.or.jp", - "published": "2023-09-06T10:15:14.273", - "lastModified": "2023-09-11T13:39:55.610", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Archer A10 firmware versions prior to 'Archer A10(JP)_V2_230504' allows a network-adjacent unauthenticated attacker to execute arbitrary OS commands." - }, - { - "lang": "es", - "value": "Las versiones de firmware de Archer A10 anteriores a 'Archer A10(JP)_V2_230504' permiten que un atacante no autenticado adyacente a la red ejecute comandos arbitrarios del sistema operativo.\n" - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:A\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "ADJACENT_NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-78" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:tp-link:archer_a10_firmware:*:*:*:*:*:*:*:*", - "versionEndExcluding": "230504", - "matchCriteriaId": "B5612D48-5BAD-440D-B684-172A6BF981FF" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:tp-link:archer_a10:2.0:*:*:*:*:*:*:*", - "matchCriteriaId": "9D8B95AD-ED3B-4050-A1E9-D5F7A657D5CB" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/jvn.jp\/en\/vu\/JVNVU99392903\/", - "source": "vultures@jpcert.or.jp", - "tags": [ - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/www.tp-link.com\/jp\/support\/download\/archer-a10\/#Firmware", - "source": "vultures@jpcert.or.jp", - "tags": [ - "Product" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-38588", - "sourceIdentifier": "vultures@jpcert.or.jp", - "published": "2023-09-06T10:15:14.490", - "lastModified": "2023-09-11T13:40:16.047", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Archer C3150 firmware versions prior to 'Archer C3150(JP)_V2_230511' allows a network-adjacent authenticated attacker to execute arbitrary OS commands." - }, - { - "lang": "es", - "value": "Las versiones de firmware de Archer C3150 anteriores a 'Archer C3150(JP)_V2_230511' permiten que un atacante autenticado adyacente a la red ejecute comandos arbitrarios del sistema operativo.\n" - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:A\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "ADJACENT_NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.0, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.1, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-78" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:tp-link:archer_c3150_firmware:*:*:*:*:*:*:*:*", - "versionEndExcluding": "230511", - "matchCriteriaId": "9DF6A4B7-C5FC-4107-BFC3-BA6AB03AED15" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:tp-link:archer_c3150:2.0:*:*:*:*:*:*:*", - "matchCriteriaId": "824535E7-66E1-4776-BA64-D95A128512C4" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/jvn.jp\/en\/vu\/JVNVU99392903\/", - "source": "vultures@jpcert.or.jp", - "tags": [ - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/www.tp-link.com\/jp\/support\/download\/archer-c3150\/#Firmware", - "source": "vultures@jpcert.or.jp", - "tags": [ - "Product" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-39224", - "sourceIdentifier": "vultures@jpcert.or.jp", - "published": "2023-09-06T10:15:14.587", - "lastModified": "2023-09-11T13:40:42.273", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Archer C5 firmware all versions and Archer C7 firmware versions prior to 'Archer C7(JP)_V2_230602' allow a network-adjacent authenticated attacker to execute arbitrary OS commands. Note that Archer C5 is no longer supported, therefore the update for this product is not provided." - }, - { - "lang": "es", - "value": "Todas las versiones del firmware Archer C5 y las versiones del firmware Archer C7 anteriores a 'Archer C7(JP)_V2_230602' permiten que un atacante autenticado adyacente a la red ejecute comandos arbitrarios del sistema operativo. Tenga en cuenta que Archer C5 ya no está soportado, por lo tanto, no se proporciona la actualización para este producto.\n" - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:A\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "ADJACENT_NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.0, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.1, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-78" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:tp-link:archer_c7:2.0:*:*:*:*:*:*:*", - "matchCriteriaId": "27AE1E18-D939-4DB3-984A-85CB4962861C" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:tp-link:archer_c7_firmware:*:*:*:*:*:*:*:*", - "versionEndExcluding": "230602", - "matchCriteriaId": "8F37BD5C-4B5B-4DB2-81DB-249D53A3CD43" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/jvn.jp\/en\/vu\/JVNVU99392903\/", - "source": "vultures@jpcert.or.jp", - "tags": [ - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/www.tp-link.com\/jp\/support\/download\/archer-c7\/v2\/#Firmware", - "source": "vultures@jpcert.or.jp", - "tags": [ - "Product" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-39935", - "sourceIdentifier": "vultures@jpcert.or.jp", - "published": "2023-09-06T10:15:14.643", - "lastModified": "2023-09-11T13:41:11.193", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Archer C5400 firmware versions prior to 'Archer C5400(JP)_V2_230506' allows a network-adjacent authenticated attacker to execute arbitrary OS commands." - }, - { - "lang": "es", - "value": "Las versiones de firmware de Archer C5400 anteriores a 'Archer C5400(JP)_V2_230506' permiten que un atacante autenticado adyacente a la red ejecute comandos arbitrarios del sistema operativo.\n" - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:A\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "ADJACENT_NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.0, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.1, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-78" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:tp-link:archer_c5400:-:*:*:*:*:*:*:*", - "matchCriteriaId": "21A6A32C-1B83-4B4B-BEFD-9B785D7FCD52" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:tp-link:archer_c5400_firmware:*:*:*:*:*:*:*:*", - "versionEndExcluding": "230506", - "matchCriteriaId": "8FFB9EE1-3A2F-4CC1-A0D3-0F713D352B4A" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/jvn.jp\/en\/vu\/JVNVU99392903\/", - "source": "vultures@jpcert.or.jp", - "tags": [ - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/www.tp-link.com\/jp\/support\/download\/archer-c5400\/#Firmware", - "source": "vultures@jpcert.or.jp", - "tags": [ - "Product" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-40193", - "sourceIdentifier": "vultures@jpcert.or.jp", - "published": "2023-09-06T10:15:14.697", - "lastModified": "2023-09-11T13:41:36.760", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Deco M4 firmware versions prior to 'Deco M4(JP)_V2_1.5.8 Build 20230619' allows a network-adjacent authenticated attacker to execute arbitrary OS commands." - }, - { - "lang": "es", - "value": "Las versiones de firmware Deco M4 anteriores a 'Deco M4(JP)_V2_1.5.8 Build 20230619' permiten a un atacante autenticado adyacente a la red ejecutar comandos arbitrarios del sistema operativo.\n" - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:A\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "ADJACENT_NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.0, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.1, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-78" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:tp-link:deco_m4_firmware:*:*:*:*:*:*:*:*", - "versionEndExcluding": "1.5.8", - "matchCriteriaId": "1C911A31-E31C-424A-8CAC-87CB7277BCB3" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:tp-link:deco_m4:2.0:*:*:*:*:*:*:*", - "matchCriteriaId": "B0E129FC-090F-422D-89CB-AE537FEDA708" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/jvn.jp\/en\/vu\/JVNVU99392903\/", - "source": "vultures@jpcert.or.jp", - "tags": [ - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/www.tp-link.com\/jp\/support\/download\/deco-m4\/v2\/#Firmware", - "source": "vultures@jpcert.or.jp", - "tags": [ - "Product" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-40357", - "sourceIdentifier": "vultures@jpcert.or.jp", - "published": "2023-09-06T10:15:14.820", - "lastModified": "2023-09-11T13:42:13.197", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Multiple TP-LINK products allow a network-adjacent authenticated attacker to execute arbitrary OS commands. Affected products\/versions are as follows: Archer AX50 firmware versions prior to 'Archer AX50(JP)_V1_230529', Archer A10 firmware versions prior to 'Archer A10(JP)_V2_230504', Archer AX10 firmware versions prior to 'Archer AX10(JP)_V1.2_230508', and Archer AX11000 firmware versions prior to 'Archer AX11000(JP)_V1_230523'." - }, - { - "lang": "es", - "value": "Múltiples productos TP-LINK permiten que un atacante autenticado adyacente a la red ejecute comandos arbitrarios del sistema operativo. Los productos\/versiones afectados son los siguientes: Versiones de firmware de Archer AX50 anteriores a 'Archer AX50(JP)_V1_230529', Versiones de firmware de Archer A10 anteriores a 'Archer A10(JP)_V2_230504', Versiones de firmware de Archer AX10 anteriores a 'Archer AX10(JP) _V1.2_230508' y versiones de firmware de Archer AX11000 anteriores a 'Archer AX11000(JP)_V1_230523'.\n" - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:A\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "ADJACENT_NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.0, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.1, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-78" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:tp-link:archer_ax50:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "CAFA093D-FBF5-4B8D-87FD-DA09B0EEF9C8" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:tp-link:archer_ax50_firmware:*:*:*:*:*:*:*:*", - "versionEndExcluding": "230529", - "matchCriteriaId": "6FED5A58-CE05-4048-AD76-985B28F1E059" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:tp-link:archer_a10:-:*:*:*:*:*:*:*", - "matchCriteriaId": "617EFAC4-CAB1-41FB-BC30-29ED4A84D74A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:tp-link:archer_a10_firmware:*:*:*:*:*:*:*:*", - "versionEndIncluding": "230504", - "matchCriteriaId": "DC497214-6875-43D7-A8FB-9E6B2D307DE9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:tp-link:archer_ax10:-:*:*:*:*:*:*:*", - "matchCriteriaId": "307B80ED-EEBB-4378-ADA3-B9E821AA3B36" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:tp-link:archer_ax10_firmware:*:*:*:*:*:*:*:*", - "versionEndExcluding": "230508", - "matchCriteriaId": "3DC73D06-13CF-47C5-81C4-37C8348CED43" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:tp-link:archer_ax11000:-:*:*:*:*:*:*:*", - "matchCriteriaId": "75171CD1-0D58-472F-AA60-A990FCA157DA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:tp-link:archer_ax11000_firmware:*:*:*:*:*:*:*:*", - "versionEndExcluding": "230523", - "matchCriteriaId": "A5D83433-6BAB-42DB-A0DB-F4C95F7E7BDE" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/jvn.jp\/en\/vu\/JVNVU99392903\/", - "source": "vultures@jpcert.or.jp", - "tags": [ - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/www.tp-link.com\/jp\/support\/download\/archer-a10\/#Firmware", - "source": "vultures@jpcert.or.jp", - "tags": [ - "Product" - ] - }, - { - "url": "https:\/\/www.tp-link.com\/jp\/support\/download\/archer-ax10\/#Firmware", - "source": "vultures@jpcert.or.jp", - "tags": [ - "Product" - ] - }, - { - "url": "https:\/\/www.tp-link.com\/jp\/support\/download\/archer-ax11000\/#Firmware", - "source": "vultures@jpcert.or.jp", - "tags": [ - "Product" - ] - }, - { - "url": "https:\/\/www.tp-link.com\/jp\/support\/download\/archer-ax50\/#Firmware", - "source": "vultures@jpcert.or.jp", - "tags": [ - "Product" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-40531", - "sourceIdentifier": "vultures@jpcert.or.jp", - "published": "2023-09-06T10:15:15.097", - "lastModified": "2023-09-11T13:42:39.903", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Archer AX6000 firmware versions prior to 'Archer AX6000(JP)_V1_1.3.0 Build 20221208' allows a network-adjacent authenticated attacker to execute arbitrary OS commands." - }, - { - "lang": "es", - "value": "Las versiones de firmware de Archer AX6000 anteriores a 'Archer AX6000(JP)_V1_1.3.0 Build 20221208' permiten a un atacante autenticado adyacente a la red ejecutar comandos arbitrarios del sistema operativo.\n" - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:A\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "ADJACENT_NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.0, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.1, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-78" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:tp-link:archer_ax6000:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "800AD82D-B7F1-4497-A072-A9ACC1A4775E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:tp-link:archer_ax6000_firmware:*:*:*:*:*:*:*:*", - "versionEndExcluding": "1.3.0", - "matchCriteriaId": "6E490D46-4F1A-4BCF-8519-68FE647BBC1B" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/jvn.jp\/en\/vu\/JVNVU99392903\/", - "source": "vultures@jpcert.or.jp", - "tags": [ - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/www.tp-link.com\/jp\/support\/download\/archer-ax6000\/v1\/#Firmware", - "source": "vultures@jpcert.or.jp", - "tags": [ - "Product" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-4588", - "sourceIdentifier": "cve-coordination@incibe.es", - "published": "2023-09-06T12:15:07.827", - "lastModified": "2023-09-11T13:44:02.943", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "File accessibility vulnerability in Delinea Secret Server, in its v10.9.000002 and v11.4.000002 versions. Exploitation of this vulnerability could allow an authenticated user with administrative privileges to create a backup file in the application's webroot directory, changing the default backup directory to the wwwroot folder, and download it with some configuration files such as encryption.config\/ and database.config stored in the wwwroot directory, exposing the database credentials in plain text." - }, - { - "lang": "es", - "value": "Vulnerabilidad de accesibilidad a archivos en Delinea Secret Server, en sus versiones v10.9.000002 y v11.4.000002. La explotación de esta vulnerabilidad podría permitir a un usuario autenticado con privilegios administrativos crear un archivo de copia de seguridad en el directorio raíz web de la aplicación, cambiando el directorio de copia de seguridad predeterminado a la carpeta wwwroot y descargarlo con algunos archivos de configuración como encryption.config\/ y database.config almacenado en el directorio wwwroot, exponiendo las credenciales de la base de datos en texto plano.\n" - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:N\/S:U\/C:H\/I:N\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 4.9, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.2, - "impactScore": 3.6 - }, - { - "source": "cve-coordination@incibe.es", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:N\/S:C\/C:H\/I:N\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "CHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 6.8, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.3, - "impactScore": 4.0 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-552" - } - ] - }, - { - "source": "cve-coordination@incibe.es", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-552" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:delinea:secret_server:10.9.000002:*:*:*:*:*:*:*", - "matchCriteriaId": "0549C65A-06F9-41D4-BF9C-D303A8BC578C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:delinea:secret_server:11.4.000002:*:*:*:*:*:*:*", - "matchCriteriaId": "26B9E59F-98C5-4AAE-B0BD-418B8D7EC723" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.incibe.es\/en\/incibe-cert\/notices\/aviso\/multiple-vulnerabilities-delinea-secret-server", - "source": "cve-coordination@incibe.es", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-4589", - "sourceIdentifier": "cve-coordination@incibe.es", - "published": "2023-09-06T12:15:07.967", - "lastModified": "2023-09-11T13:44:47.663", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Insufficient verification of data authenticity vulnerability in Delinea Secret Server, in its v10.9.000002 version. An attacker with an administrator account could perform software updates without proper integrity verification mechanisms. In this scenario, the update process lacks digital signatures and fails to validate the integrity of the update package, allowing the attacker to inject malicious applications during the update." - }, - { - "lang": "es", - "value": "Vulnerabilidad de verificación insuficiente de autenticidad de datos en Delinea Secret Server, en su versión v10.9.000002. Un atacante con una cuenta de administrador podría realizar actualizaciones de software sin los mecanismos adecuados de verificación de integridad. En este escenario, el proceso de actualización carece de firmas digitales y no logra validar la integridad del paquete de actualización, lo que permite al atacante inyectar aplicaciones maliciosas durante la actualización.\n" - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.2, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.2, - "impactScore": 5.9 - }, - { - "source": "cve-coordination@incibe.es", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:N\/S:C\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "CHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 9.1, - "baseSeverity": "CRITICAL" - }, - "exploitabilityScore": 2.3, - "impactScore": 6.0 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-345" - } - ] - }, - { - "source": "cve-coordination@incibe.es", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-345" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:delinea:secret_server:10.9.000002:*:*:*:*:*:*:*", - "matchCriteriaId": "0549C65A-06F9-41D4-BF9C-D303A8BC578C" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.incibe.es\/en\/incibe-cert\/notices\/aviso\/multiple-vulnerabilities-delinea-secret-server", - "source": "cve-coordination@incibe.es", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-27523", - "sourceIdentifier": "security@apache.org", - "published": "2023-09-06T13:15:08.017", - "lastModified": "2023-09-11T13:46:08.797", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Improper data authorization check on Jinja templated queries in Apache Superset up to and including 2.1.0 allows for an authenticated user to issue queries on database tables they may not have access to.\n\n" - }, - { - "lang": "es", - "value": "La verificación incorrecta de la autorización de datos en las consultas con la plantilla de Jinja en Apache Superset hasta la versión 2.1.0 incluida permite que un usuario autenticado emita consultas en tablas de bases de datos a las que quizás no tenga acceso.\n" - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:L\/I:N\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 4.3, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 1.4 - }, - { - "source": "security@apache.org", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:C\/C:L\/I:N\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 5.0, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 3.1, - "impactScore": 1.4 - } - ] - }, - "weaknesses": [ - { - "source": "security@apache.org", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-863" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apache:superset:*:*:*:*:*:*:*:*", - "versionEndIncluding": "2.1.0", - "matchCriteriaId": "A5C7318E-1118-457F-A2BC-8B9400AE7C3C" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/lists.apache.org\/thread\/3y97nmwm956b6zg3l8dh9oj0w7dj945h", - "source": "security@apache.org", - "tags": [ - "Mailing List" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-27526", - "sourceIdentifier": "security@apache.org", - "published": "2023-09-06T13:15:08.300", - "lastModified": "2023-09-11T13:46:43.207", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "A non Admin authenticated user could incorrectly create resources using the import charts feature, on Apache Superset up to and including 2.1.0. \n" - }, - { - "lang": "es", - "value": "Un usuario no autenticado como administrador podría crear recursos incorrectamente utilizando la función de importación de gráficos, en Apache Superset hasta la versión 2.1.0 incluida.\n" - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:N\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 4.3, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 1.4 - }, - { - "source": "security@apache.org", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:N\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 4.3, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 1.4 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-863" - } - ] - }, - { - "source": "security@apache.org", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-863" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apache:superset:*:*:*:*:*:*:*:*", - "versionEndIncluding": "2.1.0", - "matchCriteriaId": "A5C7318E-1118-457F-A2BC-8B9400AE7C3C" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/lists.apache.org\/thread\/ndww89yl2jd98lvn23n9cj722lfdg8dv", - "source": "security@apache.org", - "tags": [ - "Mailing List" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-36387", - "sourceIdentifier": "security@apache.org", - "published": "2023-09-06T13:15:08.537", - "lastModified": "2023-10-19T18:47:21.623", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "An improper default REST API permission for Gamma users in Apache Superset up to and including 2.1.0 allows for an authenticated Gamma user to test database connections.\n" - }, - { - "lang": "es", - "value": "Un permiso de API REST predeterminado incorrecto para los usuarios de Gamma en Apache Superset hasta la versión 2.1.0 incluida permite que un usuario de Gamma autenticado pruebe las conexiones de la base de datos.\n" - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:N\/I:L\/A:L", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "LOW", - "availabilityImpact": "LOW", - "baseScore": 5.4, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 2.5 - }, - { - "source": "security@apache.org", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:L\/I:N\/A:L", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "availabilityImpact": "LOW", - "baseScore": 5.4, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 2.5 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-863" - } - ] - }, - { - "source": "security@apache.org", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-863" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apache:superset:*:*:*:*:*:*:*:*", - "versionEndIncluding": "2.1.0", - "matchCriteriaId": "A5C7318E-1118-457F-A2BC-8B9400AE7C3C" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/github.com\/apache\/superset\/pull\/24185", - "source": "security@apache.org", - "tags": [ - "Patch" - ] - }, - { - "url": "https:\/\/lists.apache.org\/thread\/tt6s6hm8nv6s11z8bfsk3r3d9ov0ogw3", - "source": "security@apache.org", - "tags": [ - "Mailing List" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-36388", - "sourceIdentifier": "security@apache.org", - "published": "2023-09-06T13:15:08.747", - "lastModified": "2023-09-11T14:15:13.023", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Improper REST API permission in Apache Superset up to and including 2.1.0 allows for an authenticated Gamma users to test network connections, possible SSRF.\n\n" - }, - { - "lang": "es", - "value": "El permiso incorrecto de la API REST en Apache Superset hasta la versión 2.1.0 incluida permite que los usuarios de Gamma autenticados prueben las conexiones de red, dando lugar a un posible Server-Side Request Forgery (SSRF).\n" - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 5.4, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 2.5 - }, - { - "source": "security@apache.org", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:L\/I:N\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 4.3, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 1.4 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-918" - } - ] - }, - { - "source": "security@apache.org", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-918" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apache:superset:*:*:*:*:*:*:*:*", - "versionEndIncluding": "2.1.0", - "matchCriteriaId": "A5C7318E-1118-457F-A2BC-8B9400AE7C3C" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/lists.apache.org\/thread\/ccmjjz4jp17yc2kcd18qshmdtf7qorfs", - "source": "security@apache.org", - "tags": [ - "Mailing List" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-39264", - "sourceIdentifier": "security@apache.org", - "published": "2023-09-06T13:15:08.927", - "lastModified": "2023-09-11T14:28:53.417", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "By default, stack traces for errors were enabled, which resulted in the exposure of internal traces on REST API endpoints to users. This vulnerability exists in Apache Superset versions up to and including 2.1.0." - }, - { - "lang": "es", - "value": "De forma predeterminada, se habilitaron los traces de memoria para errores, lo que resultó en la exposición de los seguimientos internos en los endpoints de la API REST para los usuarios. Esta vulnerabilidad existe en las versiones de Apache Superset hasta la versión 2.1.0 incluida. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:L\/I:N\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 4.3, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 1.4 - }, - { - "source": "security@apache.org", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:L\/I:N\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 4.3, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 1.4 - } - ] - }, - "weaknesses": [ - { - "source": "security@apache.org", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-209" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apache:superset:*:*:*:*:*:*:*:*", - "versionEndIncluding": "2.1.0", - "matchCriteriaId": "A5C7318E-1118-457F-A2BC-8B9400AE7C3C" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/lists.apache.org\/thread\/y65t1of7hb445n86o1vdzjct7rfwlx75", - "source": "security@apache.org", - "tags": [ - "Mailing List" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-41149", - "sourceIdentifier": "vultures@jpcert.or.jp", - "published": "2023-09-06T13:15:09.117", - "lastModified": "2023-09-08T21:21:47.880", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "F-RevoCRM version7.3.7 and version7.3.8 contains an OS command injection vulnerability. If this vulnerability is exploited, an attacker who can access the product may execute an arbitrary OS command on the server where the product is running." - }, - { - "lang": "es", - "value": "F-RevoCRM versión 7.3.7 y versión 7.3.8 contiene una vulnerabilidad de inyección de comandos del sistema operativo. Si se aprovecha esta vulnerabilidad, un atacante que pueda acceder al producto puede ejecutar un comando del sistema operativo arbitrario en el servidor donde se ejecuta el producto." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL" - }, - "exploitabilityScore": 3.9, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-78" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:f-revocrm:f-revocrm:7.3.7:*:*:*:*:*:*:*", - "matchCriteriaId": "474DBB2C-1655-4EFE-AECD-A98C6A6E246B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:f-revocrm:f-revocrm:7.3.8:*:*:*:*:*:*:*", - "matchCriteriaId": "8C1BF5CB-4DAB-4CB3-879E-05FF74092E4B" - } - ] - } - ] - } - ], - "references": [ - { - "url": "http:\/\/jvn.jp\/en\/jp\/JVN78113802\/", - "source": "vultures@jpcert.or.jp", - "tags": [ - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/f-revocrm.jp\/2023\/08\/9394\/", - "source": "vultures@jpcert.or.jp", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-41150", - "sourceIdentifier": "vultures@jpcert.or.jp", - "published": "2023-09-06T13:15:09.247", - "lastModified": "2023-09-08T21:21:37.803", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "F-RevoCRM 7.3 series prior to version7.3.8 contains a cross-site scripting vulnerability. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who is using the product." - }, - { - "lang": "es", - "value": " F-RevoCRM 7.3 series anterior a la version 7.3.8 contiene una vulnerabilidad Cross-Site Scripting. Si se explota esta vulnerabilidad, se puede ejecutar un script arbitrario en el navegador web del usuario que utiliza el producto." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:R\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 5.4, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.3, - "impactScore": 2.7 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-79" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:f-revocrm:f-revocrm:*:*:*:*:*:*:*:*", - "versionStartIncluding": "7.3", - "versionEndIncluding": "7.3.8", - "matchCriteriaId": "C5A4D4BF-81CC-4A05-9BCB-B5365ECEA396" - } - ] - } - ] - } - ], - "references": [ - { - "url": "http:\/\/jvn.jp\/en\/jp\/JVN78113802\/", - "source": "vultures@jpcert.or.jp", - "tags": [ - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/f-revocrm.jp\/2023\/08\/9394\/", - "source": "vultures@jpcert.or.jp", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-41930", - "sourceIdentifier": "jenkinsci-cert@googlegroups.com", - "published": "2023-09-06T13:15:09.377", - "lastModified": "2023-09-11T19:23:34.093", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Jenkins Job Configuration History Plugin 1227.v7a_79fc4dc01f and earlier does not restrict the 'name' query parameter when rendering a history entry, allowing attackers to have Jenkins render a manipulated configuration history that was not created by the plugin." - }, - { - "lang": "es", - "value": "El complemento Jenkins Job Configuration History 1227.v7a_79fc4dc01f y versiones anteriores no restringe el parámetro de consulta 'name' al renderizar una entrada de historial, lo que permite a los atacantes hacer que Jenkins renderice un historial de configuración manipulado que no fue creado por el complemento." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:L\/I:N\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 4.3, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 1.4 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-22" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:jenkins:job_configuration_history:*:*:*:*:*:jenkins:*:*", - "versionEndIncluding": "1227.v7a_79fc4dc01f", - "matchCriteriaId": "DCA428E1-B407-4F61-AB8B-B24D902C4A8D" - } - ] - } - ] - } - ], - "references": [ - { - "url": "http:\/\/www.openwall.com\/lists\/oss-security\/2023\/09\/06\/9", - "source": "jenkinsci-cert@googlegroups.com", - "tags": [ - "Mailing List" - ] - }, - { - "url": "https:\/\/www.jenkins.io\/security\/advisory\/2023-09-06\/#SECURITY-3233", - "source": "jenkinsci-cert@googlegroups.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-41931", - "sourceIdentifier": "jenkinsci-cert@googlegroups.com", - "published": "2023-09-06T13:15:09.577", - "lastModified": "2023-09-11T19:55:42.340", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Jenkins Job Configuration History Plugin 1227.v7a_79fc4dc01f and earlier does not property sanitize or escape the timestamp value from history entries when rendering a history entry on the history view, resulting in a stored cross-site scripting (XSS) vulnerability." - }, - { - "lang": "es", - "value": "El complemento Jenkins Job Configuration History 1227.v7a_79fc4dc01f y versiones anteriores no sanitizan ni escapan el valor timestamp de las entradas de historial al representar una entrada de historial en la vista de historial, lo que da como resultado una vulnerabilidad de Cross-Site Scripting (XSS) almacenada." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:R\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 5.4, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.3, - "impactScore": 2.7 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-79" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:jenkins:job_configuration_history:*:*:*:*:*:jenkins:*:*", - "versionEndIncluding": "1227.v7a_79fc4dc01f", - "matchCriteriaId": "DCA428E1-B407-4F61-AB8B-B24D902C4A8D" - } - ] - } - ] - } - ], - "references": [ - { - "url": "http:\/\/www.openwall.com\/lists\/oss-security\/2023\/09\/06\/9", - "source": "jenkinsci-cert@googlegroups.com", - "tags": [ - "Mailing List", - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/www.jenkins.io\/security\/advisory\/2023-09-06\/#SECURITY-3233", - "source": "jenkinsci-cert@googlegroups.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-41932", - "sourceIdentifier": "jenkinsci-cert@googlegroups.com", - "published": "2023-09-06T13:15:09.770", - "lastModified": "2023-09-11T20:07:12.583", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Jenkins Job Configuration History Plugin 1227.v7a_79fc4dc01f and earlier does not restrict 'timestamp' query parameters in multiple endpoints, allowing attackers with to delete attacker-specified directories on the Jenkins controller file system as long as they contain a file called 'history.xml'." - }, - { - "lang": "es", - "value": "El complemento Jenkins Job Configuration History 1227.v7a_79fc4dc01f y versiones anteriores no restringen los parámetros de consulta de 'timestamp' en múltiples endpoints, lo que permite a los atacantes eliminar directorios especificados por el atacante en el sistema de archivos del controlador Jenkins siempre que contengan un archivo llamado 'history.xml'." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:N\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 6.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-611" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:jenkins:job_configuration_history:*:*:*:*:*:jenkins:*:*", - "versionEndIncluding": "1227.v7a_79fc4dc01f", - "matchCriteriaId": "DCA428E1-B407-4F61-AB8B-B24D902C4A8D" - } - ] - } - ] - } - ], - "references": [ - { - "url": "http:\/\/www.openwall.com\/lists\/oss-security\/2023\/09\/06\/9", - "source": "jenkinsci-cert@googlegroups.com", - "tags": [ - "Mailing List", - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/www.jenkins.io\/security\/advisory\/2023-09-06\/#SECURITY-3235", - "source": "jenkinsci-cert@googlegroups.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-41933", - "sourceIdentifier": "jenkinsci-cert@googlegroups.com", - "published": "2023-09-06T13:15:10.000", - "lastModified": "2023-09-11T20:33:28.030", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Jenkins Job Configuration History Plugin 1227.v7a_79fc4dc01f and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks." - }, - { - "lang": "es", - "value": "El complemento Jenkins Job Configuration History 1227.v7a_79fc4dc01f y versiones anteriores no configuran su analizador XML para evitar ataques de entidad externa XML (XXE)." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-611" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:jenkins:job_configuration_history:*:*:*:*:*:jenkins:*:*", - "versionEndIncluding": "1229.v3039470161a_d", - "matchCriteriaId": "6D443D65-29A1-4D36-BD9D-61E22A570497" - } - ] - } - ] - } - ], - "references": [ - { - "url": "http:\/\/www.openwall.com\/lists\/oss-security\/2023\/09\/06\/9", - "source": "jenkinsci-cert@googlegroups.com", - "tags": [ - "Mailing List", - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/www.jenkins.io\/security\/advisory\/2023-09-06\/#SECURITY-3235", - "source": "jenkinsci-cert@googlegroups.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-41934", - "sourceIdentifier": "jenkinsci-cert@googlegroups.com", - "published": "2023-09-06T13:15:10.073", - "lastModified": "2023-09-12T13:24:46.640", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Jenkins Pipeline Maven Integration Plugin 1330.v18e473854496 and earlier does not properly mask (i.e., replace with asterisks) usernames of credentials specified in custom Maven settings in Pipeline build logs if \"Treat username as secret\" is checked." - }, - { - "lang": "es", - "value": "El complemento Jenkins Pipeline Maven Integration 1330.v18e473854496 y versiones anteriores no enmascaran correctamente (es decir, reemplazan con asteriscos) los nombres de usuario de las credenciales especificadas en la configuración personalizada de Maven en los registros de build del Pipeline si está marcada la opción \"Tratar nombre de usuario como secreto\"." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:L\/I:N\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 5.3, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 3.9, - "impactScore": 1.4 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "NVD-CWE-noinfo" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:jenkins:pipeline_maven_integration:*:*:*:*:*:jenkins:*:*", - "versionEndIncluding": "1330.v18e473854496", - "matchCriteriaId": "5D2C7155-4B9D-48B9-9A25-C7DDB62A446B" - } - ] - } - ] - } - ], - "references": [ - { - "url": "http:\/\/www.openwall.com\/lists\/oss-security\/2023\/09\/06\/9", - "source": "jenkinsci-cert@googlegroups.com", - "tags": [ - "Mailing List", - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/www.jenkins.io\/security\/advisory\/2023-09-06\/#SECURITY-3257", - "source": "jenkinsci-cert@googlegroups.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-41935", - "sourceIdentifier": "jenkinsci-cert@googlegroups.com", - "published": "2023-09-06T13:15:10.297", - "lastModified": "2023-09-11T17:54:37.170", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Jenkins Azure AD Plugin 396.v86ce29279947 and earlier, except 378.380.v545b_1154b_3fb_, uses a non-constant time comparison function when checking whether the provided and expected CSRF protection nonce are equal, potentially allowing attackers to use statistical methods to obtain a valid nonce." - }, - { - "lang": "es", - "value": "El complemento Jenkins Azure AD 396.v86ce29279947 y versiones anteriores, excepto 378.380.v545b_1154b_3fb_, usa una función de comparación de tiempo no constante al comprobar si el nonce de protección CSRF proporcionado y esperado es igual, lo que podría permitir a los atacantes usar métodos estadísticos para obtener un nonce válido." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:N\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 7.5, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-697" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:jenkins:azure_ad:*:*:*:*:*:jenkins:*:*", - "versionEndIncluding": "348.vefd011eea_20b", - "matchCriteriaId": "1DB49479-D1D1-4DED-918B-E73292121907" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:jenkins:azure_ad:*:*:*:*:*:jenkins:*:*", - "versionStartIncluding": "378.vd6e2874a_69eb", - "versionEndIncluding": "396.v86ce29279947", - "matchCriteriaId": "77E0A6BF-D2E6-4FE7-9BD5-E702FDBCB161" - } - ] - } - ] - } - ], - "references": [ - { - "url": "http:\/\/www.openwall.com\/lists\/oss-security\/2023\/09\/06\/9", - "source": "jenkinsci-cert@googlegroups.com", - "tags": [ - "Mailing List", - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/www.jenkins.io\/security\/advisory\/2023-09-06\/#SECURITY-3227", - "source": "jenkinsci-cert@googlegroups.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-41936", - "sourceIdentifier": "jenkinsci-cert@googlegroups.com", - "published": "2023-09-06T13:15:10.367", - "lastModified": "2023-09-11T17:53:27.380", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Jenkins Google Login Plugin 1.7 and earlier uses a non-constant time comparison function when checking whether the provided and expected token are equal, potentially allowing attackers to use statistical methods to obtain a valid token." - }, - { - "lang": "es", - "value": "El complemento Jenkins Google Login 1.7 y versiones anteriores utilizan una función de comparación de tiempo no constante al verificar si el token proporcionado y esperado son iguales, lo que potencialmente permite a los atacantes utilizar métodos estadísticos para obtener un token válido." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:N\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 7.5, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-697" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:jenkins:google_login:*:*:*:*:*:jenkins:*:*", - "versionEndIncluding": "1.7", - "matchCriteriaId": "C5A3BAD5-C8AA-40C5-9DE5-E72F8A7B7805" - } - ] - } - ] - } - ], - "references": [ - { - "url": "http:\/\/www.openwall.com\/lists\/oss-security\/2023\/09\/06\/9", - "source": "jenkinsci-cert@googlegroups.com", - "tags": [ - "Mailing List", - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/www.jenkins.io\/security\/advisory\/2023-09-06\/#SECURITY-3228", - "source": "jenkinsci-cert@googlegroups.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-41937", - "sourceIdentifier": "jenkinsci-cert@googlegroups.com", - "published": "2023-09-06T13:15:10.593", - "lastModified": "2023-09-11T17:53:01.077", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Jenkins Bitbucket Push and Pull Request Plugin 2.4.0 through 2.8.3 (both inclusive) trusts values provided in the webhook payload, including certain URLs, and uses configured Bitbucket credentials to connect to those URLs, allowing attackers to capture Bitbucket credentials stored in Jenkins by sending a crafted webhook payload." - }, - { - "lang": "es", - "value": "El complemento Jenkins Bitbucket Push and Pull Request versiones 2.4.0 a 2.8.3 (ambas incluidas) confía en los valores proporcionados en el payload del webhook, incluidas ciertas URL, y utiliza credenciales de Bitbucket configuradas para conectarse a esas URL, lo que permite a los atacantes capturar las credenciales de Bitbucket almacenadas en Jenkins enviando un payload de webhook manipulado." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:N\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 7.5, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-918" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:jenkins:bitbucket_push_and_pull_request:*:*:*:*:*:jenkins:*:*", - "versionStartIncluding": "2.4.0", - "versionEndIncluding": "2.8.3", - "matchCriteriaId": "DE104E22-F40A-46A6-8478-7D05B93AEA9F" - } - ] - } - ] - } - ], - "references": [ - { - "url": "http:\/\/www.openwall.com\/lists\/oss-security\/2023\/09\/06\/9", - "source": "jenkinsci-cert@googlegroups.com", - "tags": [ - "Mailing List", - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/www.jenkins.io\/security\/advisory\/2023-09-06\/#SECURITY-3165", - "source": "jenkinsci-cert@googlegroups.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-41938", - "sourceIdentifier": "jenkinsci-cert@googlegroups.com", - "published": "2023-09-06T13:15:10.660", - "lastModified": "2023-09-11T17:52:09.947", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "A cross-site request forgery (CSRF) vulnerability in Jenkins Ivy Plugin 2.5 and earlier allows attackers to delete disabled modules." - }, - { - "lang": "es", - "value": "Una vulnerabilidad de Cross-Site Request Forgery (CSRF) en el complemento Jenkins Ivy 2.5 y versiones anteriores permite a los atacantes eliminar módulos deshabilitados." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:U\/C:N\/I:H\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "HIGH", - "availabilityImpact": "NONE", - "baseScore": 6.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-352" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:jenkins:ivy:*:*:*:*:*:jenkins:*:*", - "versionEndIncluding": "2.5", - "matchCriteriaId": "97D30617-B933-4B75-9F78-EE9EAEE1EE79" - } - ] - } - ] - } - ], - "references": [ - { - "url": "http:\/\/www.openwall.com\/lists\/oss-security\/2023\/09\/06\/9", - "source": "jenkinsci-cert@googlegroups.com", - "tags": [ - "Mailing List", - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/www.jenkins.io\/security\/advisory\/2023-09-06\/#SECURITY-3093", - "source": "jenkinsci-cert@googlegroups.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-41939", - "sourceIdentifier": "jenkinsci-cert@googlegroups.com", - "published": "2023-09-06T13:15:10.867", - "lastModified": "2023-09-11T17:51:37.613", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Jenkins SSH2 Easy Plugin 1.4 and earlier does not verify that permissions configured to be granted are enabled, potentially allowing users formerly granted (typically optional permissions, like Overall\/Manage) to access functionality they're no longer entitled to." - }, - { - "lang": "es", - "value": "El complemento Jenkins SSH2 Easy 1.4 y versiones anteriores no verifican que los permisos configurados para ser otorgados estén habilitados, lo que potencialmente permite a los usuarios que anteriormente se les otorgaban (generalmente permisos opcionales, como Overall\/Manage) acceder a la funcionalidad a la que ya no tienen derecho." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-281" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:jenkins:ssh2_easy:*:*:*:*:*:jenkins:*:*", - "versionEndIncluding": "1.4", - "matchCriteriaId": "BF8F2CB1-E7F2-4900-A396-9CD3A0F02346" - } - ] - } - ] - } - ], - "references": [ - { - "url": "http:\/\/www.openwall.com\/lists\/oss-security\/2023\/09\/06\/9", - "source": "jenkinsci-cert@googlegroups.com", - "tags": [ - "Mailing List", - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/www.jenkins.io\/security\/advisory\/2023-09-06\/#SECURITY-3064", - "source": "jenkinsci-cert@googlegroups.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-41940", - "sourceIdentifier": "jenkinsci-cert@googlegroups.com", - "published": "2023-09-06T13:15:11.027", - "lastModified": "2023-09-11T17:49:38.180", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Jenkins TAP Plugin 2.3 and earlier does not escape TAP file contents, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control TAP file contents." - }, - { - "lang": "es", - "value": "El complemento Jenkins TAP 2.3 y versiones anteriores no escapan al contenido del archivo TAP, lo que resulta en una vulnerabilidad de cross-site scripting (XSS) almacenado explotable por atacantes capaces de controlar el contenido del archivo TAP." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:R\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 5.4, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.3, - "impactScore": 2.7 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-79" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:jenkins:tap:*:*:*:*:*:jenkins:*:*", - "versionEndIncluding": "2.3", - "matchCriteriaId": "2B0E63ED-B349-4EAF-B9DE-71113ED858F3" - } - ] - } - ] - } - ], - "references": [ - { - "url": "http:\/\/www.openwall.com\/lists\/oss-security\/2023\/09\/06\/9", - "source": "jenkinsci-cert@googlegroups.com", - "tags": [ - "Mailing List", - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/www.jenkins.io\/security\/advisory\/2023-09-06\/#SECURITY-3190", - "source": "jenkinsci-cert@googlegroups.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-41941", - "sourceIdentifier": "jenkinsci-cert@googlegroups.com", - "published": "2023-09-06T13:15:11.107", - "lastModified": "2023-09-11T18:44:44.843", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "A missing permission check in Jenkins AWS CodeCommit Trigger Plugin 3.0.12 and earlier allows attackers with Overall\/Read permission to enumerate credentials IDs of AWS credentials stored in Jenkins." - }, - { - "lang": "es", - "value": "Una comprobación de permisos faltante en el complemento Jenkins AWS CodeCommit Trigger 3.0.12 y versiones anteriores permite a los atacantes con permiso Overall\/Read enumerar los ID de credenciales de las credenciales de AWS almacenadas en Jenkins." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:L\/I:N\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 4.3, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 1.4 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-862" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:jenkins:aws_codecommit_trigger:*:*:*:*:*:jenkins:*:*", - "versionEndIncluding": "3.0.12", - "matchCriteriaId": "8C6ACF0F-A36C-468E-AFBA-F0004DCC931F" - } - ] - } - ] - } - ], - "references": [ - { - "url": "http:\/\/www.openwall.com\/lists\/oss-security\/2023\/09\/06\/9", - "source": "jenkinsci-cert@googlegroups.com", - "tags": [ - "Mailing List", - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/www.jenkins.io\/security\/advisory\/2023-09-06\/#SECURITY-3101%20(1)", - "source": "jenkinsci-cert@googlegroups.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-41942", - "sourceIdentifier": "jenkinsci-cert@googlegroups.com", - "published": "2023-09-06T13:15:11.217", - "lastModified": "2023-09-11T18:43:21.273", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "A cross-site request forgery (CSRF) vulnerability in Jenkins AWS CodeCommit Trigger Plugin 3.0.12 and earlier allows attackers to clear the SQS queue." - }, - { - "lang": "es", - "value": "Una vulnerabilidad de Cross-Site Request Forgery (CSRF) en el complemento Jenkins AWS CodeCommit Trigger 3.0.12y anterior permite a los atacantes vaciar la cola SQS." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:U\/C:N\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 4.3, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 1.4 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-352" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:jenkins:aws_codecommit_trigger:*:*:*:*:*:jenkins:*:*", - "versionEndIncluding": "3.0.12", - "matchCriteriaId": "8C6ACF0F-A36C-468E-AFBA-F0004DCC931F" - } - ] - } - ] - } - ], - "references": [ - { - "url": "http:\/\/www.openwall.com\/lists\/oss-security\/2023\/09\/06\/9", - "source": "jenkinsci-cert@googlegroups.com", - "tags": [ - "Mailing List", - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/www.jenkins.io\/security\/advisory\/2023-09-06\/#SECURITY-3101%20(2)", - "source": "jenkinsci-cert@googlegroups.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-41943", - "sourceIdentifier": "jenkinsci-cert@googlegroups.com", - "published": "2023-09-06T13:15:11.433", - "lastModified": "2023-09-11T18:40:55.260", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Jenkins AWS CodeCommit Trigger Plugin 3.0.12 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall\/Read permission to clear the SQS queue." - }, - { - "lang": "es", - "value": "El plugin de Jenkins AWS CodeCommit Trigger en la versión 3.0.12 y anteriores no realiza una comprobación de permisos en un endpoint HTTP, permitiendo a atacantes con permiso Overall\/Read vaciar la cola SQS. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:N\/I:N\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "availabilityImpact": "HIGH", - "baseScore": 6.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-862" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:jenkins:aws_codecommit_trigger:*:*:*:*:*:jenkins:*:*", - "versionEndIncluding": "3.0.12", - "matchCriteriaId": "8C6ACF0F-A36C-468E-AFBA-F0004DCC931F" - } - ] - } - ] - } - ], - "references": [ - { - "url": "http:\/\/www.openwall.com\/lists\/oss-security\/2023\/09\/06\/9", - "source": "jenkinsci-cert@googlegroups.com", - "tags": [ - "Mailing List", - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/www.jenkins.io\/security\/advisory\/2023-09-06\/#SECURITY-3101%20(2)", - "source": "jenkinsci-cert@googlegroups.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-41944", - "sourceIdentifier": "jenkinsci-cert@googlegroups.com", - "published": "2023-09-06T13:15:11.553", - "lastModified": "2023-09-11T18:37:32.990", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Jenkins AWS CodeCommit Trigger Plugin 3.0.12 and earlier does not escape the queue name parameter passed to a form validation URL, when rendering an error message, resulting in an HTML injection vulnerability." - }, - { - "lang": "es", - "value": "El plugin Jenkins AWS CodeCommit Trigger 3.0.12 y anterior no escapa al parámetro de nombre de cola pasado a una URL de validación de formulario al renderizar un mensaje de error, lo que resulta en una vulnerabilidad de inyección HTML." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 6.1, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 2.7 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-79" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:jenkins:aws_codecommit_trigger:*:*:*:*:*:jenkins:*:*", - "versionEndIncluding": "3.0.12", - "matchCriteriaId": "8C6ACF0F-A36C-468E-AFBA-F0004DCC931F" - } - ] - } - ] - } - ], - "references": [ - { - "url": "http:\/\/www.openwall.com\/lists\/oss-security\/2023\/09\/06\/9", - "source": "jenkinsci-cert@googlegroups.com", - "tags": [ - "Mailing List", - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/www.jenkins.io\/security\/advisory\/2023-09-06\/#SECURITY-3102", - "source": "jenkinsci-cert@googlegroups.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-41945", - "sourceIdentifier": "jenkinsci-cert@googlegroups.com", - "published": "2023-09-06T13:15:11.770", - "lastModified": "2023-09-11T19:07:22.307", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Jenkins Assembla Auth Plugin 1.14 and earlier does not verify that the permissions it grants are enabled, resulting in users with EDIT permissions to be granted Overall\/Manage and Overall\/SystemRead permissions, even if those permissions are disabled and should not be granted." - }, - { - "lang": "es", - "value": "El complemento Jenkins Assembla Auth 1.14 y versiones anteriores no verifican que los permisos que concede estén habilitados, lo que hace que a los usuarios con permisos EDIT se les otorguen permisos Overall\/Manage y Overall\/SystemRead, incluso si esos permisos están deshabilitados y no deben concederse." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-862" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:jenkins:assembla_auth:*:*:*:*:*:jenkins:*:*", - "versionEndIncluding": "1.14", - "matchCriteriaId": "58175D24-70D9-48A1-83E8-1C019C9C32DF" - } - ] - } - ] - } - ], - "references": [ - { - "url": "http:\/\/www.openwall.com\/lists\/oss-security\/2023\/09\/06\/9", - "source": "jenkinsci-cert@googlegroups.com", - "tags": [ - "Mailing List", - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/www.jenkins.io\/security\/advisory\/2023-09-06\/#SECURITY-3065", - "source": "jenkinsci-cert@googlegroups.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-41946", - "sourceIdentifier": "jenkinsci-cert@googlegroups.com", - "published": "2023-09-06T13:15:11.887", - "lastModified": "2023-09-11T19:07:01.407", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "A cross-site request forgery (CSRF) vulnerability in Jenkins Frugal Testing Plugin 1.1 and earlier allows attackers to connect to Frugal Testing using attacker-specified credentials, and to retrieve test IDs and names from Frugal Testing, if a valid credential corresponds to the attacker-specified username." - }, - { - "lang": "es", - "value": "Una vulnerabilidad de Cross-Site Request Forgery (CSRF) en el complemento Jenkins Frugal Testing 1.1 y versiones anteriores permite a los atacantes conectarse a Frugal Testing utilizando credenciales especificadas por el atacante y recuperar ID y nombres de prueba de Frugal Testing, si una credencial válida corresponde al nombre de usuario especificado por el atacante." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:R\/S:U\/C:L\/I:N\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 3.5, - "baseSeverity": "LOW" - }, - "exploitabilityScore": 2.1, - "impactScore": 1.4 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-352" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:jenkins:frugal_testing:*:*:*:*:*:jenkins:*:*", - "versionEndIncluding": "1.1", - "matchCriteriaId": "F9A50DC0-0C81-4FFE-9983-9F77A40B7D8F" - } - ] - } - ] - } - ], - "references": [ - { - "url": "http:\/\/www.openwall.com\/lists\/oss-security\/2023\/09\/06\/9", - "source": "jenkinsci-cert@googlegroups.com", - "tags": [ - "Mailing List", - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/www.jenkins.io\/security\/advisory\/2023-09-06\/#SECURITY-3082", - "source": "jenkinsci-cert@googlegroups.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-41947", - "sourceIdentifier": "jenkinsci-cert@googlegroups.com", - "published": "2023-09-06T13:15:11.973", - "lastModified": "2023-09-11T19:06:49.680", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "A missing permission check in Jenkins Frugal Testing Plugin 1.1 and earlier allows attackers with Overall\/Read permission to connect to Frugal Testing using attacker-specified credentials." - }, - { - "lang": "es", - "value": "Una comprobación de permisos faltante en el complemento Jenkins Frugal Testing 1.1 y versiones anteriores permite a los atacantes con permiso Overall\/Read conectarse a Frugal Testing utilizando credenciales especificadas por el atacante." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:L\/I:N\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 4.3, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 1.4 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-862" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:jenkins:frugal_testing:*:*:*:*:*:jenkins:*:*", - "versionEndIncluding": "1.1", - "matchCriteriaId": "F9A50DC0-0C81-4FFE-9983-9F77A40B7D8F" - } - ] - } - ] - } - ], - "references": [ - { - "url": "http:\/\/www.openwall.com\/lists\/oss-security\/2023\/09\/06\/9", - "source": "jenkinsci-cert@googlegroups.com", - "tags": [ - "Mailing List", - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/www.jenkins.io\/security\/advisory\/2023-09-06\/#SECURITY-3082", - "source": "jenkinsci-cert@googlegroups.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2021-21088", - "sourceIdentifier": "psirt@adobe.com", - "published": "2023-09-06T14:15:08.053", - "lastModified": "2023-09-12T13:37:54.643", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Use After Free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." - }, - { - "lang": "es", - "value": "Las versiones 2020.013.20074 (y anteriores), 2020.001.30018 (y anteriores) y 2017.011.30188 (y anteriores) de Acrobat Reader DC están afectadas por una vulnerabilidad de use-after-free. Un atacante no autenticado podría aprovechar esta vulnerabilidad para lograr la ejecución de código arbitrario en el contexto del usuario actual. La explotación de este problema requiere la interacción del usuario, en el sentido de que una víctima debe abrir un archivo malicioso." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - }, - { - "source": "psirt@adobe.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "psirt@adobe.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-416" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", - "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:classic:*:*:*", - "versionStartIncluding": "17.011.30180", - "versionEndExcluding": "17.011.30190", - "matchCriteriaId": "1823787E-E1F3-4AC6-976D-D90EAF030ACB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:classic:*:*:*", - "versionStartIncluding": "20.001.30005", - "versionEndExcluding": "20.001.30020", - "matchCriteriaId": "BEE5B07B-477D-4A72-83A9-18389934697B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*", - "versionStartIncluding": "15.007.20033", - "versionEndExcluding": "21.001.20135", - "matchCriteriaId": "BDF96AFA-EF1D-4677-81D4-2775CFE39E95" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:classic:*:*:*", - "versionStartIncluding": "17.011.30180", - "versionEndExcluding": "17.011.30190", - "matchCriteriaId": "957DB783-FE3C-4202-9EE1-43ADA2A160CD" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:classic:*:*:*", - "versionStartIncluding": "20.001.30005", - "versionEndExcluding": "20.001.30020", - "matchCriteriaId": "F91DD5E6-B165-4462-9E8E-C6C773A62188" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*", - "versionStartIncluding": "15.007.20033", - "versionEndExcluding": "21.001.20135", - "matchCriteriaId": "0C26D048-87CF-463E-9666-DD9FBD507C91" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/helpx.adobe.com\/security\/products\/acrobat\/apsb21-09.html", - "source": "psirt@adobe.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2021-28644", - "sourceIdentifier": "psirt@adobe.com", - "published": "2023-09-06T14:15:08.390", - "lastModified": "2023-09-12T14:11:58.857", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by a Path traversal vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." - }, - { - "lang": "es", - "value": "Las versiones 2021.005.20054 (y anteriores), 2020.004.30005 (y anteriores) y 2017.011.30197 (y anteriores) de Acrobat Reader DC están afectadas por una vulnerabilidad de Path traversal. Un atacante no autenticado podría aprovechar esta vulnerabilidad para lograr la ejecución de código arbitrario en el contexto del usuario actual. La explotación de este problema requiere la interacción del usuario, en el sentido de que una víctima debe abrir un archivo malicioso." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "psirt@adobe.com", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "psirt@adobe.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-22" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:classic:*:*:*", - "versionStartIncluding": "17.011.30180", - "versionEndExcluding": "17.011.30199", - "matchCriteriaId": "E96C30E4-DBB4-4C88-9E71-4459A11859DE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:classic:*:*:*", - "versionStartIncluding": "20.001.30005", - "versionEndExcluding": "20.004.30006", - "matchCriteriaId": "D434CD4B-0BB9-4F5F-9001-836A3620FD8D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*", - "versionStartIncluding": "15.007.20033", - "versionEndExcluding": "21.005.20058", - "matchCriteriaId": "48A31AA5-A68F-4CA9-B192-B29C80AE58F1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:classic:*:*:*", - "versionStartIncluding": "17.011.30180", - "versionEndExcluding": "17.011.30199", - "matchCriteriaId": "C0444DF8-F6C9-4608-9D09-F0474B7D0E30" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:classic:*:*:*", - "versionStartIncluding": "20.001.30005", - "versionEndExcluding": "20.004.30006", - "matchCriteriaId": "776F4421-5C68-4878-8E63-E2AA02F04815" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*", - "versionStartIncluding": "15.007.20033", - "versionEndExcluding": "21.005.20058", - "matchCriteriaId": "5DFEFCD7-5267-49A9-87EB-A05D54EB23C4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", - "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/helpx.adobe.com\/security\/products\/acrobat\/apsb21-51.html", - "source": "psirt@adobe.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2021-35980", - "sourceIdentifier": "psirt@adobe.com", - "published": "2023-09-06T14:15:08.593", - "lastModified": "2023-09-12T14:24:43.123", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by a Path traversal vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." - }, - { - "lang": "es", - "value": "Las versiones 2021.005.20054 (y anteriores), 2020.004.30005 (y anteriores) y 2017.011.30197 (y anteriores) de Acrobat Reader DC están afectadas por una vulnerabilidad de Path traversal. Un atacante no autenticado podría aprovechar esta vulnerabilidad para lograr la ejecución de código arbitrario en el contexto del usuario actual. La explotación de este problema requiere la interacción del usuario, en el sentido de que una víctima debe abrir un archivo malicioso." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "psirt@adobe.com", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "psirt@adobe.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-22" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:classic:*:*:*", - "versionStartIncluding": "17.011.30180", - "versionEndExcluding": "17.011.30199", - "matchCriteriaId": "E96C30E4-DBB4-4C88-9E71-4459A11859DE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:classic:*:*:*", - "versionStartIncluding": "20.001.30005", - "versionEndExcluding": "20.004.30006", - "matchCriteriaId": "D434CD4B-0BB9-4F5F-9001-836A3620FD8D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*", - "versionStartIncluding": "15.007.20033", - "versionEndExcluding": "21.005.20058", - "matchCriteriaId": "48A31AA5-A68F-4CA9-B192-B29C80AE58F1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:classic:*:*:*", - "versionStartIncluding": "17.011.30180", - "versionEndExcluding": "17.011.30199", - "matchCriteriaId": "C0444DF8-F6C9-4608-9D09-F0474B7D0E30" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:classic:*:*:*", - "versionStartIncluding": "20.001.30005", - "versionEndExcluding": "20.004.30006", - "matchCriteriaId": "776F4421-5C68-4878-8E63-E2AA02F04815" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*", - "versionStartIncluding": "15.007.20033", - "versionEndExcluding": "21.005.20058", - "matchCriteriaId": "5DFEFCD7-5267-49A9-87EB-A05D54EB23C4" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", - "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/helpx.adobe.com\/security\/products\/acrobat\/apsb21-51.html", - "source": "psirt@adobe.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2021-36021", - "sourceIdentifier": "psirt@adobe.com", - "published": "2023-09-06T14:15:08.767", - "lastModified": "2023-09-14T13:15:07.410", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Magento versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an Improper input validation vulnerability within the CMS page scheduled update feature. An authenticated attacker with administrative privilege could leverage this vulnerability to achieve remote code execution on the system. " - }, - { - "lang": "es", - "value": "Las versiones 2.4.2 (y anteriores), 2.4.2-p1 (y anteriores) y 2.3.7 (y anteriores) de Magento están afectadas por una vulnerabilidad de validación de entrada Incorrecta dentro de la función de actualización programada de la página CMS. Un atacante autenticado con privilegios administrativos podría aprovechar esta vulnerabilidad para lograr la ejecución remota de código en el sistema." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "psirt@adobe.com", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.2, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.2, - "impactScore": 5.9 - }, - { - "source": "nvd@nist.gov", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.2, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.2, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "psirt@adobe.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-20" - } - ] - }, - { - "source": "nvd@nist.gov", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "NVD-CWE-noinfo" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:magento:magento:*:*:*:*:commerce:*:*:*", - "versionEndExcluding": "2.3.7", - "matchCriteriaId": "727FB993-9F35-40EA-BF41-E4757F21C5FE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:magento:magento:*:*:*:*:open_source:*:*:*", - "versionEndExcluding": "2.3.7", - "matchCriteriaId": "9DF037A1-026B-4083-97FB-13578A56326C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:magento:magento:*:*:*:*:commerce:*:*:*", - "versionStartIncluding": "2.4.0", - "versionEndExcluding": "2.4.2", - "matchCriteriaId": "FEBAEE65-BE3C-45B8-A321-F24F90495906" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:magento:magento:*:*:*:*:open_source:*:*:*", - "versionStartIncluding": "2.4.0", - "versionEndExcluding": "2.4.2", - "matchCriteriaId": "6A81A9D5-8570-430F-AD20-BEBEC3151865" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:magento:magento:2.3.7:-:*:*:commerce:*:*:*", - "matchCriteriaId": "F124A6F4-E3B3-4065-970D-963BAAAD59CB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:magento:magento:2.3.7:-:*:*:open_source:*:*:*", - "matchCriteriaId": "4F1E5426-A646-4EC1-902A-FD30B00AD1AA" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:magento:magento:2.4.2:-:*:*:commerce:*:*:*", - "matchCriteriaId": "58C98B8D-6E7B-44FA-8C73-D2AA1DC0A074" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:magento:magento:2.4.2:-:*:*:open_source:*:*:*", - "matchCriteriaId": "930C8AEF-C433-4CF9-AC81-7CCFC3EDFD48" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:magento:magento:2.4.2:p1:*:*:commerce:*:*:*", - "matchCriteriaId": "68A6F795-960A-42F0-96BA-2E3D912F3E1A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:magento:magento:2.4.2:p1:*:*:open_source:*:*:*", - "matchCriteriaId": "E9CD54D8-4E55-4437-B762-A68F2BE62CF3" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/helpx.adobe.com\/security\/products\/magento\/apsb21-64.html", - "source": "psirt@adobe.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2021-36023", - "sourceIdentifier": "psirt@adobe.com", - "published": "2023-09-06T14:15:08.950", - "lastModified": "2023-09-11T19:05:35.687", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an XML Injection vulnerability in the Widgets Update Layout. An attacker with admin privileges can trigger a specially crafted script to achieve remote code execution." - }, - { - "lang": "es", - "value": "Las versiones 2.4.2 (y anteriores), 2.4.2-p1 (y anteriores) y 2.3.7 (y anteriores) de Magento Commerce están afectadas por una vulnerabilidad de inyección XML en el diseño de actualización de widgets. Un atacante con privilegios de administrador puede desencadenar un script especialmente manipulado para lograr la ejecución remota de código." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.2, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.2, - "impactScore": 5.9 - }, - { - "source": "psirt@adobe.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:N\/S:C\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "CHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 9.1, - "baseSeverity": "CRITICAL" - }, - "exploitabilityScore": 2.3, - "impactScore": 6.0 - } - ] - }, - "weaknesses": [ - { - "source": "psirt@adobe.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-78" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:magento:magento:*:*:*:*:commerce:*:*:*", - "versionEndExcluding": "2.3.7", - "matchCriteriaId": "727FB993-9F35-40EA-BF41-E4757F21C5FE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:magento:magento:*:*:*:*:open_source:*:*:*", - "versionEndExcluding": "2.3.7", - "matchCriteriaId": "9DF037A1-026B-4083-97FB-13578A56326C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:magento:magento:*:*:*:*:commerce:*:*:*", - "versionStartIncluding": "2.4.0", - "versionEndExcluding": "2.4.2", - "matchCriteriaId": "FEBAEE65-BE3C-45B8-A321-F24F90495906" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:magento:magento:*:*:*:*:open_source:*:*:*", - "versionStartIncluding": "2.4.0", - "versionEndExcluding": "2.4.2", - "matchCriteriaId": "6A81A9D5-8570-430F-AD20-BEBEC3151865" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:magento:magento:2.3.7:-:*:*:commerce:*:*:*", - "matchCriteriaId": "F124A6F4-E3B3-4065-970D-963BAAAD59CB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:magento:magento:2.3.7:-:*:*:open_source:*:*:*", - "matchCriteriaId": "4F1E5426-A646-4EC1-902A-FD30B00AD1AA" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:magento:magento:2.4.2:-:*:*:commerce:*:*:*", - "matchCriteriaId": "58C98B8D-6E7B-44FA-8C73-D2AA1DC0A074" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:magento:magento:2.4.2:-:*:*:open_source:*:*:*", - "matchCriteriaId": "930C8AEF-C433-4CF9-AC81-7CCFC3EDFD48" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:magento:magento:2.4.2:p1:*:*:commerce:*:*:*", - "matchCriteriaId": "68A6F795-960A-42F0-96BA-2E3D912F3E1A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:magento:magento:2.4.2:p1:*:*:open_source:*:*:*", - "matchCriteriaId": "E9CD54D8-4E55-4437-B762-A68F2BE62CF3" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/helpx.adobe.com\/security\/products\/magento\/apsb21-64.html", - "source": "psirt@adobe.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2021-36036", - "sourceIdentifier": "psirt@adobe.com", - "published": "2023-09-06T14:15:09.110", - "lastModified": "2023-09-14T13:15:07.770", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Magento versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper access control vulnerability within Magento's Media Gallery Upload workflow. By storing a specially crafted file in the website gallery, an authenticated attacker with administrative privilege can gain access to delete the .htaccess file. This could result in the attacker achieving remote code execution." - }, - { - "lang": "es", - "value": "Las versiones 2.4.2 (y anteriores), 2.4.2-p1 (y anteriores) y 2.3.7 (y anteriores) de Magento están afectadas por una vulnerabilidad de control de acceso incorrecta dentro del flujo de trabajo de Magento's Media Gallery Upload. Al almacenar un archivo especialmente manipulado en la galería del sitio web, un atacante autenticado con privilegios administrativos puede obtener acceso para eliminar el archivo .htaccess. Esto podría provocar que el atacante logre la ejecución remota de código." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "psirt@adobe.com", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.2, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.2, - "impactScore": 5.9 - }, - { - "source": "nvd@nist.gov", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.2, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.2, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "psirt@adobe.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-284" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:magento:magento:*:*:*:*:commerce:*:*:*", - "versionEndExcluding": "2.3.7", - "matchCriteriaId": "727FB993-9F35-40EA-BF41-E4757F21C5FE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:magento:magento:*:*:*:*:open_source:*:*:*", - "versionEndExcluding": "2.3.7", - "matchCriteriaId": "9DF037A1-026B-4083-97FB-13578A56326C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:magento:magento:*:*:*:*:commerce:*:*:*", - "versionStartIncluding": "2.4.0", - "versionEndExcluding": "2.4.2", - "matchCriteriaId": "FEBAEE65-BE3C-45B8-A321-F24F90495906" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:magento:magento:*:*:*:*:open_source:*:*:*", - "versionStartIncluding": "2.4.0", - "versionEndExcluding": "2.4.2", - "matchCriteriaId": "6A81A9D5-8570-430F-AD20-BEBEC3151865" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:magento:magento:2.3.7:-:*:*:commerce:*:*:*", - "matchCriteriaId": "F124A6F4-E3B3-4065-970D-963BAAAD59CB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:magento:magento:2.3.7:-:*:*:open_source:*:*:*", - "matchCriteriaId": "4F1E5426-A646-4EC1-902A-FD30B00AD1AA" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:magento:magento:2.4.2:-:*:*:commerce:*:*:*", - "matchCriteriaId": "58C98B8D-6E7B-44FA-8C73-D2AA1DC0A074" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:magento:magento:2.4.2:-:*:*:open_source:*:*:*", - "matchCriteriaId": "930C8AEF-C433-4CF9-AC81-7CCFC3EDFD48" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:magento:magento:2.4.2:p1:*:*:commerce:*:*:*", - "matchCriteriaId": "68A6F795-960A-42F0-96BA-2E3D912F3E1A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:magento:magento:2.4.2:p1:*:*:open_source:*:*:*", - "matchCriteriaId": "E9CD54D8-4E55-4437-B762-A68F2BE62CF3" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/helpx.adobe.com\/security\/products\/magento\/apsb21-64.html", - "source": "psirt@adobe.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2021-36060", - "sourceIdentifier": "psirt@adobe.com", - "published": "2023-09-06T14:15:09.283", - "lastModified": "2023-09-11T19:04:06.557", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Adobe Media Encoder version 15.2 (and earlier) is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file." - }, - { - "lang": "es", - "value": "Adobe Media Encoder versión 15.2 (y anteriores) está afectado por una vulnerabilidad de lectura fuera de los límites que podría provocar la divulgación de memoria sensible. Un atacante podría aprovechar esta vulnerabilidad para omitir mitigaciones como ASLR. La explotación de este problema requiere la interacción del usuario en el sentido de que una víctima debe abrir un archivo malicioso.\n" - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "psirt@adobe.com", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 5.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.8, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "psirt@adobe.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-125" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:media_encoder:*:*:*:*:*:*:*:*", - "versionEndExcluding": "15.4", - "matchCriteriaId": "8834BF85-8F99-4DB9-AA68-ED14A766E719" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/helpx.adobe.com\/security\/products\/media-encoder\/apsb21-43.html", - "source": "psirt@adobe.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2021-39859", - "sourceIdentifier": "psirt@adobe.com", - "published": "2023-09-06T14:15:09.477", - "lastModified": "2023-09-12T14:38:54.530", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file." - }, - { - "lang": "es", - "value": "Las versiones 2021.005.20060 (y anteriores), 2020.004.30006 (y anteriores) y 2017.011.30199 (y anteriores) de Acrobat Reader DC están afectadas por una vulnerabilidad de use-after-free que podría provocar la divulgación de memoria sensible. Un atacante podría aprovechar esta vulnerabilidad para omitir mitigaciones como ASLR. La explotación de este problema requiere la interacción del usuario, en el sentido de que una víctima debe abrir un archivo malicioso." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "psirt@adobe.com", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 5.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.8, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "psirt@adobe.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-416" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*", - "versionStartIncluding": "15.007.20033", - "versionEndIncluding": "21.005.20060", - "matchCriteriaId": "CF7CE88B-935B-47AA-B351-B232E72E851C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*", - "versionStartIncluding": "15.007.20033", - "versionEndIncluding": "21.005.20060", - "matchCriteriaId": "92248FB9-6322-4DCC-A904-21C88EFE9E87" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*", - "versionStartIncluding": "15.007.20033", - "versionEndIncluding": "21.005.20058", - "matchCriteriaId": "A8FDCFE4-9D35-40E2-B771-D948FE26FF8D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*", - "versionStartIncluding": "15.007.20033", - "versionEndIncluding": "21.005.20058", - "matchCriteriaId": "1664B219-4DA0-481C-BE2E-9BECB75C2D44" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", - "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:classic:*:*:*", - "versionStartIncluding": "17.011.30180", - "versionEndExcluding": "17.011.30202", - "matchCriteriaId": "5DF67B6D-9F64-4F63-BFB6-A5F79C16CBD9" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:classic:*:*:*", - "versionStartIncluding": "20.001.30005", - "versionEndExcluding": "20.004.30015", - "matchCriteriaId": "9760647E-33E4-44AD-9169-E2FF7EFCA395" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:classic:*:*:*", - "versionStartIncluding": "17.011.30180", - "versionEndExcluding": "17.011.30202", - "matchCriteriaId": "EF9D60AA-B708-43F1-A90B-119AAE407800" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:classic:*:*:*", - "versionStartIncluding": "20.001.30005", - "versionEndExcluding": "20.004.30015", - "matchCriteriaId": "07430451-D6E3-4F3A-8C31-B2C2C2E2DD27" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", - "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/helpx.adobe.com\/security\/products\/acrobat\/apsb21-55.html", - "source": "psirt@adobe.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-32672", - "sourceIdentifier": "security@apache.org", - "published": "2023-09-06T14:15:10.297", - "lastModified": "2023-09-12T14:45:56.303", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "An Incorrect authorisation check in SQLLab in Apache Superset versions up to and including 2.1.0. This vulnerability allows an authenticated user to query tables that they do not have proper access to within Superset. The vulnerability can be exploited by leveraging a SQL parsing vulnerability.\n\n" - }, - { - "lang": "es", - "value": "Una comprobación de autorización incorrecta en SQLLab en las versiones de Apache Superset hasta 2.1.0 incluida. Esta vulnerabilidad permite a un usuario autenticado consultar tablas a las que no tiene acceso adecuado dentro de Superset. La vulnerabilidad puede ser explotada aprovechando una vulnerabilidad de análisis SQL." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:L\/I:N\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 4.3, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 1.4 - }, - { - "source": "security@apache.org", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:L\/I:N\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 4.3, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 1.4 - } - ] - }, - "weaknesses": [ - { - "source": "security@apache.org", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-863" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apache:superset:*:*:*:*:*:*:*:*", - "versionEndIncluding": "2.1.0", - "matchCriteriaId": "A5C7318E-1118-457F-A2BC-8B9400AE7C3C" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/lists.apache.org\/thread\/ococ6nlj80f0okkwfwpjczy3q84j3wkp", - "source": "security@apache.org", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-37941", - "sourceIdentifier": "security@apache.org", - "published": "2023-09-06T14:15:10.483", - "lastModified": "2023-10-13T16:15:11.220", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "If an attacker gains write access to the Apache Superset metadata database, they could persist a specifically crafted Python object that may lead to remote code execution on Superset's web backend.\n\nThe Superset metadata db is an 'internal' component that is typically \nonly accessible directly by the system administrator and the superset \nprocess itself. Gaining access to that database should\n be difficult and require significant privileges.\n\nThis vulnerability impacts Apache Superset versions 1.5.0 up to and including 2.1.0. Users are recommended to upgrade to version 2.1.1 or later.\n\n" - }, - { - "lang": "es", - "value": "Si un atacante obtiene acceso de escritura a la base de datos de metadatos de Apache Superset, podría conservar un objeto Python específicamente manipulado que puede conducir a la ejecución remota de código en el backend web de Superset. La base de datos de metadatos del Superset es un componente \"interno\" al que normalmente solo pueden acceder directamente el administrador del sistema y el propio proceso del Superset. Obtener acceso a esa base de datos debería ser difícil y requerir importantes privilegios. Esta vulnerabilidad afecta a las versiones 1.5.0 de Apache Superset hasta la 2.1.0 incluida. Se recomienda a los usuarios actualizar a la versión 2.1.1 o posterior." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:H\/PR:H\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "HIGH", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 6.6, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 0.7, - "impactScore": 5.9 - }, - { - "source": "security@apache.org", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:H\/PR:H\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "HIGH", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 6.6, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 0.7, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "security@apache.org", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-502" - } - ] - }, - { - "source": "nvd@nist.gov", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-502" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apache:superset:*:*:*:*:*:*:*:*", - "versionStartIncluding": "1.5.0", - "versionEndIncluding": "2.1.0", - "matchCriteriaId": "194D69D9-4F2A-4F75-BFFF-134E4F2352D6" - } - ] - } - ] - } - ], - "references": [ - { - "url": "http:\/\/packetstormsecurity.com\/files\/175094\/Apache-Superset-2.0.0-Remote-Code-Execution.html", - "source": "security@apache.org" - }, - { - "url": "https:\/\/lists.apache.org\/thread\/6qk1zscc06yogxxfgz2bh2bvz6vh9g7h", - "source": "security@apache.org", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-39265", - "sourceIdentifier": "security@apache.org", - "published": "2023-09-06T14:15:10.687", - "lastModified": "2023-10-13T16:15:11.357", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Apache Superset would allow for SQLite database connections to be incorrectly registered when an attacker uses alternative driver names like sqlite+pysqlite or by using database imports. This could allow for unexpected file creation on Superset webservers. Additionally, if Apache Superset is using a SQLite database for its metadata (not advised for production use) it could result in more severe vulnerabilities related to confidentiality and integrity. This vulnerability exists in Apache Superset versions up to and including 2.1.0." - }, - { - "lang": "es", - "value": "Apache Superset permitiría que las conexiones de bases de datos SQLite se registraran incorrectamente cuando un atacante utiliza nombres de controladores alternativos como sqlite+pysqlite o utiliza importaciones de bases de datos. Esto podría permitir la creación inesperada de archivos en los servidores web Superset. Además, si Apache Superset utiliza una base de datos SQLite para sus metadatos (no recomendado para uso en producción), podría generar vulnerabilidades más graves relacionadas con la confidencialidad y la integridad. Esta vulnerabilidad existe en las versiones de Apache Superset hasta la 2.1.0 incluida." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 6.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 3.9, - "impactScore": 2.5 - }, - { - "source": "security@apache.org", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:N\/S:U\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 3.8, - "baseSeverity": "LOW" - }, - "exploitabilityScore": 1.2, - "impactScore": 2.5 - } - ] - }, - "weaknesses": [ - { - "source": "security@apache.org", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-20" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apache:superset:*:*:*:*:*:*:*:*", - "versionEndIncluding": "2.1.0", - "matchCriteriaId": "A5C7318E-1118-457F-A2BC-8B9400AE7C3C" - } - ] - } - ] - } - ], - "references": [ - { - "url": "http:\/\/packetstormsecurity.com\/files\/175094\/Apache-Superset-2.0.0-Remote-Code-Execution.html", - "source": "security@apache.org" - }, - { - "url": "https:\/\/lists.apache.org\/thread\/pwdzsdmv4g5g1n2h9m7ortfnxmhr7nfy", - "source": "security@apache.org", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-3777", - "sourceIdentifier": "cve-coordination@google.com", - "published": "2023-09-06T14:15:10.860", - "lastModified": "2023-11-29T15:15:08.393", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation.\n\nWhen nf_tables_delrule() is flushing table rules, it is not checked whether the chain is bound and the chain's owner rule can also release the objects in certain circumstances.\n\nWe recommend upgrading past commit 6eaf41e87a223ae6f8e7a28d6e78384ad7e407f8.\n\n" - }, - { - "lang": "es", - "value": "Una vulnerabilidad de Use-After-Free en el componente netfilter: nf_tables del kernel de Linux puede explotarse para lograr una escalada de privilegios local. Cuando nf_tables_delrule() vacía las reglas de la tabla, no se verifica si la cadena está vinculada y la regla del propietario de la cadena también puede liberar los objetos en determinadas circunstancias. Recomendamos actualizar al pasado commit 6eaf41e87a223ae6f8e7a28d6e78384ad7e407f8.\n" - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - }, - { - "source": "cve-coordination@google.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-416" - } - ] - }, - { - "source": "cve-coordination@google.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-416" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", - "versionEndExcluding": "5.9.0", - "matchCriteriaId": "C9CA5EDA-9CA4-49FA-AF86-7B150825868E" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", - "versionStartIncluding": "6.0", - "versionEndExcluding": "6.5", - "matchCriteriaId": "E353C344-905E-463B-B603-D89D28061B43" - } - ] - } - ] - }, - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*", - "matchCriteriaId": "46D69DCC-AE4D-4EA5-861C-D60951444C6C" - } - ] - } - ] - }, - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", - "matchCriteriaId": "815D70A8-47D3-459C-A32C-9FEACA0659D1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", - "matchCriteriaId": "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", - "matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*", - "matchCriteriaId": "902B8056-9E37-443B-8905-8AA93E2447FB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:canonical:ubuntu_linux:22.04:*:*:*:lts:*:*:*", - "matchCriteriaId": "359012F1-2C63-415A-88B8-6726A87830DE" - } - ] - } - ] - } - ], - "references": [ - { - "url": "http:\/\/packetstormsecurity.com\/files\/175072\/Kernel-Live-Patch-Security-Notice-LSN-0098-1.html", - "source": "cve-coordination@google.com", - "tags": [ - "Third Party Advisory", - "VDB Entry" - ] - }, - { - "url": "http:\/\/packetstormsecurity.com\/files\/175963\/Kernel-Live-Patch-Security-Notice-LSN-0099-1.html", - "source": "cve-coordination@google.com" - }, - { - "url": "https:\/\/git.kernel.org\/pub\/scm\/linux\/kernel\/git\/torvalds\/linux.git\/commit\/?id=6eaf41e87a223ae6f8e7a28d6e78384ad7e407f8", - "source": "cve-coordination@google.com", - "tags": [ - "Issue Tracking", - "Mailing List", - "Patch", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/kernel.dance\/6eaf41e87a223ae6f8e7a28d6e78384ad7e407f8", - "source": "cve-coordination@google.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/www.debian.org\/security\/2023\/dsa-5492", - "source": "cve-coordination@google.com", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-4015", - "sourceIdentifier": "cve-coordination@google.com", - "published": "2023-09-06T14:15:11.093", - "lastModified": "2023-12-12T14:31:41.517", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation.\n\nOn an error when building a nftables rule, deactivating immediate expressions in nft_immediate_deactivate() can lead unbinding the chain and objects be deactivated but later used.\n\nWe recommend upgrading past commit 0a771f7b266b02d262900c75f1e175c7fe76fec2.\n\n" - }, - { - "lang": "es", - "value": "Una vulnerabilidad de use-after-free en el netfilter del kernel de Linux: nf_tables componente puede ser explotado para lograr la escalada de privilegios locales. En un error al crear una regla nftables, desactivar expresiones inmediatas en nft_immediate_deactivate() puede llevar a desenlazar la cadena y los objetos se desactiven pero se usen más tarde. Recomendamos actualizar al commit anterior 0a771f7b266b02d262900c75f1e175c7fe76fec2." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - }, - { - "source": "cve-coordination@google.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-416" - } - ] - }, - { - "source": "cve-coordination@google.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-416" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", - "versionStartIncluding": "5.9", - "versionEndExcluding": "5.10.190", - "matchCriteriaId": "B2E42FC7-96D9-4DBC-B4C8-07C938D28182" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", - "versionStartIncluding": "5.11", - "versionEndExcluding": "5.15.124", - "matchCriteriaId": "C069F09E-CA06-47B3-850D-ED23A9F4C096" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", - "versionStartIncluding": "5.16", - "versionEndExcluding": "6.1.43", - "matchCriteriaId": "A9E3E7AD-3EAC-485A-8673-5A89FB889587" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", - "versionStartIncluding": "6.2", - "versionEndExcluding": "6.4.8", - "matchCriteriaId": "6F5CB671-C757-4B7A-B3D3-283AFE20F0D7" - } - ] - } - ] - }, - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*", - "matchCriteriaId": "46D69DCC-AE4D-4EA5-861C-D60951444C6C" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/git.kernel.org\/pub\/scm\/linux\/kernel\/git\/torvalds\/linux.git\/commit\/?id=0a771f7b266b02d262900c75f1e175c7fe76fec2", - "source": "cve-coordination@google.com", - "tags": [ - "Issue Tracking", - "Mailing List", - "Patch", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/kernel.dance\/0a771f7b266b02d262900c75f1e175c7fe76fec2", - "source": "cve-coordination@google.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/www.debian.org\/security\/2023\/dsa-5492", - "source": "cve-coordination@google.com", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-4206", - "sourceIdentifier": "cve-coordination@google.com", - "published": "2023-09-06T14:15:11.280", - "lastModified": "2024-02-15T15:57:06.697", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "A use-after-free vulnerability in the Linux kernel's net\/sched: cls_route component can be exploited to achieve local privilege escalation.\n\nWhen route4_change() is called on an existing filter, the whole tcf_result struct is always copied into the new instance of the filter. This causes a problem when updating a filter bound to a class, as tcf_unbind_filter() is always called on the old instance in the success path, decreasing filter_cnt of the still referenced class and allowing it to be deleted, leading to a use-after-free.\n\nWe recommend upgrading past commit b80b829e9e2c1b3f7aae34855e04d8f6ecaf13c8.\n\n" - }, - { - "lang": "es", - "value": "Una vulnerabilidad de use-after-free en el componente net\/sched: cls_route del kernel de Linux se puede explotar para lograr una escalada de privilegios local. Cuando se llama a route4_change() en un filtro existente, toda la estructura tcf_result siempre se copia en la nueva instancia del filtro. Esto causa un problema al actualizar un filtro vinculado a una clase, ya que siempre se llama a tcf_unbind_filter() en la instancia anterior en la ruta exitosa, lo que disminuye filter_cnt de la clase a la que todavía se hace referencia y permite que se elimine, lo que lleva a un use-after-free. Recomendamos actualizar al commit anterior b80b829e9e2c1b3f7aae34855e04d8f6ecaf13c8." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - }, - { - "source": "cve-coordination@google.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-416" - } - ] - }, - { - "source": "cve-coordination@google.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-416" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", - "versionStartIncluding": "3.18", - "versionEndExcluding": "4.14.322", - "matchCriteriaId": "1F7D3B5B-3896-4B9A-A0DF-07217A321EA9" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", - "versionStartIncluding": "4.15", - "versionEndExcluding": "4.19.291", - "matchCriteriaId": "D2D2CA9F-4CC4-4AF5-8C6D-E58415AB782E" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", - "versionStartIncluding": "4.20", - "versionEndExcluding": "5.4.253", - "matchCriteriaId": "0707E9FF-8CDE-4AC1-98F3-5BB74EF88F8A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", - "versionStartIncluding": "5.5", - "versionEndExcluding": "5.10.190", - "matchCriteriaId": "B8DECE4F-2D62-4976-B338-963015198AC8" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", - "versionStartIncluding": "5.11", - "versionEndExcluding": "5.15.126", - "matchCriteriaId": "C552AC9E-23B8-4D7D-AA26-57985BD93962" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", - "versionStartIncluding": "5.16", - "versionEndExcluding": "6.1.45", - "matchCriteriaId": "A0CA013D-55AF-4494-A931-AFC8EA64E875" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", - "versionStartIncluding": "6.2", - "versionEndExcluding": "6.4.10", - "matchCriteriaId": "7BB0D94C-4FCE-46F4-A8D4-062D6A84627A" - } - ] - } - ] - }, - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*", - "matchCriteriaId": "46D69DCC-AE4D-4EA5-861C-D60951444C6C" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/git.kernel.org\/pub\/scm\/linux\/kernel\/git\/torvalds\/linux.git\/commit\/?id=b80b829e9e2c1b3f7aae34855e04d8f6ecaf13c8", - "source": "cve-coordination@google.com", - "tags": [ - "Issue Tracking", - "Mailing List", - "Patch", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/kernel.dance\/b80b829e9e2c1b3f7aae34855e04d8f6ecaf13c8", - "source": "cve-coordination@google.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/lists.debian.org\/debian-lts-announce\/2024\/01\/msg00004.html", - "source": "cve-coordination@google.com", - "tags": [ - "Mailing List", - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/www.debian.org\/security\/2023\/dsa-5492", - "source": "cve-coordination@google.com", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-4207", - "sourceIdentifier": "cve-coordination@google.com", - "published": "2023-09-06T14:15:11.453", - "lastModified": "2024-02-05T19:55:24.707", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "A use-after-free vulnerability in the Linux kernel's net\/sched: cls_fw component can be exploited to achieve local privilege escalation.\n\nWhen fw_change() is called on an existing filter, the whole tcf_result struct is always copied into the new instance of the filter. This causes a problem when updating a filter bound to a class, as tcf_unbind_filter() is always called on the old instance in the success path, decreasing filter_cnt of the still referenced class and allowing it to be deleted, leading to a use-after-free.\n\nWe recommend upgrading past commit 76e42ae831991c828cffa8c37736ebfb831ad5ec.\n\n" - }, - { - "lang": "es", - "value": "Se puede explotar una vulnerabilidad de use-after-free en el componente Linux kernel's net\/sched: cls_fw para conseguir una escalada local de privilegios. Cuando se llama a fw_change() en un filtro existente, toda la estructura tcf_result se copia siempre en la nueva instancia del filtro.Esto causa un problema cuando se actualiza un filtro vinculado a una clase, ya que tcf_unbind_filter() siempre llama a la instancia antigua en la ruta de éxito, disminuyendo filter_cnt de la clase aún referenciada y permitiendo que se elimine, lo que lleva a un Use After Free. Recomendamos actualizar el commit a partir de 76e42ae831991c828cffa8c37736ebfb831ad5ec." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - }, - { - "source": "cve-coordination@google.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-416" - } - ] - }, - { - "source": "cve-coordination@google.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-416" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", - "versionStartIncluding": "3.18", - "versionEndExcluding": "4.14.326", - "matchCriteriaId": "8E857727-2DE9-4334-8C95-B7FB874F17C9" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", - "versionStartIncluding": "4.15", - "versionEndExcluding": "4.19.295", - "matchCriteriaId": "D419C7D6-F33D-4EF8-8950-1CB5DDF6A55D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", - "versionStartIncluding": "4.20", - "versionEndExcluding": "5.4.253", - "matchCriteriaId": "0707E9FF-8CDE-4AC1-98F3-5BB74EF88F8A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", - "versionStartIncluding": "5.5", - "versionEndExcluding": "5.10.190", - "matchCriteriaId": "B8DECE4F-2D62-4976-B338-963015198AC8" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", - "versionStartIncluding": "5.11", - "versionEndExcluding": "5.15.126", - "matchCriteriaId": "C552AC9E-23B8-4D7D-AA26-57985BD93962" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", - "versionStartIncluding": "5.16", - "versionEndExcluding": "6.1.45", - "matchCriteriaId": "A0CA013D-55AF-4494-A931-AFC8EA64E875" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", - "versionStartIncluding": "6.2", - "versionEndExcluding": "6.4.10", - "matchCriteriaId": "7BB0D94C-4FCE-46F4-A8D4-062D6A84627A" - } - ] - } - ] - }, - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*", - "matchCriteriaId": "46D69DCC-AE4D-4EA5-861C-D60951444C6C" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/git.kernel.org\/pub\/scm\/linux\/kernel\/git\/torvalds\/linux.git\/commit\/?id=76e42ae831991c828cffa8c37736ebfb831ad5ec", - "source": "cve-coordination@google.com", - "tags": [ - "Issue Tracking", - "Mailing List", - "Patch", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/kernel.dance\/76e42ae831991c828cffa8c37736ebfb831ad5ec", - "source": "cve-coordination@google.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/lists.debian.org\/debian-lts-announce\/2024\/01\/msg00004.html", - "source": "cve-coordination@google.com", - "tags": [ - "Mailing List", - "Third Party Advisory", - "VDB Entry" - ] - }, - { - "url": "https:\/\/www.debian.org\/security\/2023\/dsa-5492", - "source": "cve-coordination@google.com", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-4208", - "sourceIdentifier": "cve-coordination@google.com", - "published": "2023-09-06T14:15:11.627", - "lastModified": "2024-02-15T15:57:17.537", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "A use-after-free vulnerability in the Linux kernel's net\/sched: cls_u32 component can be exploited to achieve local privilege escalation.\n\nWhen u32_change() is called on an existing filter, the whole tcf_result struct is always copied into the new instance of the filter. This causes a problem when updating a filter bound to a class, as tcf_unbind_filter() is always called on the old instance in the success path, decreasing filter_cnt of the still referenced class and allowing it to be deleted, leading to a use-after-free.\n\nWe recommend upgrading past commit 3044b16e7c6fe5d24b1cdbcf1bd0a9d92d1ebd81.\n\n" - }, - { - "lang": "es", - "value": "Una vulnerabilidad de Use After Free en el componente net\/sched: cls_u32 del kernel de Linux puede ser explotada para conseguir una escalada local de privilegios. Cuando se llama a u32_change() en un filtro existente, toda la estructura tcf_result se copia siempre en la nueva instancia del filtro. Esto causa un problema cuando se actualiza un filtro vinculado a una clase, ya que tcf_unbind_filter() siempre llama a la instancia antigua en la ruta de éxito, disminuyendo filter_cnt de la clase aún referenciada y permitiendo que se elimine, lo que lleva a un Use After Free. Recomendamos actualizar el commit a partir de 3044b16e7c6fe5d24b1cdbcf1bd0a9d92d1ebd81." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - }, - { - "source": "cve-coordination@google.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-416" - } - ] - }, - { - "source": "cve-coordination@google.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-416" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", - "versionStartIncluding": "3.18", - "versionEndExcluding": "4.14.322", - "matchCriteriaId": "1F7D3B5B-3896-4B9A-A0DF-07217A321EA9" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", - "versionStartIncluding": "4.15", - "versionEndExcluding": "4.19.291", - "matchCriteriaId": "D2D2CA9F-4CC4-4AF5-8C6D-E58415AB782E" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", - "versionStartIncluding": "4.20", - "versionEndExcluding": "5.4.253", - "matchCriteriaId": "0707E9FF-8CDE-4AC1-98F3-5BB74EF88F8A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", - "versionStartIncluding": "5.5", - "versionEndExcluding": "5.10.190", - "matchCriteriaId": "B8DECE4F-2D62-4976-B338-963015198AC8" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", - "versionStartIncluding": "5.11", - "versionEndExcluding": "5.15.126", - "matchCriteriaId": "C552AC9E-23B8-4D7D-AA26-57985BD93962" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", - "versionStartIncluding": "5.16", - "versionEndExcluding": "6.1.45", - "matchCriteriaId": "A0CA013D-55AF-4494-A931-AFC8EA64E875" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", - "versionStartIncluding": "6.2", - "versionEndExcluding": "6.4.10", - "matchCriteriaId": "7BB0D94C-4FCE-46F4-A8D4-062D6A84627A" - } - ] - } - ] - }, - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*", - "matchCriteriaId": "46D69DCC-AE4D-4EA5-861C-D60951444C6C" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/git.kernel.org\/pub\/scm\/linux\/kernel\/git\/torvalds\/linux.git\/commit\/?id=3044b16e7c6fe5d24b1cdbcf1bd0a9d92d1ebd81", - "source": "cve-coordination@google.com", - "tags": [ - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/kernel.dance\/3044b16e7c6fe5d24b1cdbcf1bd0a9d92d1ebd81", - "source": "cve-coordination@google.com", - "tags": [ - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/lists.debian.org\/debian-lts-announce\/2024\/01\/msg00004.html", - "source": "cve-coordination@google.com", - "tags": [ - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/www.debian.org\/security\/2023\/dsa-5492", - "source": "cve-coordination@google.com", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-4244", - "sourceIdentifier": "cve-coordination@google.com", - "published": "2023-09-06T14:15:11.877", - "lastModified": "2024-01-11T19:15:11.990", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation.\n\nDue to a race condition between nf_tables netlink control plane transaction and nft_set element garbage collection, it is possible to underflow the reference counter causing a use-after-free vulnerability.\n\nWe recommend upgrading past commit 3e91b0ebd994635df2346353322ac51ce84ce6d8.\n\n" - }, - { - "lang": "es", - "value": "Una vulnerabilidad de use-after-free en el netfilter del kernel de Linux: nf_tables componente puede ser explotado para lograr la escalada de privilegios locales. Debido a una condición de ejecución entre nf_tables transacción del plano de control de enlace de red y la recolección de elementos no utilizados de nft_set, es posible desbordar el contador de referencia causando una vulnerabilidad de use-after-free. Recomendamos actualizar al commit anterior 3e91b0ebd994635df2346353322ac51ce84ce6d8." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:H\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "HIGH", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.0, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.0, - "impactScore": 5.9 - }, - { - "source": "cve-coordination@google.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-416" - } - ] - }, - { - "source": "cve-coordination@google.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-416" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", - "versionEndExcluding": "6.5", - "matchCriteriaId": "98C491C7-598A-4D36-BA4F-3505A5727ED1" - } - ] - } - ] - }, - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", - "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/git.kernel.org\/pub\/scm\/linux\/kernel\/git\/torvalds\/linux.git\/commit\/?id=3e91b0ebd994635df2346353322ac51ce84ce6d8", - "source": "cve-coordination@google.com", - "tags": [ - "Issue Tracking", - "Mailing List", - "Patch", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/kernel.dance\/3e91b0ebd994635df2346353322ac51ce84ce6d8", - "source": "cve-coordination@google.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/lists.debian.org\/debian-lts-announce\/2023\/10\/msg00027.html", - "source": "cve-coordination@google.com", - "tags": [ - "Mailing List", - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/lists.debian.org\/debian-lts-announce\/2024\/01\/msg00004.html", - "source": "cve-coordination@google.com" - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-4621", - "sourceIdentifier": "cve-coordination@google.com", - "published": "2023-09-06T14:15:12.033", - "lastModified": "2023-11-07T04:22:47.893", - "vulnStatus": "Rejected", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is a duplicate of CVE-2023-4569." - } - ], - "metrics": {}, - "references": [] - } - }, - { - "cve": { - "id": "CVE-2023-4622", - "sourceIdentifier": "cve-coordination@google.com", - "published": "2023-09-06T14:15:12.193", - "lastModified": "2024-01-11T19:15:12.097", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "A use-after-free vulnerability in the Linux kernel's af_unix component can be exploited to achieve local privilege escalation.\n\nThe unix_stream_sendpage() function tries to add data to the last skb in the peer's recv queue without locking the queue. Thus there is a race where unix_stream_sendpage() could access an skb locklessly that is being released by garbage collection, resulting in use-after-free.\n\nWe recommend upgrading past commit 790c2f9d15b594350ae9bca7b236f2b1859de02c.\n\n" - }, - { - "lang": "es", - "value": "Se puede explotar una vulnerabilidad de use-after-free en el componente Linux kernel's af_unix para lograr una escalada de privilegios local. La función unix_stream_sendpage() intenta añadir datos al último skb en la cola peer's recv sin bloquear la cola. Por lo tanto, existe una carrera donde unix_stream_sendpage() podría acceder a un skb sin bloqueo que está siendo liberado mediante la recolección de basura, resultando en use-after-free. Recomendamos actualizar después del commit 790c2f9d15b594350ae9bca7b236f2b1859de02c." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:H\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "HIGH", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.0, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.0, - "impactScore": 5.9 - }, - { - "source": "cve-coordination@google.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-416" - } - ] - }, - { - "source": "cve-coordination@google.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-416" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", - "versionStartIncluding": "4.2", - "versionEndExcluding": "6.1.47", - "matchCriteriaId": "E2B663A2-B1DE-4295-920F-3DEB478483C2" - } - ] - } - ] - }, - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", - "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*", - "matchCriteriaId": "46D69DCC-AE4D-4EA5-861C-D60951444C6C" - } - ] - } - ] - } - ], - "references": [ - { - "url": "http:\/\/packetstormsecurity.com\/files\/175963\/Kernel-Live-Patch-Security-Notice-LSN-0099-1.html", - "source": "cve-coordination@google.com" - }, - { - "url": "https:\/\/git.kernel.org\/pub\/scm\/linux\/kernel\/git\/stable\/linux.git\/commit\/?h=linux-6.1.y&id=790c2f9d15b594350ae9bca7b236f2b1859de02c", - "source": "cve-coordination@google.com", - "tags": [ - "Issue Tracking", - "Mailing List", - "Patch", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/kernel.dance\/790c2f9d15b594350ae9bca7b236f2b1859de02c", - "source": "cve-coordination@google.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/lists.debian.org\/debian-lts-announce\/2023\/10\/msg00027.html", - "source": "cve-coordination@google.com", - "tags": [ - "Mailing List", - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/lists.debian.org\/debian-lts-announce\/2024\/01\/msg00004.html", - "source": "cve-coordination@google.com" - }, - { - "url": "https:\/\/www.debian.org\/security\/2023\/dsa-5492", - "source": "cve-coordination@google.com", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-4623", - "sourceIdentifier": "cve-coordination@google.com", - "published": "2023-09-06T14:15:12.357", - "lastModified": "2024-01-11T19:15:12.260", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "A use-after-free vulnerability in the Linux kernel's net\/sched: sch_hfsc (HFSC qdisc traffic control) component can be exploited to achieve local privilege escalation.\n\nIf a class with a link-sharing curve (i.e. with the HFSC_FSC flag set) has a parent without a link-sharing curve, then init_vf() will call vttree_insert() on the parent, but vttree_remove() will be skipped in update_vf(). This leaves a dangling pointer that can cause a use-after-free.\n\nWe recommend upgrading past commit b3d26c5702c7d6c45456326e56d2ccf3f103e60f.\n\n" - }, - { - "lang": "es", - "value": "Una vulnerabilidad de Use After Free en el componente net\/sched: sch_hfsc (HFSC qdisc traffic control) del kernel de Linux puede ser explotada para conseguir una escalada local de privilegios. Si una clase con una curva de compartición de enlaces (es decir, con la flag HFSC_FSC establecida) tiene un padre sin una curva de compartición de enlaces, entonces init_vf() llamará a vttree_insert() en el padre, pero vttree_remove() se omitirá en update_vf(). Esto deja un puntero colgando que puede causar un Use-After-Free. Recomendamos actualizar desde el commit b3d26c5702c7d6c45456326e56d2ccf3f103e60f. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - }, - { - "source": "cve-coordination@google.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-416" - } - ] - }, - { - "source": "cve-coordination@google.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-416" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", - "versionStartIncluding": "2.6.12", - "versionEndExcluding": "6.6", - "matchCriteriaId": "61BB9C3D-67A1-4EDE-AEDD-6460508C0A7E" - } - ] - } - ] - }, - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", - "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73" - } - ] - } - ] - } - ], - "references": [ - { - "url": "http:\/\/packetstormsecurity.com\/files\/175963\/Kernel-Live-Patch-Security-Notice-LSN-0099-1.html", - "source": "cve-coordination@google.com" - }, - { - "url": "https:\/\/git.kernel.org\/pub\/scm\/linux\/kernel\/git\/torvalds\/linux.git\/commit\/?id=b3d26c5702c7d6c45456326e56d2ccf3f103e60f", - "source": "cve-coordination@google.com", - "tags": [ - "Issue Tracking", - "Mailing List", - "Patch", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/kernel.dance\/b3d26c5702c7d6c45456326e56d2ccf3f103e60f", - "source": "cve-coordination@google.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/lists.debian.org\/debian-lts-announce\/2023\/10\/msg00027.html", - "source": "cve-coordination@google.com", - "tags": [ - "Mailing List", - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/lists.debian.org\/debian-lts-announce\/2024\/01\/msg00004.html", - "source": "cve-coordination@google.com" - } - ] - } - }, - { - "cve": { - "id": "CVE-2021-36646", - "sourceIdentifier": "cve@mitre.org", - "published": "2023-09-06T17:15:49.873", - "lastModified": "2023-09-11T18:06:39.920", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "A Cross Site Scrtpting (XSS) vulnerability in KodExplorer 4.45 allows remote attackers to run arbitrary code via \/index.php page." - }, - { - "lang": "es", - "value": "Una vulnerabilidad de Cross Site Scrtpting (XSS) en KodExplorer 4.45 permite a los atacantes remotos ejecutar código arbitrario a través de la página \/index.php.\n" - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 6.1, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 2.7 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-79" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:kodcloud:kodexplorer:4.45:*:*:*:*:*:*:*", - "matchCriteriaId": "2DDC782B-E8E9-4B75-AF51-2F3A90B7A6A1" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/github.com\/kalcaddle\/KodExplorer\/issues\/482", - "source": "cve@mitre.org", - "tags": [ - "Issue Tracking", - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-20250", - "sourceIdentifier": "ykramarz@cisco.com", - "published": "2023-09-06T17:15:50.100", - "lastModified": "2024-01-25T17:15:41.117", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "A vulnerability in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device.\r\n\r This vulnerability is due to improper validation of requests that are sent to the web-based management interface. An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary code with root privileges on an affected device. To exploit this vulnerability, the attacker must have valid Administrator credentials on the affected device." - }, - { - "lang": "es", - "value": "Una vulnerabilidad en la interfaz de administración basada en web de los Routers de Cisco Small Business RV110W, RV130, RV130W y RV215W podría permitir que un atacante remoto autenticado ejecute código arbitrario en un dispositivo afectado. Esta vulnerabilidad se debe a una validación inadecuada de las solicitudes que se envían a la interfaz web de administración. Un atacante podría aprovechar esta vulnerabilidad enviando una solicitud manipulada a la interfaz web de administración. Un exploit exitoso podría permitir al atacante ejecutar código arbitrario con privilegios de root en un dispositivo afectado. Para aprovechar esta vulnerabilidad, el atacante debe tener credenciales de administrador válidas en el dispositivo afectado." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.2, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.2, - "impactScore": 5.9 - }, - { - "source": "ykramarz@cisco.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:N\/S:U\/C:H\/I:H\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "NONE", - "baseScore": 6.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.2, - "impactScore": 5.2 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-787" - } - ] - }, - { - "source": "ykramarz@cisco.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-121" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv110w_firmware:1.0.0.2:*:*:*:*:*:*:*", - "matchCriteriaId": "85BD0509-E217-46CF-94CC-4AB78B6BA81D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv110w_firmware:1.0.0.21:*:*:*:*:*:*:*", - "matchCriteriaId": "8AF492FA-ADEF-4AC6-B3B2-5526D6AF9433" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv110w_firmware:1.0.0.30:*:*:*:*:*:*:*", - "matchCriteriaId": "12E9CC14-F5E2-481C-AD37-CB9CCCD00B55" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv110w_firmware:1.0.1.1:*:*:*:*:*:*:*", - "matchCriteriaId": "4EE93940-8109-43B9-B507-5B56ED579A99" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv110w_firmware:1.0.1.3:*:*:*:*:*:*:*", - "matchCriteriaId": "0C47E6A4-A40C-4514-A3BE-5032DA06FDF3" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv110w_firmware:1.0.1.6:*:*:*:*:*:*:*", - "matchCriteriaId": "29A1B2ED-BE93-4555-ACA3-4FB2C08A027C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv110w_firmware:1.0.1.99:*:*:*:*:*:*:*", - "matchCriteriaId": "AEA3F230-09E1-4B1B-9B4E-AA7845963252" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv110w_firmware:1.0.2.7:*:*:*:*:*:*:*", - "matchCriteriaId": "505CEC40-9FC2-4480-BC50-07FD412925D5" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv110w_firmware:1.0.2.99:*:*:*:*:*:*:*", - "matchCriteriaId": "132D6E49-9EB7-4CDB-AC43-F9837D07BE2B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv110w_firmware:1.0.3.14:*:*:*:*:*:*:*", - "matchCriteriaId": "2997345F-5C60-4F09-A76F-015E055B87B7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv110w_firmware:1.0.3.16:*:*:*:*:*:*:*", - "matchCriteriaId": "0C342BE5-6443-48EC-96B7-31BEB46EBC2F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv110w_firmware:1.0.3.22:*:*:*:*:*:*:*", - "matchCriteriaId": "CED99113-35C3-40A6-AEF0-787EC30F3E8E" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv110w_firmware:1.0.3.28:*:*:*:*:*:*:*", - "matchCriteriaId": "BE17D881-2549-404B-A691-69A94C776595" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv110w_firmware:1.0.3.44:*:*:*:*:*:*:*", - "matchCriteriaId": "4A41582B-1C06-4670-BBE5-F91D3383B7DD" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv110w_firmware:1.0.3.45:*:*:*:*:*:*:*", - "matchCriteriaId": "CD675BFB-AAB0-4818-89F2-D624FCDBF516" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv110w_firmware:1.0.3.51:*:*:*:*:*:*:*", - "matchCriteriaId": "F4DD0B2C-B62D-43DB-ACA6-BD715E6C1D69" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv110w_firmware:1.0.3.52:*:*:*:*:*:*:*", - "matchCriteriaId": "1160B6A0-074A-4DC1-9268-4A15F2C75C64" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv110w_firmware:1.0.3.54:*:*:*:*:*:*:*", - "matchCriteriaId": "E50E1386-D836-436D-A5BC-ACF1AF922F33" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv110w_firmware:1.0.3.55:*:*:*:*:*:*:*", - "matchCriteriaId": "670BF7A6-F2C1-4CD4-B6E6-208C95A32E57" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv110w_firmware:1.1.0.5:*:*:*:*:*:*:*", - "matchCriteriaId": "E8B4AA64-B0EC-428A-8D1D-022C3B5F1F33" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv110w_firmware:1.1.0.6:*:*:*:*:*:*:*", - "matchCriteriaId": "66E9978B-498F-46AA-9093-C13DD076EE39" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv110w_firmware:1.1.0.9:*:*:*:*:*:*:*", - "matchCriteriaId": "5D028A9A-4CDF-4B67-829B-7B7E742FF04C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv110w_firmware:1.2.0.8:*:*:*:*:*:*:*", - "matchCriteriaId": "CA9988BE-4A76-44B2-9197-977B379C22B4" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv110w_firmware:1.2.0.9:*:*:*:*:*:*:*", - "matchCriteriaId": "9F712711-18F7-4FB8-8EBC-B42DC59B67A7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv110w_firmware:1.2.0.10:*:*:*:*:*:*:*", - "matchCriteriaId": "97FC925D-46ED-4AB5-B55B-64C2A0F131AC" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv110w_firmware:1.2.0.14:*:*:*:*:*:*:*", - "matchCriteriaId": "2BE05619-C8C9-4BD9-9357-11BF197EBB34" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv110w_firmware:1.2.0.15:*:*:*:*:*:*:*", - "matchCriteriaId": "C0C90303-7941-4B80-A0AB-EB5EBB7D0180" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv110w_firmware:1.2.0.99:*:*:*:*:*:*:*", - "matchCriteriaId": "91BDFF21-AD3E-4DA8-9F54-B897E784C85F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv110w_firmware:1.2.1.4:*:*:*:*:*:*:*", - "matchCriteriaId": "466E481B-7DD9-4AA0-B5E5-75BBE3820190" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv110w_firmware:1.2.1.7:*:*:*:*:*:*:*", - "matchCriteriaId": "D742A59B-AC7F-4249-AC40-44C63BECC86C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv110w_firmware:1.2.2.1:*:*:*:*:*:*:*", - "matchCriteriaId": "7A069D95-07D8-435B-B7BB-98785F930C74" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv110w_firmware:1.2.2.4:*:*:*:*:*:*:*", - "matchCriteriaId": "57701D90-EEC9-4105-9633-673EFCD69BC3" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv110w_firmware:1.2.2.5:*:*:*:*:*:*:*", - "matchCriteriaId": "B1A70E10-227E-44E2-8558-58B37CCF63D4" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv110w_firmware:1.2.2.8:*:*:*:*:*:*:*", - "matchCriteriaId": "FF28AEEA-34F1-40F1-ACDC-25FDD56EA282" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv110w_firmware:1.3.0.4:*:*:*:*:*:*:*", - "matchCriteriaId": "DEAE8829-4F41-42CD-81C1-C2A0160254BE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv110w_firmware:1.3.0.7:*:*:*:*:*:*:*", - "matchCriteriaId": "133B77B5-F9D5-48DC-B197-BDBE6704DDDF" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv110w_firmware:1.3.0.8:*:*:*:*:*:*:*", - "matchCriteriaId": "054EA087-0584-42F8-A7CF-84A6A964E627" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv110w_firmware:1.3.0.99:*:*:*:*:*:*:*", - "matchCriteriaId": "429D901C-359F-4250-8C49-D032C03728B9" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv110w_firmware:1.3.1.1:*:*:*:*:*:*:*", - "matchCriteriaId": "455E3BAA-D45F-4502-92A4-770EC05BE781" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv110w_firmware:1.3.1.4:*:*:*:*:*:*:*", - "matchCriteriaId": "BA113E1F-35E5-4D11-8D18-85AE8415E027" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv110w_firmware:1.3.1.5:*:*:*:*:*:*:*", - "matchCriteriaId": "E6E7CD5D-6AD6-4028-A1DE-DC38E96BE8AD" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv110w_firmware:1.3.1.7:*:*:*:*:*:*:*", - "matchCriteriaId": "818DD411-2312-4BC8-8909-8392B26EDA7B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:cisco:rv110w:-:*:*:*:*:*:*:*", - "matchCriteriaId": "20E8ECAC-E842-41DB-9612-9374A9648DC2" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130_firmware:1.0.0.2:*:*:*:*:*:*:*", - "matchCriteriaId": "C28C88A2-4E12-4FAB-B9CD-88FAD97D28F1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130_firmware:1.0.0.21:*:*:*:*:*:*:*", - "matchCriteriaId": "93CFB437-9467-406D-AD7B-F1E669110394" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130_firmware:1.0.0.30:*:*:*:*:*:*:*", - "matchCriteriaId": "D03E1ABF-BCAA-4559-A5E6-78FAC4A7226A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130_firmware:1.0.1.1:*:*:*:*:*:*:*", - "matchCriteriaId": "284BFD6A-E8EA-4E25-94F8-3C7285D77662" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130_firmware:1.0.1.3:*:*:*:*:*:*:*", - "matchCriteriaId": "DCEAE05F-9820-4B74-BE69-15EFBB17912B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130_firmware:1.0.1.6:*:*:*:*:*:*:*", - "matchCriteriaId": "298D0C39-083A-45C4-BD25-FA625C876B14" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130_firmware:1.0.1.99:*:*:*:*:*:*:*", - "matchCriteriaId": "379B2D64-6410-4398-9180-EE058F54F11F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130_firmware:1.0.2.7:*:*:*:*:*:*:*", - "matchCriteriaId": "E70BC0DA-E0C2-4C00-B773-22BA22E73565" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130_firmware:1.0.2.99:*:*:*:*:*:*:*", - "matchCriteriaId": "BFA2771F-A24F-4588-A2F1-BD2302ECAC46" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130_firmware:1.0.3.14:*:*:*:*:*:*:*", - "matchCriteriaId": "D5C936A7-1483-4A0E-850B-F618C4D34954" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130_firmware:1.0.3.16:*:*:*:*:*:*:*", - "matchCriteriaId": "6208D4F9-2364-4B8B-9E0A-5A8CB8C9BCA8" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130_firmware:1.0.3.22:*:*:*:*:*:*:*", - "matchCriteriaId": "F03BC6F9-7C9C-43F3-B456-275AD8573BF1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130_firmware:1.0.3.28:*:*:*:*:*:*:*", - "matchCriteriaId": "31C6658C-2F10-4606-9F4A-C2F11E9C97FE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130_firmware:1.0.3.44:*:*:*:*:*:*:*", - "matchCriteriaId": "58880230-54F3-45E9-9F0C-079E1D62AC87" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130_firmware:1.0.3.45:*:*:*:*:*:*:*", - "matchCriteriaId": "4B29E20E-C0F0-4C9C-AA08-7307773EBB18" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130_firmware:1.0.3.51:*:*:*:*:*:*:*", - "matchCriteriaId": "CABF35FC-ADA8-4685-AE64-59E154A647A3" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130_firmware:1.0.3.52:*:*:*:*:*:*:*", - "matchCriteriaId": "317F8BC3-73D9-4277-9213-5CA1DE80356D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130_firmware:1.0.3.54:*:*:*:*:*:*:*", - "matchCriteriaId": "9AE444E6-2632-4137-9499-961B3716984E" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130_firmware:1.0.3.55:*:*:*:*:*:*:*", - "matchCriteriaId": "0E8376ED-8273-4296-A90F-AA16156B8104" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130_firmware:1.1.0.5:*:*:*:*:*:*:*", - "matchCriteriaId": "2ED476F0-B4FE-4A27-AD18-7B306B4A880F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130_firmware:1.1.0.6:*:*:*:*:*:*:*", - "matchCriteriaId": "5A99AF72-A118-4FBF-9376-FCBF29572FB8" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130_firmware:1.1.0.9:*:*:*:*:*:*:*", - "matchCriteriaId": "2D419F7C-5D21-4A35-B038-F6673F5708E2" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130_firmware:1.2.0.8:*:*:*:*:*:*:*", - "matchCriteriaId": "1852B10D-58CA-4656-9325-73FE8ACE6998" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130_firmware:1.2.0.9:*:*:*:*:*:*:*", - "matchCriteriaId": "B8126A48-3496-46B1-818B-6A6ED839218F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130_firmware:1.2.0.10:*:*:*:*:*:*:*", - "matchCriteriaId": "F617A360-7FDF-47EB-AAA2-10FD749808B1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130_firmware:1.2.0.14:*:*:*:*:*:*:*", - "matchCriteriaId": "B8687A68-8F82-471F-BD8D-E9A1C9467B1C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130_firmware:1.2.0.15:*:*:*:*:*:*:*", - "matchCriteriaId": "D7DD5F37-1377-4497-848A-0F72B4902821" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130_firmware:1.2.0.99:*:*:*:*:*:*:*", - "matchCriteriaId": "A7F85E65-6B98-4DA0-98A8-65E353588CBA" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130_firmware:1.2.1.4:*:*:*:*:*:*:*", - "matchCriteriaId": "ED2E8B08-9AB4-4C06-9308-FF157D2C2EAC" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130_firmware:1.2.1.7:*:*:*:*:*:*:*", - "matchCriteriaId": "E5C28AA2-635F-4D0A-8D01-25B34F715C6B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130_firmware:1.2.2.1:*:*:*:*:*:*:*", - "matchCriteriaId": "566E726A-D668-4532-B842-8C435C5AAA18" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130_firmware:1.2.2.4:*:*:*:*:*:*:*", - "matchCriteriaId": "CBECE2AC-CE19-494A-82B7-967237AAB92A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130_firmware:1.2.2.5:*:*:*:*:*:*:*", - "matchCriteriaId": "A08450D0-3260-45F7-B7BE-59BDA64E816F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130_firmware:1.2.2.8:*:*:*:*:*:*:*", - "matchCriteriaId": "1CA4AB9C-B969-4076-8C60-AC1F15057D0D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130_firmware:1.3.0.4:*:*:*:*:*:*:*", - "matchCriteriaId": "117AD898-3217-464A-AFAC-2AD4E5F0CBB7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130_firmware:1.3.0.7:*:*:*:*:*:*:*", - "matchCriteriaId": "925A92DC-9996-4CE2-BC80-3B57D2120374" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130_firmware:1.3.0.8:*:*:*:*:*:*:*", - "matchCriteriaId": "9A7D95BD-5C61-4D71-A155-83D5F0005027" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130_firmware:1.3.0.99:*:*:*:*:*:*:*", - "matchCriteriaId": "00E2372F-A07E-418F-A698-52C98BCB04E0" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130_firmware:1.3.1.1:*:*:*:*:*:*:*", - "matchCriteriaId": "BC73150C-F62A-4E81-8587-68F3969A37A0" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130_firmware:1.3.1.4:*:*:*:*:*:*:*", - "matchCriteriaId": "614FA0AD-3591-44C4-B2DD-8242C1D42F88" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130_firmware:1.3.1.5:*:*:*:*:*:*:*", - "matchCriteriaId": "DC412EDF-53BB-4B7B-9DB7-04EE6332C459" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130_firmware:1.3.1.7:*:*:*:*:*:*:*", - "matchCriteriaId": "4AA081A3-C57E-4480-A3F9-E82383C60575" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:cisco:rv130:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D5D233CF-2504-4E69-9AD0-D3B631C8FC11" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130w_firmware:1.0.0.2:*:*:*:*:*:*:*", - "matchCriteriaId": "0C7B4C3B-ACB9-4B6B-A04B-943C4A5CEDF6" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130w_firmware:1.0.0.21:*:*:*:*:*:*:*", - "matchCriteriaId": "ECCF42F5-8626-4D23-85B9-95644C7E98BB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130w_firmware:1.0.0.30:*:*:*:*:*:*:*", - "matchCriteriaId": "640373F0-F395-4007-B26C-A43AF3F9E551" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130w_firmware:1.0.1.1:*:*:*:*:*:*:*", - "matchCriteriaId": "0E185A2E-7958-4A0D-AD54-DE5A2DC1FA3E" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130w_firmware:1.0.1.3:*:*:*:*:*:*:*", - "matchCriteriaId": "41EC53E2-7AC9-4998-9917-4C510E2BCBA5" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130w_firmware:1.0.1.6:*:*:*:*:*:*:*", - "matchCriteriaId": "B33F37F5-3A46-406F-9743-E5148EC27169" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130w_firmware:1.0.1.99:*:*:*:*:*:*:*", - "matchCriteriaId": "A5D6E63E-F5F7-4A2F-90D7-0DAEA147BD93" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130w_firmware:1.0.2.7:*:*:*:*:*:*:*", - "matchCriteriaId": "36A6781B-AC64-431F-959A-674F4C50F5C0" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130w_firmware:1.0.2.99:*:*:*:*:*:*:*", - "matchCriteriaId": "2CE45FAD-4923-4F29-A0F2-F5D4F760A069" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130w_firmware:1.0.3.14:*:*:*:*:*:*:*", - "matchCriteriaId": "198D6B01-8AFB-4192-AA23-90AB81C0E641" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130w_firmware:1.0.3.16:*:*:*:*:*:*:*", - "matchCriteriaId": "8A90BA88-76B8-48B9-B3A3-7DBE4A329C94" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130w_firmware:1.0.3.22:*:*:*:*:*:*:*", - "matchCriteriaId": "CC96B47A-7AE0-48B3-9DCF-9E63D6067BB6" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130w_firmware:1.0.3.28:*:*:*:*:*:*:*", - "matchCriteriaId": "22E1468B-BF8C-4356-880A-8EBA4AA39CFF" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130w_firmware:1.0.3.44:*:*:*:*:*:*:*", - "matchCriteriaId": "D5F6B3EC-7B4B-48B7-A621-85810FA066AC" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130w_firmware:1.0.3.45:*:*:*:*:*:*:*", - "matchCriteriaId": "E2825F4F-5AC7-457F-AE08-FCC25BD650CE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130w_firmware:1.0.3.51:*:*:*:*:*:*:*", - "matchCriteriaId": "1EBE6464-64A6-41E2-B661-30A8063C07C8" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130w_firmware:1.0.3.52:*:*:*:*:*:*:*", - "matchCriteriaId": "F636420E-F91B-45D6-ABB4-B701AC7D7063" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130w_firmware:1.0.3.54:*:*:*:*:*:*:*", - "matchCriteriaId": "EBD7186A-EEE8-4BC8-ABA8-593F02C6283B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130w_firmware:1.0.3.55:*:*:*:*:*:*:*", - "matchCriteriaId": "FF66A7CE-469A-48CD-AE85-2F49E1C505FA" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130w_firmware:1.1.0.5:*:*:*:*:*:*:*", - "matchCriteriaId": "08794FE4-9CB0-4C96-B26F-A09F26092064" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130w_firmware:1.1.0.6:*:*:*:*:*:*:*", - "matchCriteriaId": "3DC7EDDE-B22D-405C-881D-4C0784DBEF9E" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130w_firmware:1.1.0.9:*:*:*:*:*:*:*", - "matchCriteriaId": "B22E38D9-DBAE-41BD-9D40-3DE0F1D0CB1D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130w_firmware:1.2.0.8:*:*:*:*:*:*:*", - "matchCriteriaId": "4EF45BF5-2310-41DA-925A-6EB41E0E268B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130w_firmware:1.2.0.9:*:*:*:*:*:*:*", - "matchCriteriaId": "57043FE9-4969-4A0B-A742-4FB56D745639" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130w_firmware:1.2.0.10:*:*:*:*:*:*:*", - "matchCriteriaId": "0F68A5E6-1ED8-46BD-B73B-37A297219A01" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130w_firmware:1.2.0.14:*:*:*:*:*:*:*", - "matchCriteriaId": "8786FBE0-51C6-4CBD-B3F2-89F287EAA093" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130w_firmware:1.2.0.15:*:*:*:*:*:*:*", - "matchCriteriaId": "EDA03A86-5438-42BE-B50F-049A0BBEA843" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130w_firmware:1.2.0.99:*:*:*:*:*:*:*", - "matchCriteriaId": "80DB1F39-597E-4A68-A6EE-07B5247237FE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130w_firmware:1.2.1.4:*:*:*:*:*:*:*", - "matchCriteriaId": "DDEFAEC1-55C0-4FAF-B986-FCFC81C24D81" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130w_firmware:1.2.1.7:*:*:*:*:*:*:*", - "matchCriteriaId": "A4DC6A77-4D7B-4373-9447-141707086EE9" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130w_firmware:1.2.2.1:*:*:*:*:*:*:*", - "matchCriteriaId": "49AD3869-9553-4FC8-9BBA-FF814E34B3C5" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130w_firmware:1.2.2.4:*:*:*:*:*:*:*", - "matchCriteriaId": "703A0590-D4A6-47E9-9CAA-C4A4A553560F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130w_firmware:1.2.2.5:*:*:*:*:*:*:*", - "matchCriteriaId": "8DCD0AD1-1FFD-4A08-A113-3801ABD56534" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130w_firmware:1.2.2.8:*:*:*:*:*:*:*", - "matchCriteriaId": "AB9EA4F1-ED61-4ED1-8678-1F6BD75007E8" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130w_firmware:1.3.0.4:*:*:*:*:*:*:*", - "matchCriteriaId": "2C940D23-7EA4-43E4-A01A-6CC4EF203753" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130w_firmware:1.3.0.7:*:*:*:*:*:*:*", - "matchCriteriaId": "240A6B22-09B9-4656-BD4F-4C2E329A3C3D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130w_firmware:1.3.0.8:*:*:*:*:*:*:*", - "matchCriteriaId": "44C3199D-7D0F-4210-BC2B-BDDB9C3FD196" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130w_firmware:1.3.0.99:*:*:*:*:*:*:*", - "matchCriteriaId": "D814F9AC-3E09-4509-A5E5-24560E9A0F10" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130w_firmware:1.3.1.1:*:*:*:*:*:*:*", - "matchCriteriaId": "D4B38F3C-0935-486B-AE88-6E946728943D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130w_firmware:1.3.1.4:*:*:*:*:*:*:*", - "matchCriteriaId": "CAD1FFB6-8707-445A-81EF-389A56896FD0" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130w_firmware:1.3.1.5:*:*:*:*:*:*:*", - "matchCriteriaId": "BD56B903-96E0-4BAD-B7D4-4856E8D67AC9" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv130w_firmware:1.3.1.7:*:*:*:*:*:*:*", - "matchCriteriaId": "F04F9D87-B28C-45AE-9AD3-477A1DE65CE6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:cisco:rv130w:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C3C9AFAA-1387-4067-AF7E-2E4AAD2A272A" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv215w_firmware:1.0.0.2:*:*:*:*:*:*:*", - "matchCriteriaId": "E5CC2CC2-006F-4E4F-9A4C-792CC551FD4C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv215w_firmware:1.0.0.21:*:*:*:*:*:*:*", - "matchCriteriaId": "04A87F88-BCD3-4042-B220-9739AE00AAEF" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv215w_firmware:1.0.0.30:*:*:*:*:*:*:*", - "matchCriteriaId": "B89C7B5A-49D0-48D1-829B-BCA69FE8AF6C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv215w_firmware:1.0.1.1:*:*:*:*:*:*:*", - "matchCriteriaId": "A1024CBE-BF8D-487F-B759-3A14F9598D22" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv215w_firmware:1.0.1.3:*:*:*:*:*:*:*", - "matchCriteriaId": "003D0694-E2C4-4372-A4B3-70EBA908CA52" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv215w_firmware:1.0.1.6:*:*:*:*:*:*:*", - "matchCriteriaId": "7D286CFE-A3C9-4D2B-B2BE-0F1653237692" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv215w_firmware:1.0.1.99:*:*:*:*:*:*:*", - "matchCriteriaId": "B71CFC58-AD8B-4E98-9E30-5A98BF7F0435" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv215w_firmware:1.0.2.7:*:*:*:*:*:*:*", - "matchCriteriaId": "F57591A8-E41A-4343-B90B-899E9A098DE3" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv215w_firmware:1.0.2.99:*:*:*:*:*:*:*", - "matchCriteriaId": "4C5DD9A2-E716-4923-A473-7964E613566A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv215w_firmware:1.0.3.14:*:*:*:*:*:*:*", - "matchCriteriaId": "F2CA109E-3ED1-4891-8111-1514F5594FC3" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv215w_firmware:1.0.3.16:*:*:*:*:*:*:*", - "matchCriteriaId": "21DDB9A7-C0A9-45D5-9054-28B8FAEE5E09" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv215w_firmware:1.0.3.22:*:*:*:*:*:*:*", - "matchCriteriaId": "9185CA86-F321-42DE-A599-ABB1838A88A9" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv215w_firmware:1.0.3.28:*:*:*:*:*:*:*", - "matchCriteriaId": "C23840E2-344E-48AC-AD2A-8CC869242ED8" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv215w_firmware:1.0.3.44:*:*:*:*:*:*:*", - "matchCriteriaId": "D4749115-5558-4741-BF55-8B0CE1D46616" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv215w_firmware:1.0.3.45:*:*:*:*:*:*:*", - "matchCriteriaId": "EC9A1F5D-7B18-4EE7-9C32-6DE7C1443E21" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv215w_firmware:1.0.3.51:*:*:*:*:*:*:*", - "matchCriteriaId": "9F935A71-F131-421F-9005-9D7521F8A56C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv215w_firmware:1.0.3.52:*:*:*:*:*:*:*", - "matchCriteriaId": "1609CB6E-9973-45BD-B8AB-EAE87700FE09" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv215w_firmware:1.0.3.54:*:*:*:*:*:*:*", - "matchCriteriaId": "F2FF87AC-944C-4B06-825D-E10985418F5F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv215w_firmware:1.0.3.55:*:*:*:*:*:*:*", - "matchCriteriaId": "0909B440-99B7-43BE-BD8F-65EB3CF941ED" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv215w_firmware:1.1.0.5:*:*:*:*:*:*:*", - "matchCriteriaId": "B109BB09-DF8C-4087-8C16-BF17D12A2863" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv215w_firmware:1.1.0.6:*:*:*:*:*:*:*", - "matchCriteriaId": "FA7BD747-2A0C-4ADE-9CD8-391676F9C070" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv215w_firmware:1.1.0.9:*:*:*:*:*:*:*", - "matchCriteriaId": "9F9AAFA0-B13C-4E07-AC34-D669AB71B3FC" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv215w_firmware:1.2.0.8:*:*:*:*:*:*:*", - "matchCriteriaId": "94521BCD-6874-4C51-8038-B84C0D0BF2DA" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv215w_firmware:1.2.0.9:*:*:*:*:*:*:*", - "matchCriteriaId": "AD17D068-AE75-4788-9CB2-73E03F85CD66" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv215w_firmware:1.2.0.10:*:*:*:*:*:*:*", - "matchCriteriaId": "79C06CBE-8482-40F1-899C-78D7C05094D9" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv215w_firmware:1.2.0.14:*:*:*:*:*:*:*", - "matchCriteriaId": "4F96C05D-C899-4D1B-B45A-A30F2DE3A731" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv215w_firmware:1.2.0.15:*:*:*:*:*:*:*", - "matchCriteriaId": "E8A6EAAE-3AA3-4A52-97F0-71EC67677681" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv215w_firmware:1.2.0.99:*:*:*:*:*:*:*", - "matchCriteriaId": "59C70BA1-A1EF-4AD2-8B88-003A2B1C27B2" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv215w_firmware:1.2.1.4:*:*:*:*:*:*:*", - "matchCriteriaId": "7E416D4D-6BF3-4596-972F-F0D258FC9E1C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv215w_firmware:1.2.1.7:*:*:*:*:*:*:*", - "matchCriteriaId": "34BEC7B6-9300-4B6D-A9A3-797CCBB7B3FB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv215w_firmware:1.2.2.1:*:*:*:*:*:*:*", - "matchCriteriaId": "EA4DD911-3153-4693-9E68-4700ACE307E1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv215w_firmware:1.2.2.4:*:*:*:*:*:*:*", - "matchCriteriaId": "1F4683B1-9749-4C83-B14C-C67666ACB8A2" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv215w_firmware:1.2.2.5:*:*:*:*:*:*:*", - "matchCriteriaId": "686ADCCF-EEAE-4BF4-A202-87C1F6D06417" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv215w_firmware:1.2.2.8:*:*:*:*:*:*:*", - "matchCriteriaId": "127CDFCA-5654-43EE-AF91-B56D668A0907" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv215w_firmware:1.3.0.4:*:*:*:*:*:*:*", - "matchCriteriaId": "BFE123D6-4E3F-4B30-9219-64487ADFBBA7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv215w_firmware:1.3.0.7:*:*:*:*:*:*:*", - "matchCriteriaId": "962B7F13-6D32-476B-8940-86D9CDE6979D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv215w_firmware:1.3.0.8:*:*:*:*:*:*:*", - "matchCriteriaId": "BDBBA31F-317B-4DA8-B72B-5E92497B6E7B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv215w_firmware:1.3.0.99:*:*:*:*:*:*:*", - "matchCriteriaId": "C48AE727-C755-464D-9E95-978C73D11483" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv215w_firmware:1.3.1.1:*:*:*:*:*:*:*", - "matchCriteriaId": "8FA02F2D-CDDE-4730-B771-C201A6370775" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv215w_firmware:1.3.1.4:*:*:*:*:*:*:*", - "matchCriteriaId": "BC5C0B09-4492-481D-9548-2DBE1F5D746E" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv215w_firmware:1.3.1.5:*:*:*:*:*:*:*", - "matchCriteriaId": "9875284D-70CB-42C0-85C0-DE4191FC8F13" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:rv215w_firmware:1.3.1.7:*:*:*:*:*:*:*", - "matchCriteriaId": "65ECB6E7-5740-4EE8-9F3F-D4579D3ED608" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:cisco:rv215w:-:*:*:*:*:*:*:*", - "matchCriteriaId": "8686AB22-F757-468A-930B-DDE45B508969" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/sec.cloudapps.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-sb-rv-stack-SHYv2f5N", - "source": "ykramarz@cisco.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-4498", - "sourceIdentifier": "cret@cert.org", - "published": "2023-09-06T17:15:50.687", - "lastModified": "2023-11-07T04:22:40.163", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Tenda N300 Wireless N VDSL2 Modem Router allows unauthenticated access to pages that in turn should be accessible to authenticated users only" - }, - { - "lang": "es", - "value": "Tenda N300 Wireless N VDSL2 Modem Router permite el acceso no autenticado a páginas que a su vez deberían ser accesibles solo para usuarios autenticados" - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:L\/I:N\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 5.3, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 3.9, - "impactScore": 1.4 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-287" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:tenda:n300_firmware:53.0.1.6:*:*:*:*:*:*:*", - "matchCriteriaId": "DB091842-330A-4314-9D61-391AC527B2BC" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:tenda:n300:-:*:*:*:*:*:*:*", - "matchCriteriaId": "64464B02-CC9C-4086-8EBE-CAFC797239C8" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/kb.cert.org\/vuls\/id\/304455", - "source": "cret@cert.org", - "tags": [ - "Third Party Advisory", - "US Government Resource" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-0925", - "sourceIdentifier": "cret@cert.org", - "published": "2023-09-06T18:15:07.897", - "lastModified": "2023-11-07T04:01:56.647", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Version 10.11 of webMethods OneData runs an embedded instance of Azul Zulu Java 11.0.15 which hosts a Java RMI registry (listening on TCP port 2099 by default) and two RMI interfaces (listening on a single, dynamically assigned TCP high port).\r\n\r\nPort 2099 serves as a Java Remote Method Invocation (RMI) registry which allows for remotely loading and processing data via RMI interfaces. An unauthenticated attacker with network connectivity to the RMI registry and RMI interface ports can abuse this functionality to instruct the webMethods OneData application to load a malicious serialized Java object as a parameter to one of the available Java methods presented by the RMI interface. Once deserialized on the vulnerable server, the malicious code runs as whichever operating system account is used to run the software, which in most cases is the local System account on Windows." - }, - { - "lang": "es", - "value": "La versión 10.11 de webMethods OneData ejecuta una instancia integrada de Azul Zulu Java 11.0.15 que aloja un registro de Java RMI (que escucha en el puerto TCP 2099 de forma predeterminada) y dos interfaces RMI (que escucha en un único puerto alto TCP asignado dinámicamente). El puerto 2099 sirve como Java Remote Method Invocation (RMI) registro que permite cargar y procesar datos de forma remota a través de interfaces RMI. Un atacante no autenticado con conectividad de red al registro RMI y a los puertos de la interfaz RMI puede abusar de esta funcionalidad para indicar a la aplicación webMethods OneData que cargue un objeto Java serializado malicioso como parámetro de uno de los métodos Java disponibles presentados por la interfaz RMI. Una vez deserializado en el servidor vulnerable, el código malicioso se ejecuta como cualquier cuenta del sistema operativo que se utilice para ejecutar el software, que en la mayoría de los casos es la cuenta de System local en Windows." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL" - }, - "exploitabilityScore": 3.9, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-502" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:softwareag:webmethods:10.11:*:*:*:*:*:*:*", - "matchCriteriaId": "314E3CEE-D523-423D-8FD9-A24F2BE77EF5" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.softwareag.com\/en_corporate\/platform\/integration-apis\/webmethods-integration.html", - "source": "cret@cert.org", - "tags": [ - "Product" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-20238", - "sourceIdentifier": "ykramarz@cisco.com", - "published": "2023-09-06T18:15:08.043", - "lastModified": "2024-01-25T17:15:40.067", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "A vulnerability in the single sign-on (SSO) implementation of Cisco BroadWorks Application Delivery Platform and Cisco BroadWorks Xtended Services Platform could allow an unauthenticated, remote attacker to forge the credentials required to access an affected system.\r\n\r This vulnerability is due to the method used to validate SSO tokens. An attacker could exploit this vulnerability by authenticating to the application with forged credentials. A successful exploit could allow the attacker to commit toll fraud or to execute commands at the privilege level of the forged account. If that account is an Administrator account, the attacker would have the ability to view confidential information, modify customer settings, or modify settings for other users. To exploit this vulnerability, the attacker would need a valid user ID that is associated with an affected Cisco BroadWorks system." - }, - { - "lang": "es", - "value": "Una vulnerabilidad en la implementación del inicio de sesión único (SSO) de Cisco BroadWorks Application Delivery Platform y Cisco BroadWorks Xtended Services Platform podría permitir que un atacante remoto no autenticado falsifique las credenciales necesarias para acceder a un sistema afectado. Esta vulnerabilidad se debe al método utilizado para validar los tokens de SSO. Un atacante podría aprovechar esta vulnerabilidad autenticándose en la aplicación con credenciales falsificadas. Un exploit exitoso podría permitir al atacante cometer fraude telefónico o ejecutar comandos en el nivel de privilegio de la cuenta falsificada. Si esa cuenta es una cuenta de administrador, el atacante tendría la capacidad de ver información confidencial, modificar la configuración del cliente o modificar la configuración de otros usuarios. Para aprovechar esta vulnerabilidad, el atacante necesitaría una identificación de usuario válida asociada con un sistema Cisco BroadWorks afectado." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL" - }, - "exploitabilityScore": 3.9, - "impactScore": 5.9 - }, - { - "source": "ykramarz@cisco.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:C\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "CHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 10.0, - "baseSeverity": "CRITICAL" - }, - "exploitabilityScore": 3.9, - "impactScore": 6.0 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "NVD-CWE-noinfo" - } - ] - }, - { - "source": "ykramarz@cisco.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-287" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:broadworks_application_delivery_platform:ri.2023.06:*:*:*:*:*:*:*", - "matchCriteriaId": "95D3C201-88EC-44F7-8ED2-6CFD726FAC73" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:broadworks_application_delivery_platform:ri.2023.07:*:*:*:*:*:*:*", - "matchCriteriaId": "94C37251-4CAB-499E-AFD0-4AAD78288A51" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:broadworks_xtended_services_platform:*:*:*:*:-:*:*:*", - "versionEndExcluding": "23.0.1075.ap384245", - "matchCriteriaId": "3DA39D01-BCC5-4B5E-A146-5CAEA4F9ED70" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:broadworks_xtended_services_platform:2023.06:*:*:*:release_independent:*:*:*", - "matchCriteriaId": "FAA6AF4C-2CBF-4F59-B5DE-809CFE82DD6F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:broadworks_xtended_services_platform:2023.07:*:*:*:release_independent:*:*:*", - "matchCriteriaId": "07A9E1FF-7458-4035-AF12-056585F7DC6D" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/sec.cloudapps.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-bw-auth-bypass-kCggMWhX", - "source": "ykramarz@cisco.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-20243", - "sourceIdentifier": "ykramarz@cisco.com", - "published": "2023-09-06T18:15:08.133", - "lastModified": "2024-01-25T17:15:40.503", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "A vulnerability in the RADIUS message processing feature of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to cause the affected system to stop processing RADIUS packets.\r\n\r This vulnerability is due to improper handling of certain RADIUS accounting requests. An attacker could exploit this vulnerability by sending a crafted authentication request to a network access device (NAD) that uses Cisco ISE for authentication, authorization, and accounting (AAA). This would eventually result in the NAD sending a RADIUS accounting request packet to Cisco ISE. An attacker could also exploit this vulnerability by sending a crafted RADIUS accounting request packet to Cisco ISE directly if the RADIUS shared secret is known. A successful exploit could allow the attacker to cause the RADIUS process to unexpectedly restart, resulting in authentication or authorization timeouts and denying legitimate users access to the network or service. Clients already authenticated to the network would not be affected.\r\n\r Note: To recover the ability to process RADIUS packets, a manual restart of the affected Policy Service Node (PSN) may be required. For more information, see the Details [\"#details\"] section of this advisory." - }, - { - "lang": "es", - "value": "Una vulnerabilidad en el procesamiento de mensajes en RADIUS de Cisco Identity Services Engine (ISE) podría permitir a un atacante remoto no autenticado causar que el sistema afectado deje de procesar paquetes. Esta vulnerabilidad es debido al manejo inapropiado de determinadas peticiones. Un atacante podría explotar esta vulnerabilidad mediante el envío de una petición de autenticación a un dispositivo de acceso a la red (NAD)que use Cisco ISE para la autenticación. autorización y contabilidad (AAA). Esto eventualmente daría como resultado que el NAD envíe un paquete de solicitud de contabilidad RADIUS a Cisco ISE. Un atacante también podría aprovechar esta vulnerabilidad enviando un paquete de solicitud de contabilidad RADIUS manipulado a Cisco ISE si el secreto compartido de Radius es conocido. Un exploit exitoso podría permitir que el atacante haga que el proceso RADIUS se reinicie inesperadamente, lo que provocaría tiempos de espera de autenticación o autorización y negaría a los usuarios legítimos el acceso a la red o al servicio. Los clientes ya autenticados en la red no se verían afectados. Nota: Para recuperar la capacidad de procesar paquetes RADIUS, es posible que sea necesario reiniciar manualmente el nodo de servicio de políticas (PSN) afectado. Para obtener más información, consulte la sección Detalles [\"#details\"] de este aviso." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:C\/C:N\/I:N\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "CHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "availabilityImpact": "HIGH", - "baseScore": 8.6, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 3.9, - "impactScore": 4.0 - }, - { - "source": "ykramarz@cisco.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:C\/C:N\/I:N\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "CHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "availabilityImpact": "HIGH", - "baseScore": 8.6, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 3.9, - "impactScore": 4.0 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-755" - } - ] - }, - { - "source": "ykramarz@cisco.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-399" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:identity_services_engine:3.1:-:*:*:*:*:*:*", - "matchCriteriaId": "C4DB9726-532F-45CE-81FD-45F2F6C7CE51" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:identity_services_engine:3.1:patch1:*:*:*:*:*:*", - "matchCriteriaId": "2E8F0066-0EC0-41FD-80BE-55C4ED5F6B0E" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:identity_services_engine:3.1:patch2:*:*:*:*:*:*", - "matchCriteriaId": "A1E81F86-7ED6-4D6C-8DAF-09EB2A7BC496" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:identity_services_engine:3.1:patch3:*:*:*:*:*:*", - "matchCriteriaId": "5D1765DB-1BEF-4CE9-8B86-B91F709600EB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:identity_services_engine:3.1:patch4:*:*:*:*:*:*", - "matchCriteriaId": "3D1E80EF-C3FD-4F7A-B63D-0EAA5C878B11" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:identity_services_engine:3.1:patch5:*:*:*:*:*:*", - "matchCriteriaId": "095F27EC-5713-4D4F-AD06-57D3DF068B90" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:identity_services_engine:3.1:patch6:*:*:*:*:*:*", - "matchCriteriaId": "FEA5210C-E674-4C4B-9EB3-C681C70005B6" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:identity_services_engine:3.2:-:*:*:*:*:*:*", - "matchCriteriaId": "36722B6C-64A5-4D00-94E1-442878C37A35" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:identity_services_engine:3.2:patch1:*:*:*:*:*:*", - "matchCriteriaId": "7EEEA06A-AD58-48D3-8975-B21A961985B3" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:identity_services_engine:3.2:patch2:*:*:*:*:*:*", - "matchCriteriaId": "ED937BCD-60F7-4555-99D8-B6229214FA73" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/sec.cloudapps.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-ise-radius-dos-W7cNn7gt", - "source": "ykramarz@cisco.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-20263", - "sourceIdentifier": "ykramarz@cisco.com", - "published": "2023-09-06T18:15:08.217", - "lastModified": "2024-01-25T17:15:42.087", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "A vulnerability in the web-based management interface of Cisco HyperFlex HX Data Platform could allow an unauthenticated, remote attacker to redirect a user to a malicious web page.\r\n\r\n\r This vulnerability is due to improper input validation of the parameters in an HTTP request. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the attacker to redirect a user to a malicious website." - }, - { - "lang": "es", - "value": "Una vulnerabilidad en la interfaz de gestión basada en web de la plataforma de datos Cisco HyperFlex HX podría permitir a un atacante remoto no autenticado redirigir a un usuario a una página web maliciosa. Esta vulnerabilidad se debe a una validación de entrada incorrecta de los parámetros en una solicitud HTTP. Un atacante podría explotar esta vulnerabilidad persuadiendo a un usuario para que haga clic en un enlace manipulado. Una explotación exitosa podría permitir al atacante redirigir a un usuario a una página web maliciosa. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 6.1, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 2.7 - }, - { - "source": "ykramarz@cisco.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:C\/C:N\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 4.7, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 1.4 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-601" - } - ] - }, - { - "source": "ykramarz@cisco.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-601" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:hyperflex_hx_data_platform:5.0:*:*:*:*:*:*:*", - "matchCriteriaId": "DEA8F78B-3DA0-4A37-B838-D7F3A449DC95" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:hyperflex_hx_data_platform:5.5:*:*:*:*:*:*:*", - "matchCriteriaId": "A4A5F4CC-2DE9-4A1A-A4B1-6B64F08FDBF5" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/sec.cloudapps.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-hyperflex-redirect-UxLgqdUF", - "source": "ykramarz@cisco.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-20269", - "sourceIdentifier": "ykramarz@cisco.com", - "published": "2023-09-06T18:15:08.303", - "lastModified": "2024-04-03T16:12:23.737", - "vulnStatus": "Analyzed", - "cveTags": [], - "cisaExploitAdd": "2023-09-13", - "cisaActionDue": "2023-10-04", - "cisaRequiredAction": "Apply mitigations per vendor instructions for group-lock and vpn-simultaneous-logins or discontinue use of the product for unsupported devices.", - "cisaVulnerabilityName": "Cisco Adaptive Security Appliance and Firepower Threat Defense Unauthorized Access Vulnerability", - "descriptions": [ - { - "lang": "en", - "value": "A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a brute force attack in an attempt to identify valid username and password combinations or an authenticated, remote attacker to establish a clientless SSL VPN session with an unauthorized user.\r\n\r This vulnerability is due to improper separation of authentication, authorization, and accounting (AAA) between the remote access VPN feature and the HTTPS management and site-to-site VPN features. An attacker could exploit this vulnerability by specifying a default connection profile\/tunnel group while conducting a brute force attack or while establishing a clientless SSL VPN session using valid credentials. A successful exploit could allow the attacker to achieve one or both of the following:\r\n\r \r Identify valid credentials that could then be used to establish an unauthorized remote access VPN session.\r Establish a clientless SSL VPN session (only when running Cisco ASA Software Release 9.16 or earlier).\r \r Notes:\r\n\r \r Establishing a client-based remote access VPN tunnel is not possible as these default connection profiles\/tunnel groups do not and cannot have an IP address pool configured.\r This vulnerability does not allow an attacker to bypass authentication. To successfully establish a remote access VPN session, valid credentials are required, including a valid second factor if multi-factor authentication (MFA) is configured.\r \r Cisco will release software updates that address this vulnerability. There are workarounds that address this vulnerability." - }, - { - "lang": "es", - "value": "Una vulnerabilidad en la función VPN de acceso remoto del software Cisco Adaptive Security Appliance (ASA) y el Software Cisco Firepower Threat Defense (FTD) podría permitir que un atacante remoto no autenticado lleve a cabo un ataque de fuerza bruta en un intento de identificar combinaciones válidas de nombre de usuario y contraseña o un atacante remoto autenticado para establecer una sesión VPN SSL sin cliente con un usuario no autorizado. Esta vulnerabilidad se debe a una separación inadecuada de autenticación, autorización y contabilidad (AAA) entre la función VPN de acceso remoto y las funciones de administración HTTPS y VPN de sitio a sitio. Un atacante podría aprovechar esta vulnerabilidad especificando un perfil de conexión predeterminada profile\/tunnel group mientras realiza un ataque de fuerza bruta o establece una sesión VPN SSL sin cliente utilizando credenciales válidas. Un exploit exitoso podría permitir al atacante lograr uno o ambos de los siguientes: Identificar credenciales válidas que luego podrían usarse para establecer una sesión VPN de acceso remoto no autorizada. Establezca una sesión VPN SSL sin cliente (solo cuando ejecute la versión 9.16 o anterior del software Cisco ASA). Notas: No es posible establecer un túnel VPN de acceso remoto basado en cliente ya que estos perfiles de conexión predeterminados profile\/tunnel group no tienen ni pueden tener un grupo de direcciones IP configurado. Esta vulnerabilidad no permite que un atacante eluda la autenticación. Para establecer con éxito una sesión VPN de acceso remoto, se requieren credenciales válidas, incluido un segundo factor válido si está configurada la autenticación multifactor (MFA). Cisco lanzará actualizaciones de software que aborden esta vulnerabilidad. Existen workarounds que abordan esta vulnerabilidad." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "NONE", - "baseScore": 9.1, - "baseSeverity": "CRITICAL" - }, - "exploitabilityScore": 3.9, - "impactScore": 5.2 - }, - { - "source": "ykramarz@cisco.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:C\/C:N\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "CHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 5.0, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 3.1, - "impactScore": 1.4 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-863" - } - ] - }, - { - "source": "ykramarz@cisco.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-288" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:6.2.3:*:*:*:*:*:*:*", - "matchCriteriaId": "C01E8C87-8982-491F-B0ED-5AD17BDBBC1D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:6.2.3.1:*:*:*:*:*:*:*", - "matchCriteriaId": "E881DFE5-9180-49BA-8D66-2BD96FC23BE6" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:6.2.3.2:*:*:*:*:*:*:*", - "matchCriteriaId": "81FC6BE6-1DF5-41FE-B66D-05A8D3DCDDD1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:6.2.3.3:*:*:*:*:*:*:*", - "matchCriteriaId": "E6033411-4722-4CDD-BF8A-152C13FA3926" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:6.2.3.4:*:*:*:*:*:*:*", - "matchCriteriaId": "37495D3A-FB87-40F6-B6E6-7870393F8D68" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:6.2.3.5:*:*:*:*:*:*:*", - "matchCriteriaId": "E59E5B90-18F4-48D6-A38A-D4BDFE8C3091" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:6.2.3.6:*:*:*:*:*:*:*", - "matchCriteriaId": "6458E8C7-84F0-49DF-99DC-99810AA71AF2" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:6.2.3.7:*:*:*:*:*:*:*", - "matchCriteriaId": "7E59FF48-5291-4CC2-9A2E-38819B7322AB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:6.2.3.8:*:*:*:*:*:*:*", - "matchCriteriaId": "E40F113E-208E-4015-815C-492EFC7F7C99" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:6.2.3.9:*:*:*:*:*:*:*", - "matchCriteriaId": "905B866F-B3E8-4240-9942-8DBEAB2F3C08" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:6.2.3.10:*:*:*:*:*:*:*", - "matchCriteriaId": "B3DE2A18-0E0F-4926-BC8A-B44558EA8DBF" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:6.2.3.11:*:*:*:*:*:*:*", - "matchCriteriaId": "13E5F3D0-02BB-45E6-81B8-B7CC09346FFD" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:6.2.3.12:*:*:*:*:*:*:*", - "matchCriteriaId": "DA3A6F7D-CF96-492E-9C03-827382B0D0A8" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:6.2.3.13:*:*:*:*:*:*:*", - "matchCriteriaId": "153216C5-8239-4F62-8751-49AFD5A1B600" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:6.2.3.14:*:*:*:*:*:*:*", - "matchCriteriaId": "DB28D358-3C2E-4D55-B429-EF805689691D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:6.2.3.15:*:*:*:*:*:*:*", - "matchCriteriaId": "52E3338A-93BC-4263-B3D7-13F1EC35004C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:6.2.3.16:*:*:*:*:*:*:*", - "matchCriteriaId": "4B849B7C-A3DE-4230-B765-3335864EE02A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:6.2.3.17:*:*:*:*:*:*:*", - "matchCriteriaId": "9B84A0B2-8631-4CE7-9636-9E4956073DA4" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:6.2.3.18:*:*:*:*:*:*:*", - "matchCriteriaId": "4BCE1C81-A824-43A9-B0F2-C5F8C4B98B60" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:6.4.0:*:*:*:*:*:*:*", - "matchCriteriaId": "348B0FAC-A97D-4A9C-8D98-C0C347532112" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:6.4.0.1:*:*:*:*:*:*:*", - "matchCriteriaId": "E4213D8C-4A4A-4C95-8500-3B056EF537C8" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:6.4.0.2:*:*:*:*:*:*:*", - "matchCriteriaId": "E713AF7B-6C50-4205-8320-CE833D5C7409" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:6.4.0.3:*:*:*:*:*:*:*", - "matchCriteriaId": "5AEDA6C9-B87B-446E-AE63-6A0BAD3A20B9" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:6.4.0.4:*:*:*:*:*:*:*", - "matchCriteriaId": "B1B2EE3B-D640-476E-BFBD-A5147EC4134A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:6.4.0.5:*:*:*:*:*:*:*", - "matchCriteriaId": "8117D925-7E20-45BB-8A75-740700FD216F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:6.4.0.6:*:*:*:*:*:*:*", - "matchCriteriaId": "1529CCAE-3A67-41C7-8A14-5E85D8D43C13" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:6.4.0.7:*:*:*:*:*:*:*", - "matchCriteriaId": "5E8BF178-C267-4571-9581-224F7488BDA8" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:6.4.0.8:*:*:*:*:*:*:*", - "matchCriteriaId": "843C4F5F-C0B3-40C9-BC03-9F5B21D18637" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:6.4.0.9:*:*:*:*:*:*:*", - "matchCriteriaId": "5E7FBCD9-10D2-470B-9B29-4DD1E3240DE7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:6.4.0.10:*:*:*:*:*:*:*", - "matchCriteriaId": "A872D2D1-3391-4A4A-8409-5760ACA8C252" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:6.4.0.11:*:*:*:*:*:*:*", - "matchCriteriaId": "8738A0E2-489E-42C3-B675-243BAF46E7F8" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:6.4.0.12:*:*:*:*:*:*:*", - "matchCriteriaId": "9123ACEF-35AB-4EC2-A2C4-B6A6C570951B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:6.4.0.13:*:*:*:*:*:*:*", - "matchCriteriaId": "A11043D9-DFA6-43E0-A58C-1D7FA52A8D6F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:6.4.0.14:*:*:*:*:*:*:*", - "matchCriteriaId": "BC0CCF6C-E140-4C76-B2EC-7BDA9F9291D1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:6.4.0.15:*:*:*:*:*:*:*", - "matchCriteriaId": "C13B826E-FB8D-49E5-B866-2606AD904513" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:6.4.0.16:*:*:*:*:*:*:*", - "matchCriteriaId": "D6AB1039-6A7C-42A5-A931-3C3C2D6DDB95" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:6.6.0:*:*:*:*:*:*:*", - "matchCriteriaId": "9BE4B4C7-9686-4BC4-925C-23D700416875" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:6.6.0.1:*:*:*:*:*:*:*", - "matchCriteriaId": "761ADC40-51DF-455D-8E43-BED6F98A68B8" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:6.6.1:*:*:*:*:*:*:*", - "matchCriteriaId": "8540F8BE-B396-47CB-AB8C-A32AF1942C70" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:6.6.3:*:*:*:*:*:*:*", - "matchCriteriaId": "CE7CF2BE-D6F0-4C95-9FC8-9F2611D7E2BE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:6.6.4:*:*:*:*:*:*:*", - "matchCriteriaId": "D027DA95-EC2D-4CDA-9458-E5315E8EF92A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:6.6.5:*:*:*:*:*:*:*", - "matchCriteriaId": "20FB8F1C-2757-4C48-BA17-9D0BEF671ACF" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:6.6.5.1:*:*:*:*:*:*:*", - "matchCriteriaId": "89D368A3-6202-4C14-9DD6-6FE73B5F06F4" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:6.6.5.2:*:*:*:*:*:*:*", - "matchCriteriaId": "28AE56F0-52C7-4BF3-BBA2-FC6946C2617B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:6.6.7:*:*:*:*:*:*:*", - "matchCriteriaId": "33E5B23F-8986-49D2-BE0C-E3576C703EDB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:6.6.7.1:*:*:*:*:*:*:*", - "matchCriteriaId": "B41A653B-E947-4C3B-82AA-42F5F282FA29" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:6.7.0:*:*:*:*:*:*:*", - "matchCriteriaId": "CEFB54B2-5026-482B-B226-FC07841C6FC5" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:6.7.0.1:*:*:*:*:*:*:*", - "matchCriteriaId": "1BBBF462-9E15-4526-A437-B78CA24832C7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:6.7.0.2:*:*:*:*:*:*:*", - "matchCriteriaId": "8D00BA69-08A6-4796-BDE6-E5E2D7C66E23" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:6.7.0.3:*:*:*:*:*:*:*", - "matchCriteriaId": "BF2B032F-6C40-4D12-8D7F-C41A6F75941F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.0:*:*:*:*:*:*:*", - "matchCriteriaId": "D05CDFBE-0206-490E-B916-EEFE787CE975" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.0.1:*:*:*:*:*:*:*", - "matchCriteriaId": "6B8A26CA-12C8-44B5-902E-D450127A0197" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.1:*:*:*:*:*:*:*", - "matchCriteriaId": "7632C245-04C6-4E78-87B7-55CCCA6FD6C8" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.1.1:*:*:*:*:*:*:*", - "matchCriteriaId": "45E1B068-FF70-4A61-9932-02626A2207CB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.2:*:*:*:*:*:*:*", - "matchCriteriaId": "E84099EB-2535-4A9F-8355-FF937CFBD122" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.2.1:*:*:*:*:*:*:*", - "matchCriteriaId": "92F386BB-96E5-47FF-92FE-BB19B83FF054" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.3:*:*:*:*:*:*:*", - "matchCriteriaId": "9CBC03FE-3A54-450E-A8CE-844C4A6E54B7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.4:*:*:*:*:*:*:*", - "matchCriteriaId": "C599F894-DAD2-4231-8BB8-1427E7C02D60" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.5:*:*:*:*:*:*:*", - "matchCriteriaId": "C1F60C12-71C9-47C6-B43F-A0374419D736" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.6:*:*:*:*:*:*:*", - "matchCriteriaId": "1C853CD9-F451-406E-A515-3BDC34E55639" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "078352DC-CEB3-47BC-B1F7-05AA3DBD5D8B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1.0.1:*:*:*:*:*:*:*", - "matchCriteriaId": "096B8FFA-6C54-44A9-97C9-0479C802E25C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1.0.2:*:*:*:*:*:*:*", - "matchCriteriaId": "028024EF-84D1-4250-B697-D33E8E79DE9F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1.0.3:*:*:*:*:*:*:*", - "matchCriteriaId": "CE2EC687-1EEF-4F47-B509-2E9D7D7DB21A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2.0:*:*:*:*:*:*:*", - "matchCriteriaId": "1197F620-536D-4891-97B0-B17D7F76B621" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2.0.1:*:*:*:*:*:*:*", - "matchCriteriaId": "68C616AE-4B20-47A1-854E-89899BBF79B0" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2.1:*:*:*:*:*:*:*", - "matchCriteriaId": "E853B8BF-07F5-46DF-8DEA-302F68B8B086" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2.2:*:*:*:*:*:*:*", - "matchCriteriaId": "95627941-30D8-452F-B6C8-76D2BEE93514" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2.3:*:*:*:*:*:*:*", - "matchCriteriaId": "364CA0EA-F85E-4C4B-96D8-A7256F413844" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2.4:*:*:*:*:*:*:*", - "matchCriteriaId": "67AB954E-D1F4-4B29-B782-2E9917D82DE0" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2.4.1:*:*:*:*:*:*:*", - "matchCriteriaId": "5BE03156-2E96-4D0E-909F-E424515C12D7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2.5:*:*:*:*:*:*:*", - "matchCriteriaId": "7DA3389C-86FE-45F7-97D7-E3386403944F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.3.0:*:*:*:*:*:*:*", - "matchCriteriaId": "2FE43737-1463-4C93-9549-1D5BF3BB308B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.3.1:*:*:*:*:*:*:*", - "matchCriteriaId": "F5DD95E7-841A-475C-A302-6E7D48E887C3" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.3.1.1:*:*:*:*:*:*:*", - "matchCriteriaId": "4C12C224-AB9E-42A7-8A26-94D6B4378CEA" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.1:*:*:*:*:*:*:*", - "matchCriteriaId": "D482F818-0A8E-49D7-8E3E-0958019FA629" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.1.5:*:*:*:*:*:*:*", - "matchCriteriaId": "8E7BFB57-BC02-4930-A02F-83583E6A0FC2" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.1.7:*:*:*:*:*:*:*", - "matchCriteriaId": "026F1960-C879-4611-A60A-96311B63CCA5" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2:*:*:*:*:*:*:*", - "matchCriteriaId": "EAF8B33E-0C95-467D-A865-0A234E69D0CA" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.8:*:*:*:*:*:*:*", - "matchCriteriaId": "EFF144F5-D933-4DE4-818C-001BD9E3958A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.14:*:*:*:*:*:*:*", - "matchCriteriaId": "00112ED3-FE7B-425B-9A28-1E5F2BC8BB01" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.15:*:*:*:*:*:*:*", - "matchCriteriaId": "DDD491D5-FAAB-493F-91A6-D2F3B5F5970E" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.17:*:*:*:*:*:*:*", - "matchCriteriaId": "1519F49D-588F-4B70-B38F-EF4F3E13FEAC" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.20:*:*:*:*:*:*:*", - "matchCriteriaId": "15354443-5EB7-4712-B2DE-61DB33830759" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.24:*:*:*:*:*:*:*", - "matchCriteriaId": "248D6B44-E134-4DEC-A947-636824E3FDFA" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.26:*:*:*:*:*:*:*", - "matchCriteriaId": "0820A79C-F3EF-407F-9AC7-DCAB4CD39C89" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.28:*:*:*:*:*:*:*", - "matchCriteriaId": "9D3E8805-85D2-4345-8076-039513209A31" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.33:*:*:*:*:*:*:*", - "matchCriteriaId": "14BB907B-D75A-4F5E-B20D-5457A71A70EE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.35:*:*:*:*:*:*:*", - "matchCriteriaId": "F118B803-4C55-436A-A136-0C1FEA49858F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.38:*:*:*:*:*:*:*", - "matchCriteriaId": "6A272121-408E-45F6-A2A1-0BA6EBC060A5" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3:*:*:*:*:*:*:*", - "matchCriteriaId": "980CEA3B-5A81-4E8C-BEA3-DD31BE7DA2CD" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.8:*:*:*:*:*:*:*", - "matchCriteriaId": "A3910211-D4DB-4CA7-BBEA-DD8246FF10ED" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.11:*:*:*:*:*:*:*", - "matchCriteriaId": "C260BF30-7A33-4C70-9509-404856C93666" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.14:*:*:*:*:*:*:*", - "matchCriteriaId": "AF894850-39EC-4B57-BBFF-F1AB4F8389A7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.16:*:*:*:*:*:*:*", - "matchCriteriaId": "E1FAFCF9-0ABE-483E-9604-329762BB7870" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.18:*:*:*:*:*:*:*", - "matchCriteriaId": "83DB4278-3126-4765-97C4-6C0A8C78DA78" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.21:*:*:*:*:*:*:*", - "matchCriteriaId": "174E631B-6099-47DE-8790-BBF4B7FDB8CC" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.26:*:*:*:*:*:*:*", - "matchCriteriaId": "9FE3538B-F612-4105-BFDE-A4B594482DCF" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.3.29:*:*:*:*:*:*:*", - "matchCriteriaId": "3143B0FF-C855-485E-A908-E48974B1643C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4:*:*:*:*:*:*:*", - "matchCriteriaId": "26DD9992-6D98-4E03-9599-ECF38A186FBB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.3:*:*:*:*:*:*:*", - "matchCriteriaId": "24DCEAE6-355B-40AE-A7C8-AF744FCA8A86" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.7:*:*:*:*:*:*:*", - "matchCriteriaId": "2097E81E-B422-4B93-AF09-F300A0E8AF71" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.8:*:*:*:*:*:*:*", - "matchCriteriaId": "454DEA31-A607-4054-82D3-24A4FEB7358F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.10:*:*:*:*:*:*:*", - "matchCriteriaId": "57F0B213-8187-4465-84F1-FB8D92B36020" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.12:*:*:*:*:*:*:*", - "matchCriteriaId": "E540771E-BA0B-42D1-8251-B576B0F142C4" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.15:*:*:*:*:*:*:*", - "matchCriteriaId": "BEC2A833-BECF-4000-A592-6113A84C2D20" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.17:*:*:*:*:*:*:*", - "matchCriteriaId": "077F1416-924A-4D25-9CEE-3BD66A96A019" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.20:*:*:*:*:*:*:*", - "matchCriteriaId": "5BDC8D92-D6E0-40EE-B190-D2B32C7DEB75" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.22:*:*:*:*:*:*:*", - "matchCriteriaId": "23CD5619-E534-4F40-998D-39DC19FA0451" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.25:*:*:*:*:*:*:*", - "matchCriteriaId": "C5D0EB11-14B1-44B3-8D46-B9DD872F772C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.26:*:*:*:*:*:*:*", - "matchCriteriaId": "4FA399CF-12DB-42E0-A66F-14508B52A453" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.29:*:*:*:*:*:*:*", - "matchCriteriaId": "7B5A7608-E737-420E-9B5E-836600DAC701" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.32:*:*:*:*:*:*:*", - "matchCriteriaId": "C7EB6801-336D-4F41-ADE7-1C58C63C3F6F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.33:*:*:*:*:*:*:*", - "matchCriteriaId": "8413DA41-02A5-4269-8C88-9DD5076AF91B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.34:*:*:*:*:*:*:*", - "matchCriteriaId": "AA00285F-6914-4749-8A47-FC4EDAFFF3C9" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.35:*:*:*:*:*:*:*", - "matchCriteriaId": "4AA4D367-32B9-4F54-8352-A959F61A1FDC" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.39:*:*:*:*:*:*:*", - "matchCriteriaId": "2259FF9E-0C8B-440F-B1AC-51BDE3F60E68" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.40:*:*:*:*:*:*:*", - "matchCriteriaId": "3C522B55-904D-4C08-B73E-1457D877C0AB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.41:*:*:*:*:*:*:*", - "matchCriteriaId": "4483056A-FBF3-4E00-81EB-1E97334EF240" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.43:*:*:*:*:*:*:*", - "matchCriteriaId": "48677330-06AB-4C7F-B2AD-F7E465A9632A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.44:*:*:*:*:*:*:*", - "matchCriteriaId": "7AEA80D2-5DB8-4334-9A88-7DDE395832C8" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.45:*:*:*:*:*:*:*", - "matchCriteriaId": "FB1C38A5-1028-4AD3-8CC7-A00091091E76" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.46:*:*:*:*:*:*:*", - "matchCriteriaId": "848147B2-C49A-43F6-9069-FC8885BDFDA3" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.4.48:*:*:*:*:*:*:*", - "matchCriteriaId": "D6FEF0DA-741E-4361-8143-068EB47D6520" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.10.1:*:*:*:*:*:*:*", - "matchCriteriaId": "69289C72-01B5-4280-A382-665C1224C850" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.1:*:*:*:*:*:*:*", - "matchCriteriaId": "F002FD55-F881-450E-BC1B-8073E188F47E" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.1.2:*:*:*:*:*:*:*", - "matchCriteriaId": "AA940C4F-13BB-465F-BB8D-CBD0109BF012" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.1.3:*:*:*:*:*:*:*", - "matchCriteriaId": "8B0434F5-9A50-4B57-9C5B-E09415D098C8" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2:*:*:*:*:*:*:*", - "matchCriteriaId": "AE727035-06CB-4E37-A9D2-96BD54502120" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.1:*:*:*:*:*:*:*", - "matchCriteriaId": "9FE52B81-2CF8-48E5-A7BA-A163A25A669B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.4:*:*:*:*:*:*:*", - "matchCriteriaId": "D8E8D7C9-5272-40E6-869B-B33959F9F0CA" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.5:*:*:*:*:*:*:*", - "matchCriteriaId": "FE8D5D71-5C85-4644-8A84-F073549ADB50" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.2.9:*:*:*:*:*:*:*", - "matchCriteriaId": "0790DDC2-7BA0-42DC-A157-754C0CBBE178" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3:*:*:*:*:*:*:*", - "matchCriteriaId": "882394EA-70C8-4D86-9AEF-5D273D8E518C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.2:*:*:*:*:*:*:*", - "matchCriteriaId": "855AD3CC-F404-48C5-80D2-7F2765D16D72" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.7:*:*:*:*:*:*:*", - "matchCriteriaId": "26B6BF72-9124-4213-B3C0-BD31B46E8C91" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.9:*:*:*:*:*:*:*", - "matchCriteriaId": "DE8FBE89-8FDA-4B9B-BA1A-90FFD482A585" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.3.12:*:*:*:*:*:*:*", - "matchCriteriaId": "149C3872-8DA9-48DD-ADD0-2E84C1A76A40" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4:*:*:*:*:*:*:*", - "matchCriteriaId": "D2D33E8C-294A-4C43-8DB6-9DA9F61F0B3B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.2:*:*:*:*:*:*:*", - "matchCriteriaId": "7E23ACB0-DF8B-4672-A819-4DCD3104CE4A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.4:*:*:*:*:*:*:*", - "matchCriteriaId": "E4723B88-62BA-40E6-AA89-BAC02D6A036F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.7:*:*:*:*:*:*:*", - "matchCriteriaId": "7C698819-3C8E-4A16-8F52-42FF1E54C076" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.8:*:*:*:*:*:*:*", - "matchCriteriaId": "8D3CE74E-59E7-448A-8417-18F97C05C798" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.10:*:*:*:*:*:*:*", - "matchCriteriaId": "0986C171-0E75-4F6F-A9BD-276830104E5B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.13:*:*:*:*:*:*:*", - "matchCriteriaId": "66A2777A-7831-4324-AEB2-5D93B5F6C04B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.18:*:*:*:*:*:*:*", - "matchCriteriaId": "37045680-9189-4B7F-A4F7-4E682FE20A09" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.24:*:*:*:*:*:*:*", - "matchCriteriaId": "B6C9F37B-CF3C-4861-A969-C7CF4946274A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.26:*:*:*:*:*:*:*", - "matchCriteriaId": "6A1DAF21-3FED-4691-9D4C-8FD8CEA7FB3A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.29:*:*:*:*:*:*:*", - "matchCriteriaId": "FB938E58-4963-4A31-8836-88E958592B30" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.30:*:*:*:*:*:*:*", - "matchCriteriaId": "1E317897-EE97-44F3-96BB-E54228D72A7A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.35:*:*:*:*:*:*:*", - "matchCriteriaId": "1EF7FAB2-158D-4C48-9246-E7AD3BF1D801" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.37:*:*:*:*:*:*:*", - "matchCriteriaId": "056D43AE-ECDB-40D2-A196-18DDCD02629E" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.38:*:*:*:*:*:*:*", - "matchCriteriaId": "D3E555F3-3580-4D71-8D8D-92FE72763D62" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.39:*:*:*:*:*:*:*", - "matchCriteriaId": "93013503-8B9A-4160-AF7E-277958FA6E9D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.40:*:*:*:*:*:*:*", - "matchCriteriaId": "A3B009FD-0F2B-4511-8EDF-C3E670623F89" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.41:*:*:*:*:*:*:*", - "matchCriteriaId": "52579D8D-E855-42B3-B406-32DD1C39F721" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.47:*:*:*:*:*:*:*", - "matchCriteriaId": "E7E44FC6-12A2-4F76-A095-28F3804B619F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.48:*:*:*:*:*:*:*", - "matchCriteriaId": "42917E5E-E362-4B40-B2B2-3C77BA35641C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.50:*:*:*:*:*:*:*", - "matchCriteriaId": "CF317FA3-EBF3-49BB-A9E6-0D4295FA3F60" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.52:*:*:*:*:*:*:*", - "matchCriteriaId": "F98B1683-914F-43D3-AE1C-311D3A90BE8C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.54:*:*:*:*:*:*:*", - "matchCriteriaId": "A8D24656-CAB1-4A98-A440-482927FEDD16" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.55:*:*:*:*:*:*:*", - "matchCriteriaId": "E504557C-DA5D-4D0F-A813-4CE7D5109F15" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.56:*:*:*:*:*:*:*", - "matchCriteriaId": "04D2A067-C717-4921-BBF5-3EFBE02736EC" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.12.4.58:*:*:*:*:*:*:*", - "matchCriteriaId": "36DDEC5B-4BEA-499C-9F34-BB3D39B7A963" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1:*:*:*:*:*:*:*", - "matchCriteriaId": "52D83C3A-ED0B-42D5-A08A-97D27E189875" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.6:*:*:*:*:*:*:*", - "matchCriteriaId": "A649E319-D408-4AA2-8293-C9E37AF14BA5" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.10:*:*:*:*:*:*:*", - "matchCriteriaId": "F4187EFE-4D7E-4493-A6E0-24C98256CF79" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.15:*:*:*:*:*:*:*", - "matchCriteriaId": "6730194F-5069-40AB-AE66-871D3992560C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.19:*:*:*:*:*:*:*", - "matchCriteriaId": "9E257F98-D1A0-4D28-9504-1749CC090D49" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.30:*:*:*:*:*:*:*", - "matchCriteriaId": "3FF1A5FC-73BE-4218-86D9-2E81FA64EABD" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2:*:*:*:*:*:*:*", - "matchCriteriaId": "4E492943-6EC0-4E34-9DBC-DD1C2CF1CDCC" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.4:*:*:*:*:*:*:*", - "matchCriteriaId": "589E46F3-8038-4B87-8C40-55C6268B82F2" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.8:*:*:*:*:*:*:*", - "matchCriteriaId": "3F3B73F6-139E-42DC-B895-DDD17B5A1138" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.13:*:*:*:*:*:*:*", - "matchCriteriaId": "0A2590E7-FE04-4B29-B36B-AABAA5F3B9AE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.15:*:*:*:*:*:*:*", - "matchCriteriaId": "3E4FD5E3-7E82-4294-8B05-D2045D857029" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3:*:*:*:*:*:*:*", - "matchCriteriaId": "4E998A4A-5346-4CFA-A617-FD1106C6B7A1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.1:*:*:*:*:*:*:*", - "matchCriteriaId": "91265549-A16E-4A00-A031-4F1EB8D6881C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.9:*:*:*:*:*:*:*", - "matchCriteriaId": "EA3C316B-5485-4CDD-A1A1-6C0A9CB4719F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.11:*:*:*:*:*:*:*", - "matchCriteriaId": "ECE6D033-7B8B-4F61-B653-0C0EF13466EB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.13:*:*:*:*:*:*:*", - "matchCriteriaId": "14441650-DAD5-4959-83DF-4D6F3D6A05FA" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.15:*:*:*:*:*:*:*", - "matchCriteriaId": "1B21ABC9-A64B-43E4-8951-1E6C0F427DBB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.18:*:*:*:*:*:*:*", - "matchCriteriaId": "A48EC041-322F-422D-B95B-0FC07BDA2B6B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4:*:*:*:*:*:*:*", - "matchCriteriaId": "FE0D50C0-DADB-4747-8649-8A5257111FE6" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.6:*:*:*:*:*:*:*", - "matchCriteriaId": "FEE2699F-353F-44CB-A778-981783DDC31F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.7:*:*:*:*:*:*:*", - "matchCriteriaId": "7D8E50BD-1FBD-483B-9C27-70E95C732E55" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.12:*:*:*:*:*:*:*", - "matchCriteriaId": "F46E5E4F-787C-4C05-B1E7-C39BB9125D16" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.13:*:*:*:*:*:*:*", - "matchCriteriaId": "D6A29312-38E7-456B-94DD-4D7329691114" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.14:*:*:*:*:*:*:*", - "matchCriteriaId": "27F7BB31-C733-4C32-BF0F-33B5AF020156" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.15:*:*:*:*:*:*:*", - "matchCriteriaId": "DC313568-33A6-435B-98FF-8A7091D9C451" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.17:*:*:*:*:*:*:*", - "matchCriteriaId": "7F85710A-28CE-4913-8523-356461908FBE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.22:*:*:*:*:*:*:*", - "matchCriteriaId": "D6069950-016B-419A-B754-D58956CB6D14" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.23:*:*:*:*:*:*:*", - "matchCriteriaId": "5A2F3FEC-624F-47C5-B056-836861BB038A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1:*:*:*:*:*:*:*", - "matchCriteriaId": "EA0B9B73-A9E6-4924-9EAE-B57E534938FD" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.1:*:*:*:*:*:*:*", - "matchCriteriaId": "012812C4-EFF8-465F-A771-134BEB617CC9" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.7:*:*:*:*:*:*:*", - "matchCriteriaId": "E06141A9-8C37-445A-B58A-45739AFE7D4C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.10:*:*:*:*:*:*:*", - "matchCriteriaId": "7EDC09E5-51D3-4672-B910-B34A9CBD6128" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.15:*:*:*:*:*:*:*", - "matchCriteriaId": "71ED7A71-81CB-444C-A4ED-EA4A58D5E73C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.16:*:*:*:*:*:*:*", - "matchCriteriaId": "CAD13331-0EB8-4C8D-85CC-D96CA9F829AE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.17:*:*:*:*:*:*:*", - "matchCriteriaId": "7137F22B-F993-4620-9378-9412DAEA9EF6" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.21:*:*:*:*:*:*:*", - "matchCriteriaId": "923A40E8-6456-4288-B9AB-DBF5F9C4246A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.1:*:*:*:*:*:*:*", - "matchCriteriaId": "13F57A86-6284-4269-823E-B30C57185D14" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.1.28:*:*:*:*:*:*:*", - "matchCriteriaId": "F6560447-039C-40FA-A24D-C8994AC2743B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2:*:*:*:*:*:*:*", - "matchCriteriaId": "378ED826-F5FE-40BA-9FC0-9C185A13518B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.3:*:*:*:*:*:*:*", - "matchCriteriaId": "130B6FD9-764D-4EF8-91AA-37E52AE9B3E3" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.7:*:*:*:*:*:*:*", - "matchCriteriaId": "225861CE-FFF8-4AFA-A07B-CB8D5BC9C361" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.11:*:*:*:*:*:*:*", - "matchCriteriaId": "FD08C4E8-3ADB-4048-9B3C-4F0385201523" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.13:*:*:*:*:*:*:*", - "matchCriteriaId": "A4875811-F209-49ED-B310-8377B2F87FF9" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.2.14:*:*:*:*:*:*:*", - "matchCriteriaId": "99C52C7B-B626-4A3C-A2EC-28A20E7FA95F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3:*:*:*:*:*:*:*", - "matchCriteriaId": "08CCBF5E-257A-4A1F-8930-3643A9588838" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.3:*:*:*:*:*:*:*", - "matchCriteriaId": "782BC9ED-1395-472B-9F34-DED812AA5BFD" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.14:*:*:*:*:*:*:*", - "matchCriteriaId": "153449C0-B93F-49A2-8A6A-BE84305E8D2B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.15:*:*:*:*:*:*:*", - "matchCriteriaId": "853A002C-839A-4372-8485-750A86E9F6E9" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.19:*:*:*:*:*:*:*", - "matchCriteriaId": "C62BB5D6-CE75-4C83-82DC-4148EF8CB1F5" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.23:*:*:*:*:*:*:*", - "matchCriteriaId": "D32F1365-EAF8-4570-B2FF-45E47E8586F9" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4:*:*:*:*:*:*:*", - "matchCriteriaId": "DFD07F9B-6BB3-4423-8DBE-4E89A6478E65" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.9:*:*:*:*:*:*:*", - "matchCriteriaId": "34FE4F28-B704-4325-AE8A-C790163FEE71" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.14:*:*:*:*:*:*:*", - "matchCriteriaId": "E832BC0C-8439-4779-9064-C2D93F231031" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.18:*:*:*:*:*:*:*", - "matchCriteriaId": "FA99DF94-D031-4375-9A16-306606FE28F4" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.19:*:*:*:*:*:*:*", - "matchCriteriaId": "FC149D03-5609-46E6-A1B3-F4D91F282B49" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.27:*:*:*:*:*:*:*", - "matchCriteriaId": "B5D7FC6F-1370-4272-97E5-226C2ED1D335" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.38:*:*:*:*:*:*:*", - "matchCriteriaId": "164D5774-D51B-47C6-AD32-ED6B84E78BBB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1:*:*:*:*:*:*:*", - "matchCriteriaId": "27ACBA2A-87A7-4836-A474-AFD7D22F820D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.7:*:*:*:*:*:*:*", - "matchCriteriaId": "C73E0B2E-BABF-4998-A1D7-4E803F9D78AD" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.9:*:*:*:*:*:*:*", - "matchCriteriaId": "59306ADF-FAA6-4970-ADFB-C5D9A5AEF1AD" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.10:*:*:*:*:*:*:*", - "matchCriteriaId": "959107AC-E9EC-467C-901B-A3164E3762E9" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.11:*:*:*:*:*:*:*", - "matchCriteriaId": "6F944F8F-0255-42BE-BD44-D21EC9F0FFC4" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.13:*:*:*:*:*:*:*", - "matchCriteriaId": "0F39C535-5A41-47CE-A9CF-B360998D4BF9" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.15:*:*:*:*:*:*:*", - "matchCriteriaId": "E9CEAEFC-7B82-41F9-A09D-C86A3A60A4FB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.20:*:*:*:*:*:*:*", - "matchCriteriaId": "40FAC31D-19C0-4BA0-A019-C7E7A0BA0B5B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.30:*:*:*:*:*:*:*", - "matchCriteriaId": "6CAAFE0F-416F-4BCA-BA37-30EAEADA8AFE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.1:*:*:*:*:*:*:*", - "matchCriteriaId": "0BA16A6D-2747-4DAC-A30A-166F1FD906FA" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.1.3:*:*:*:*:*:*:*", - "matchCriteriaId": "289F9874-FC01-4809-9BDA-1AF583FB60B2" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2:*:*:*:*:*:*:*", - "matchCriteriaId": "74EDFC67-E4EE-4D2C-BF9F-5881C987C662" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2.5:*:*:*:*:*:*:*", - "matchCriteriaId": "826869BE-4874-4BBA-9392-14851560BA10" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2.7:*:*:*:*:*:*:*", - "matchCriteriaId": "EF52D477-3045-45D1-9FD3-12F396266463" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2.8:*:*:*:*:*:*:*", - "matchCriteriaId": "88E310BF-F1F6-4124-A875-81967B9B531E" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3:*:*:*:*:*:*:*", - "matchCriteriaId": "5B330F8F-F0DA-472C-A932-AD1D232C7DB5" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3.39:*:*:*:*:*:*:*", - "matchCriteriaId": "6BF59DAA-268C-4FCF-A0AA-7967128AEBC5" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3.46:*:*:*:*:*:*:*", - "matchCriteriaId": "140ED95D-173C-4ADB-A2E6-97F0D595D1AB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3.53:*:*:*:*:*:*:*", - "matchCriteriaId": "BC9B00E1-3E50-4356-B6D9-F84BCD552402" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3.55:*:*:*:*:*:*:*", - "matchCriteriaId": "552319A9-01F7-47BA-83B3-B2DD648AA07E" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1:*:*:*:*:*:*:*", - "matchCriteriaId": "BEE52F59-AABA-4069-A909-64AD5DFD2B18" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.5:*:*:*:*:*:*:*", - "matchCriteriaId": "20D7966E-B02B-48C8-BF96-723DD6C25314" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.9:*:*:*:*:*:*:*", - "matchCriteriaId": "FA618249-E76F-4104-9326-C9F2DC8DE3D7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.12:*:*:*:*:*:*:*", - "matchCriteriaId": "7C925E1F-6BD9-4CD1-8AC4-4263A9094786" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.18:*:*:*:*:*:*:*", - "matchCriteriaId": "C5EE76D9-6D18-4823-B6B0-E1394A4D140C" - } - ] - } - ] - }, - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3:*:*:*:*:*:*:*", - "matchCriteriaId": "1D726F07-06F1-4B0A-B010-E607E0C2A280" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.1:*:*:*:*:*:*:*", - "matchCriteriaId": "0FAD2427-82A3-4E64-ADB5-FA4F40B568F9" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.2:*:*:*:*:*:*:*", - "matchCriteriaId": "08D5A647-AC21-40AC-8B3C-EE5D3EDA038A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.3:*:*:*:*:*:*:*", - "matchCriteriaId": "0BAE999A-5244-46CF-8C12-D68E789BDEE1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.4:*:*:*:*:*:*:*", - "matchCriteriaId": "D6468D3D-C5A7-4FAE-B4B9-AD862CD11055" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.5:*:*:*:*:*:*:*", - "matchCriteriaId": "D6E4808D-592E-46A6-A83A-A46227D817B8" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.6:*:*:*:*:*:*:*", - "matchCriteriaId": "1AB45136-ACCD-4230-8975-0EBB30D5B375" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.7:*:*:*:*:*:*:*", - "matchCriteriaId": "B2C39AC1-1B96-4253-9FC8-4CC26D6261F4" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.8:*:*:*:*:*:*:*", - "matchCriteriaId": "DE9102C8-F211-4E50-967F-FD51C7FC904F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.9:*:*:*:*:*:*:*", - "matchCriteriaId": "B4933642-89E5-4909-AD3C-862CD3B77790" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.10:*:*:*:*:*:*:*", - "matchCriteriaId": "A9A6C776-79B3-47ED-B013-100B8F08E1C4" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.11:*:*:*:*:*:*:*", - "matchCriteriaId": "E504F28A-44CE-4B3E-9330-6A98728E3AEC" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.12:*:*:*:*:*:*:*", - "matchCriteriaId": "FEA0DD43-D206-4C1C-8B17-DA47F96B3BAC" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.13:*:*:*:*:*:*:*", - "matchCriteriaId": "1983172D-4F52-479F-BF14-A84B92D36864" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.14:*:*:*:*:*:*:*", - "matchCriteriaId": "4122D982-A57A-4249-A8DC-CE9FC6C98803" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.15:*:*:*:*:*:*:*", - "matchCriteriaId": "96464380-F665-4266-B0AD-693E078C9F82" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.16:*:*:*:*:*:*:*", - "matchCriteriaId": "4C230B8A-570D-4F58-83E1-AFA50B813EA4" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.17:*:*:*:*:*:*:*", - "matchCriteriaId": "FD3F39CB-C4C2-4B13-94F0-9E44322314BD" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.18:*:*:*:*:*:*:*", - "matchCriteriaId": "59A71873-0EB2-418F-AE33-8474A1010FA5" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0:*:*:*:*:*:*:*", - "matchCriteriaId": "B2DF0B07-8C2A-4341-8AFF-DE7E5E5B3A43" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.1:*:*:*:*:*:*:*", - "matchCriteriaId": "6E6BD0EE-649E-4ED6-A09C-8364335DEF52" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.2:*:*:*:*:*:*:*", - "matchCriteriaId": "1AE11554-FE3C-4C8B-8986-5D88E4967342" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.3:*:*:*:*:*:*:*", - "matchCriteriaId": "E1C11983-22A8-4859-A240-571A7815FF54" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.4:*:*:*:*:*:*:*", - "matchCriteriaId": "24CD0B0A-2B91-45DD-9522-8D1D3850CC9B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.5:*:*:*:*:*:*:*", - "matchCriteriaId": "B7026F0E-72A7-4CDF-BADC-E34FE6FADC51" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.6:*:*:*:*:*:*:*", - "matchCriteriaId": "63B85369-FBAE-456C-BC99-5418B043688A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.7:*:*:*:*:*:*:*", - "matchCriteriaId": "86434346-D5F0-49BA-803E-244C3266E361" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.8:*:*:*:*:*:*:*", - "matchCriteriaId": "D2FA7B3C-002D-4755-B323-CA24B770A5B9" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.9:*:*:*:*:*:*:*", - "matchCriteriaId": "F1CB7EBC-F3D5-4855-A8D8-BA5AB21FD719" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.10:*:*:*:*:*:*:*", - "matchCriteriaId": "F2A5530C-DF29-421B-9712-3454C1769446" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.11:*:*:*:*:*:*:*", - "matchCriteriaId": "41170977-FEEA-4B51-BF98-8493096CD691" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.12:*:*:*:*:*:*:*", - "matchCriteriaId": "B05791F9-0B31-4C4C-A9BA-9268CAA45FB2" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.13:*:*:*:*:*:*:*", - "matchCriteriaId": "4D975CBA-7F01-4A4C-991B-9571410C4F07" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.14:*:*:*:*:*:*:*", - "matchCriteriaId": "B6D7AF29-4E08-4BFD-AFE0-994309E66F08" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.15:*:*:*:*:*:*:*", - "matchCriteriaId": "D2EFA476-5021-4A00-859E-1643009D6156" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.16:*:*:*:*:*:*:*", - "matchCriteriaId": "E6E3A5DC-A237-46E4-A4E5-F135482F984A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0:*:*:*:*:*:*:*", - "matchCriteriaId": "DCD69468-8067-4A5D-B2B0-EC510D889AA0" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0.1:*:*:*:*:*:*:*", - "matchCriteriaId": "20AE4051-FA3B-4F0B-BD3D-083A14269FF6" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.1:*:*:*:*:*:*:*", - "matchCriteriaId": "46A42D07-FF3E-41B4-BA39-3A5BDA4E0E61" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.3:*:*:*:*:*:*:*", - "matchCriteriaId": "3985EA37-2B77-45F2-ABA5-5CCC7B35CA2E" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.4:*:*:*:*:*:*:*", - "matchCriteriaId": "67FB5ABE-3C40-4C58-B91F-0621C2180FAC" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5:*:*:*:*:*:*:*", - "matchCriteriaId": "53909FD6-EC74-4D2F-99DA-26E70400B53F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5.1:*:*:*:*:*:*:*", - "matchCriteriaId": "55FE024D-0D43-40AD-9645-8C54ECF17824" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5.2:*:*:*:*:*:*:*", - "matchCriteriaId": "EC411A8D-CD39-46F5-B8FC-6753E618FAEC" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.7:*:*:*:*:*:*:*", - "matchCriteriaId": "D46E2E00-BA86-4002-B67B-2C1A6C1AAAE0" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.7.1:*:*:*:*:*:*:*", - "matchCriteriaId": "91AD8BA2-EB8D-4D8B-B707-AF5C2A831998" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0:*:*:*:*:*:*:*", - "matchCriteriaId": "85F22403-B4EE-4303-9C94-915D3E0AC944" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.1:*:*:*:*:*:*:*", - "matchCriteriaId": "828E3DE1-B62E-4FEC-AAD3-EB0E452C9CBC" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.2:*:*:*:*:*:*:*", - "matchCriteriaId": "596EC5DD-D7F4-44C8-B4B5-E2DC142FC486" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.3:*:*:*:*:*:*:*", - "matchCriteriaId": "C356E0E6-5B87-40CF-996E-6FFEDFD82A31" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0:*:*:*:*:*:*:*", - "matchCriteriaId": "BBCA75A6-0A3E-4393-8884-9F3CE190641E" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0.1:*:*:*:*:*:*:*", - "matchCriteriaId": "3F3C12D3-7662-46C5-9E88-D1BE6CF605E0" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1:*:*:*:*:*:*:*", - "matchCriteriaId": "046B53A0-6BC1-461A-9C28-C534CE12C4BD" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1.1:*:*:*:*:*:*:*", - "matchCriteriaId": "3CA889E1-4E8F-4ECE-88AC-7A240D5CBF0A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.2:*:*:*:*:*:*:*", - "matchCriteriaId": "5D1C767F-3E06-43B7-A0CC-D51D97A053EB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.2.1:*:*:*:*:*:*:*", - "matchCriteriaId": "43A950B0-A7CA-4CE7-A393-A18C8C41B08E" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.3:*:*:*:*:*:*:*", - "matchCriteriaId": "A7E221CB-BD0F-4AEE-8646-998B75647714" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.4:*:*:*:*:*:*:*", - "matchCriteriaId": "225382DE-2919-48F4-9CC0-DE685EAAFDF4" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.5:*:*:*:*:*:*:*", - "matchCriteriaId": "FBA2DFE7-F478-46EC-9832-4B2C738FC879" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.6:*:*:*:*:*:*:*", - "matchCriteriaId": "39FE5927-2421-4CBE-97EA-6AED892DA1C4" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "D619BF54-1BA9-45D0-A876-92D7010088A0" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.1:*:*:*:*:*:*:*", - "matchCriteriaId": "469EA365-DED5-4436-AAC2-5553529DE700" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.2:*:*:*:*:*:*:*", - "matchCriteriaId": "4D94F400-5A35-41F5-B37F-E9DA6F87ED8E" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.3:*:*:*:*:*:*:*", - "matchCriteriaId": "5364CB94-BEA3-4E9A-A2F9-EE96A2D7F8AB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0:*:*:*:*:*:*:*", - "matchCriteriaId": "16FD5D12-CF1A-4990-99B3-1840EFBA5611" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0.1:*:*:*:*:*:*:*", - "matchCriteriaId": "FCD2D11D-FF08-44E4-BF67-D8DD1E701FCD" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.1:*:*:*:*:*:*:*", - "matchCriteriaId": "F788D156-1F1F-4A08-848B-257BC4CCE000" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.2:*:*:*:*:*:*:*", - "matchCriteriaId": "795ED164-7800-4D50-8E37-665BE30190D9" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.3:*:*:*:*:*:*:*", - "matchCriteriaId": "1B0664B8-1670-4F47-A01E-089D05A9618A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.4:*:*:*:*:*:*:*", - "matchCriteriaId": "F6826018-5620-4924-BE92-6A245378F610" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.4.1:*:*:*:*:*:*:*", - "matchCriteriaId": "A49A07CF-12BA-481C-B5FF-754520080A8A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.5:*:*:*:*:*:*:*", - "matchCriteriaId": "F203C7D1-AA92-4367-B7A5-EBAE6B76EE6F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.0:*:*:*:*:*:*:*", - "matchCriteriaId": "EBC0C3DC-4761-488A-90A9-6EA45EE61526" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1:*:*:*:*:*:*:*", - "matchCriteriaId": "62EE065B-F8B6-4125-8486-B2EE0566B27A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1.1:*:*:*:*:*:*:*", - "matchCriteriaId": "5245DEF8-64BE-47C9-AA3C-DF3F7F92A89F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.1:*:*:*:*:*:*:*", - "matchCriteriaId": "AAC0A7B7-2FE5-40ED-80F3-70F6CC2065F7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.1.5:*:*:*:*:*:*:*", - "matchCriteriaId": "B066DB88-FB86-467E-8AE2-3AC76B202082" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.1.7:*:*:*:*:*:*:*", - "matchCriteriaId": "8A356E12-DFC8-45D3-A72B-133C72011A85" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.2:*:*:*:*:*:*:*", - "matchCriteriaId": "40955D09-9351-436D-A93A-266913CFE407" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.2.8:*:*:*:*:*:*:*", - "matchCriteriaId": "CCDA8B7D-108E-4851-BDDD-E81C58131B8D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.2.14:*:*:*:*:*:*:*", - "matchCriteriaId": "975AA7EF-3BE1-4112-AAAE-80C678DF06FE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.2.15:*:*:*:*:*:*:*", - "matchCriteriaId": "EDDC513A-8B98-4904-BC39-E178D6CABD86" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.2.17:*:*:*:*:*:*:*", - "matchCriteriaId": "D6A4E4A8-3FB8-4EAA-ADD8-D8A48269C7A0" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.2.20:*:*:*:*:*:*:*", - "matchCriteriaId": "E00E1A95-4D81-4D8C-8E9F-02F9866DEC19" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.2.24:*:*:*:*:*:*:*", - "matchCriteriaId": "968A5890-B604-4AF7-88FD-52512DE60A0D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.2.26:*:*:*:*:*:*:*", - "matchCriteriaId": "C3390375-1D75-4D28-AA2B-4D28FC006B2B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.2.28:*:*:*:*:*:*:*", - "matchCriteriaId": "134FBA88-E8BF-4757-9ED5-449A03ED4FEB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.2.33:*:*:*:*:*:*:*", - "matchCriteriaId": "17F83FA7-11A1-48D1-AAD9-80EB8330C576" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.2.35:*:*:*:*:*:*:*", - "matchCriteriaId": "2250FD43-E360-4BB9-8444-47C6014E77F0" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.2.38:*:*:*:*:*:*:*", - "matchCriteriaId": "33E18DBD-6477-4DEF-9A4F-884F0987C89C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.3:*:*:*:*:*:*:*", - "matchCriteriaId": "41A26F87-4A82-4BF1-9B69-3FDA62659237" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.3.8:*:*:*:*:*:*:*", - "matchCriteriaId": "82B5E7C5-CE7E-45CF-9B02-D174F99D3379" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.3.11:*:*:*:*:*:*:*", - "matchCriteriaId": "6A59FF9C-0A15-4F9F-A807-5F4B5FDD83F4" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.3.14:*:*:*:*:*:*:*", - "matchCriteriaId": "E0912860-7B6E-4AF9-8208-0F51A11B0CBD" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.3.16:*:*:*:*:*:*:*", - "matchCriteriaId": "1136F1DA-65C0-4D46-87EE-63A5EA8BCC82" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.3.18:*:*:*:*:*:*:*", - "matchCriteriaId": "DEA9D4DA-1CC3-4F76-8AC2-936DF68608A2" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.3.21:*:*:*:*:*:*:*", - "matchCriteriaId": "A1A05215-3700-4DF3-8CDF-25E40065B539" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.3.26:*:*:*:*:*:*:*", - "matchCriteriaId": "BBE017C1-28CE-4219-9BC4-E7AC61A836E4" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.3.29:*:*:*:*:*:*:*", - "matchCriteriaId": "BDB86586-4D1A-415D-9070-EAAFFFF670AD" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.4:*:*:*:*:*:*:*", - "matchCriteriaId": "2443A527-3A65-4226-A643-B683072CB664" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.4.3:*:*:*:*:*:*:*", - "matchCriteriaId": "BA645994-0744-446B-96EA-21915AF3BEC6" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.4.7:*:*:*:*:*:*:*", - "matchCriteriaId": "BA1E87A4-A9EB-4BFC-9070-F32ABD32D33C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.4.8:*:*:*:*:*:*:*", - "matchCriteriaId": "D5B63317-7612-4B7C-8AE8-F18AEFAF4560" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.4.10:*:*:*:*:*:*:*", - "matchCriteriaId": "4CF8BD7E-31C0-4F05-A092-64D9918ED5DA" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.4.12:*:*:*:*:*:*:*", - "matchCriteriaId": "0BBD9E97-0BC5-4120-8E03-1EE9D11E3359" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.4.15:*:*:*:*:*:*:*", - "matchCriteriaId": "4D724096-92CD-457E-8CC5-B8099A8E3187" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.4.17:*:*:*:*:*:*:*", - "matchCriteriaId": "66EA1792-85AC-4AD1-8213-A992F623D743" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.4.20:*:*:*:*:*:*:*", - "matchCriteriaId": "86C7966B-2EB0-4970-B2D5-9F892F2D1C8F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.4.22:*:*:*:*:*:*:*", - "matchCriteriaId": "50C1D4AD-01C0-4591-9308-625FEF736D7C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.4.25:*:*:*:*:*:*:*", - "matchCriteriaId": "4EE06D7A-8DF5-4C98-AEDB-CF0DC5DFF565" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.4.26:*:*:*:*:*:*:*", - "matchCriteriaId": "3B9027F6-F91E-49D3-9328-C72E18625292" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.4.29:*:*:*:*:*:*:*", - "matchCriteriaId": "E1C4EBE8-60A7-4F71-959A-1127DAF2A262" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.4.32:*:*:*:*:*:*:*", - "matchCriteriaId": "3484693F-1D88-44AA-B739-6E0B2C359A4D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.4.33:*:*:*:*:*:*:*", - "matchCriteriaId": "413E425D-9BD5-4A9B-9FE6-6190C488C1D8" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.4.34:*:*:*:*:*:*:*", - "matchCriteriaId": "753121F0-AE17-49FE-B5F3-71DFBD9A4634" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.4.35:*:*:*:*:*:*:*", - "matchCriteriaId": "A583EEC5-7EA9-422E-8C1C-4C28CDBC65F4" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.4.39:*:*:*:*:*:*:*", - "matchCriteriaId": "3FDAA778-942A-433F-88E5-359490AA28CC" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.4.40:*:*:*:*:*:*:*", - "matchCriteriaId": "5DC8A5AE-032F-49C7-B1D3-FA68351E9C3B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.4.41:*:*:*:*:*:*:*", - "matchCriteriaId": "D0F554EB-CCF5-4779-B199-B5F54DDEF79A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.4.43:*:*:*:*:*:*:*", - "matchCriteriaId": "E2FD6008-65F5-4AA5-A824-674863D55F3A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.4.44:*:*:*:*:*:*:*", - "matchCriteriaId": "21908446-BEEC-4E62-AC98-A29CC1130C71" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.4.45:*:*:*:*:*:*:*", - "matchCriteriaId": "66F24887-C173-4EEB-A299-104C1E3FA701" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.4.46:*:*:*:*:*:*:*", - "matchCriteriaId": "8040CC3D-FC71-4E9F-B47F-29C076A45783" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.8.4.48:*:*:*:*:*:*:*", - "matchCriteriaId": "E828CC88-B141-42C4-8A99-6B7D21AEB955" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.12.1:*:*:*:*:*:*:*", - "matchCriteriaId": "55711FD3-EF2E-4247-883B-03A40FD97612" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.12.1.2:*:*:*:*:*:*:*", - "matchCriteriaId": "91495846-B9D1-4EBD-9AB3-3B93B85AC279" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.12.1.3:*:*:*:*:*:*:*", - "matchCriteriaId": "D2C17961-8069-4D62-ABC1-DCAB7329C3FA" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.12.2:*:*:*:*:*:*:*", - "matchCriteriaId": "B2D742BF-6E32-4510-A484-EB478EE12132" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.12.2.1:*:*:*:*:*:*:*", - "matchCriteriaId": "ED71E067-9788-4369-BD9B-DAC3AA1A26BA" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.12.2.4:*:*:*:*:*:*:*", - "matchCriteriaId": "344AAD16-48F8-470F-A292-1CA3D21A75D3" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.12.2.5:*:*:*:*:*:*:*", - "matchCriteriaId": "AF6A591D-2AC6-4A28-B6CD-BD2A3F8D3C26" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.12.2.9:*:*:*:*:*:*:*", - "matchCriteriaId": "95EC0A62-B604-4913-B52F-478FA03A5949" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.12.3:*:*:*:*:*:*:*", - "matchCriteriaId": "934198F1-D461-4881-B8C7-8CCECB730FA2" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.12.3.2:*:*:*:*:*:*:*", - "matchCriteriaId": "E357084A-5E12-41E8-9944-1451A55A2D13" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.12.3.7:*:*:*:*:*:*:*", - "matchCriteriaId": "B5D877E6-5623-41B0-BE45-4D8697DF1715" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.12.3.9:*:*:*:*:*:*:*", - "matchCriteriaId": "EA3917D9-E072-4474-B236-AE25875AA509" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.12.3.12:*:*:*:*:*:*:*", - "matchCriteriaId": "0561BA9E-415A-4D2A-95A2-0C4A706E19A5" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.12.4:*:*:*:*:*:*:*", - "matchCriteriaId": "52E4A054-1837-436E-A1BF-68FF5213EE91" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.12.4.2:*:*:*:*:*:*:*", - "matchCriteriaId": "B2CC50D9-10AC-4098-8C09-E46A3BB2DB2E" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.12.4.4:*:*:*:*:*:*:*", - "matchCriteriaId": "420D097B-8D7F-455A-8FFD-3D07722CB232" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.12.4.7:*:*:*:*:*:*:*", - "matchCriteriaId": "FBBAE927-0B79-4EFA-BC6B-08134B03DAB6" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.12.4.8:*:*:*:*:*:*:*", - "matchCriteriaId": "3B9CA5A8-6C58-44DA-8786-0A1784D73A0E" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.12.4.10:*:*:*:*:*:*:*", - "matchCriteriaId": "42E47AFC-3BC4-4B8D-AC45-D71A0DB8937C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.12.4.13:*:*:*:*:*:*:*", - "matchCriteriaId": "A81420A1-7B35-4C48-AF03-82F0ACDEC038" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.12.4.18:*:*:*:*:*:*:*", - "matchCriteriaId": "7FAC37E6-81AC-4B7C-9C8B-EE9AFB4EF36B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.12.4.24:*:*:*:*:*:*:*", - "matchCriteriaId": "CD9D1E08-2203-4C5D-A6CA-1041312AAAC2" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.12.4.26:*:*:*:*:*:*:*", - "matchCriteriaId": "874B8CDA-1A5B-4F26-B7DF-34204FD481CD" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.12.4.29:*:*:*:*:*:*:*", - "matchCriteriaId": "D9C2D047-BE9B-4A8C-A34E-77D9F1E4EEA4" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.12.4.30:*:*:*:*:*:*:*", - "matchCriteriaId": "D0481146-DDE9-4B0A-907E-867CCCA79F8E" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.12.4.35:*:*:*:*:*:*:*", - "matchCriteriaId": "EA8D47A5-60F7-48F7-B8D1-BCE9E9976CFE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.12.4.37:*:*:*:*:*:*:*", - "matchCriteriaId": "6362C627-390E-4183-B6D2-981E0EA1C89F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.12.4.38:*:*:*:*:*:*:*", - "matchCriteriaId": "B3D4927A-2CC4-4BAD-B365-4844FDE85583" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.12.4.39:*:*:*:*:*:*:*", - "matchCriteriaId": "D1733786-193E-4107-A3E7-A640905A14EF" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.12.4.40:*:*:*:*:*:*:*", - "matchCriteriaId": "A9272CE2-6C53-4486-BBC5-1DABBBA3E609" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.12.4.41:*:*:*:*:*:*:*", - "matchCriteriaId": "44DD2A20-7E82-41D7-8DF0-5C4EF7550159" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.12.4.47:*:*:*:*:*:*:*", - "matchCriteriaId": "54039A5F-6CF5-45C5-A34E-5426BD5BBDE9" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.12.4.48:*:*:*:*:*:*:*", - "matchCriteriaId": "9A4B5CFF-9F97-4F99-A07A-5E18019DB2DD" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.12.4.50:*:*:*:*:*:*:*", - "matchCriteriaId": "47C355F9-7B58-4CA6-AE00-7D985E2C647F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.12.4.52:*:*:*:*:*:*:*", - "matchCriteriaId": "0A2A893A-99DD-4892-9771-65BD52C6596A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.12.4.54:*:*:*:*:*:*:*", - "matchCriteriaId": "56279156-4E4C-4CEC-869A-E244CDC320FB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.12.4.55:*:*:*:*:*:*:*", - "matchCriteriaId": "D984A56E-7B51-4D35-94AC-0395409C9E07" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.12.4.56:*:*:*:*:*:*:*", - "matchCriteriaId": "F56FB13C-1AF0-411E-B341-7BAFF75B79B2" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.12.4.58:*:*:*:*:*:*:*", - "matchCriteriaId": "C0C8EF96-D9CB-44A6-A4DA-81C24319D6EA" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.14.1:*:*:*:*:*:*:*", - "matchCriteriaId": "22038B43-6CE2-413A-8334-32BF9137E574" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.14.1.6:*:*:*:*:*:*:*", - "matchCriteriaId": "15464E33-3166-4401-993D-FEB12DBF0CC1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.14.1.10:*:*:*:*:*:*:*", - "matchCriteriaId": "0BEAC68D-1A73-492B-A932-50048090A855" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.14.1.15:*:*:*:*:*:*:*", - "matchCriteriaId": "82EB29B3-F12B-41DC-B573-3FFC0EB9D26B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.14.1.19:*:*:*:*:*:*:*", - "matchCriteriaId": "41F732E6-A003-4B38-9057-A962C7EDFC6D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.14.1.30:*:*:*:*:*:*:*", - "matchCriteriaId": "1AF57890-3CD7-41A3-A93A-4E3609CA1BF1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.14.2:*:*:*:*:*:*:*", - "matchCriteriaId": "D2183862-4E0A-4046-AA22-53B8CFFAE9C9" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.14.2.4:*:*:*:*:*:*:*", - "matchCriteriaId": "B87C2BF2-D4F5-43FD-805C-B93D752ABAD6" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.14.2.8:*:*:*:*:*:*:*", - "matchCriteriaId": "21AF5911-BFE9-414B-AD39-F1E2E06377C7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.14.2.13:*:*:*:*:*:*:*", - "matchCriteriaId": "02C8586E-8BBE-45FA-80AA-5C1F2AC79BD5" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.14.2.15:*:*:*:*:*:*:*", - "matchCriteriaId": "4726A373-71E1-4E12-BEBB-62DF6293B45B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.14.3:*:*:*:*:*:*:*", - "matchCriteriaId": "03F02586-FB92-4A39-8141-A9BD55C52D6B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.14.3.1:*:*:*:*:*:*:*", - "matchCriteriaId": "D66B0B2F-B191-47A2-917E-AC4616CC39AE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.14.3.9:*:*:*:*:*:*:*", - "matchCriteriaId": "88A3E2E8-2E7E-469F-B396-902706C5863F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.14.3.11:*:*:*:*:*:*:*", - "matchCriteriaId": "E247E151-E5C3-4A39-AA3F-BA77FBD743D0" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.14.3.13:*:*:*:*:*:*:*", - "matchCriteriaId": "73F35B92-5A4B-4194-A7F0-721E12F7A427" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.14.3.15:*:*:*:*:*:*:*", - "matchCriteriaId": "D7F58F94-4010-4B3F-BD37-5DB291BFC082" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.14.3.18:*:*:*:*:*:*:*", - "matchCriteriaId": "756045B0-6A52-4B98-9EE3-455A71F39034" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.14.4:*:*:*:*:*:*:*", - "matchCriteriaId": "E2B09FED-126F-494A-BCAD-01B020B1C1B4" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.14.4.6:*:*:*:*:*:*:*", - "matchCriteriaId": "06B44703-0EDC-4E7C-B381-8016F354A3AF" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.14.4.7:*:*:*:*:*:*:*", - "matchCriteriaId": "71F1C7CE-8BFD-4270-BFE3-5479D6712484" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.14.4.12:*:*:*:*:*:*:*", - "matchCriteriaId": "F1E9D7E5-8A81-432F-8B17-6CF95B2622B1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.14.4.13:*:*:*:*:*:*:*", - "matchCriteriaId": "DFF2AF6B-13FD-4EED-8A53-FE417BDFF9AE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.14.4.14:*:*:*:*:*:*:*", - "matchCriteriaId": "CBBBB059-A956-4C74-A4F4-1D1BEA5C42E5" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.14.4.15:*:*:*:*:*:*:*", - "matchCriteriaId": "DF3512B9-0995-4004-B6FB-921A01B48F59" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.14.4.17:*:*:*:*:*:*:*", - "matchCriteriaId": "9A95F782-0124-427A-B838-CE16730537F0" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.14.4.22:*:*:*:*:*:*:*", - "matchCriteriaId": "F328B623-F3E2-4EBF-86F8-854F8E683F22" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.14.4.23:*:*:*:*:*:*:*", - "matchCriteriaId": "BCD6F39C-4558-4A2B-95D0-F0C0EB691933" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.15.1:*:*:*:*:*:*:*", - "matchCriteriaId": "E02DCB5D-818B-498E-B077-6C73568EC7A9" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.15.1.1:*:*:*:*:*:*:*", - "matchCriteriaId": "8C65E767-7E10-45CE-B46D-32A512D37E02" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.15.1.7:*:*:*:*:*:*:*", - "matchCriteriaId": "E9B33FEB-0DB6-4F2F-BCB8-67CB26C5F127" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.15.1.10:*:*:*:*:*:*:*", - "matchCriteriaId": "03700A91-CFC9-4038-AEC6-1D693F2577C7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.15.1.15:*:*:*:*:*:*:*", - "matchCriteriaId": "929439FB-D5E7-4E13-979B-8F0E407E17B9" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.15.1.16:*:*:*:*:*:*:*", - "matchCriteriaId": "C107667C-A223-4EA1-ABB0-45E0AC6E0A1C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.15.1.17:*:*:*:*:*:*:*", - "matchCriteriaId": "143F8F07-9B3B-4015-AC57-B17F007D92E1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.15.1.21:*:*:*:*:*:*:*", - "matchCriteriaId": "A963BCC1-C1EF-4294-AF84-6969807E9B60" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.16.1:*:*:*:*:*:*:*", - "matchCriteriaId": "52E31CF5-7241-4DC5-97F9-C2EFC9E44A90" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.16.1.28:*:*:*:*:*:*:*", - "matchCriteriaId": "D0D20C10-2129-4AEE-87A1-05BD05690823" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.16.2:*:*:*:*:*:*:*", - "matchCriteriaId": "1D84F31E-6830-4B79-BC20-584E622E3861" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.16.2.3:*:*:*:*:*:*:*", - "matchCriteriaId": "2A45DA2B-089E-476D-B2B5-18337AA54B6C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.16.2.7:*:*:*:*:*:*:*", - "matchCriteriaId": "4CA21B4B-0D0D-4F43-AC83-D979EFCCCBAD" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.16.2.11:*:*:*:*:*:*:*", - "matchCriteriaId": "8D06B1D5-4CDE-406C-A667-1A2226B5229A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.16.2.13:*:*:*:*:*:*:*", - "matchCriteriaId": "01C7232A-EDE8-4AF1-BEF0-B1E32CB7FA3C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.16.2.14:*:*:*:*:*:*:*", - "matchCriteriaId": "B727AF3E-0332-4708-A791-07609C159B3D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.16.3:*:*:*:*:*:*:*", - "matchCriteriaId": "0FB43006-7ADB-4A2A-9F25-2AA15EFF12A9" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.16.3.3:*:*:*:*:*:*:*", - "matchCriteriaId": "C9AD0F0D-4E30-42ED-AAD5-2B910703E92D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.16.3.14:*:*:*:*:*:*:*", - "matchCriteriaId": "381D4076-593A-4A0B-B889-2A7A24566E0A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.16.3.15:*:*:*:*:*:*:*", - "matchCriteriaId": "795BFE71-D25D-4B46-BCCC-F130BEEA4244" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.16.3.19:*:*:*:*:*:*:*", - "matchCriteriaId": "1E77F26B-0367-4242-BB76-87CC94E5586C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.16.3.23:*:*:*:*:*:*:*", - "matchCriteriaId": "1EFBEFEC-27C0-40A9-82EC-FCC32656C2E1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.16.4:*:*:*:*:*:*:*", - "matchCriteriaId": "DEF1F7B4-E4EC-4A4B-9E1A-3DD040CB1336" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.16.4.9:*:*:*:*:*:*:*", - "matchCriteriaId": "4D9F9738-5EAA-4A38-928F-83386F37042E" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.16.4.14:*:*:*:*:*:*:*", - "matchCriteriaId": "5E0C8A97-27C9-4DB0-A6B4-A281741DAF88" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.16.4.18:*:*:*:*:*:*:*", - "matchCriteriaId": "1C460231-555D-4AB8-A262-F26CB2CC48D0" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.16.4.19:*:*:*:*:*:*:*", - "matchCriteriaId": "848C6044-C8DF-4BA3-9C58-096AC6C847DC" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.16.4.27:*:*:*:*:*:*:*", - "matchCriteriaId": "E9CDBB14-52F1-4FD7-8971-433650DF9944" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.16.4.38:*:*:*:*:*:*:*", - "matchCriteriaId": "9535E887-28C2-4F4D-BDAE-6FD2ECCDC26E" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.17.1:*:*:*:*:*:*:*", - "matchCriteriaId": "1D5859D3-D831-44BB-A72C-E2509054BB6B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.17.1.7:*:*:*:*:*:*:*", - "matchCriteriaId": "B2C7225F-B430-48DF-ACFF-61687A4A2448" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.17.1.9:*:*:*:*:*:*:*", - "matchCriteriaId": "F02E16DE-FF05-4629-90E5-C26077BA9100" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.17.1.10:*:*:*:*:*:*:*", - "matchCriteriaId": "113B5A3A-C36B-4A5E-8B24-D7706F496DAF" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.17.1.11:*:*:*:*:*:*:*", - "matchCriteriaId": "D086EF92-21C5-4F14-BEBB-A35648E6DA1C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.17.1.13:*:*:*:*:*:*:*", - "matchCriteriaId": "6D758AFC-A874-4137-800A-B8E1630DAA81" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.17.1.15:*:*:*:*:*:*:*", - "matchCriteriaId": "F7AA2E52-0636-47E4-BA09-BAAACE9C9DC1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.17.1.20:*:*:*:*:*:*:*", - "matchCriteriaId": "FC35A95F-6F7D-4767-856D-7CE8D214520F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.17.1.30:*:*:*:*:*:*:*", - "matchCriteriaId": "AC285311-2538-4337-B87F-50264DC2F7CE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.18.1:*:*:*:*:*:*:*", - "matchCriteriaId": "063B39F3-7D62-4E4A-864A-54EF5ADA46F5" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.18.1.3:*:*:*:*:*:*:*", - "matchCriteriaId": "BE8AF564-B9A1-4236-BFED-C42B759EA1D4" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.18.2:*:*:*:*:*:*:*", - "matchCriteriaId": "D0DBA7D1-6CFF-45BC-9342-8079E4624552" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.18.2.5:*:*:*:*:*:*:*", - "matchCriteriaId": "7748A078-8185-4C38-A47E-C44105C3EE3D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.18.2.7:*:*:*:*:*:*:*", - "matchCriteriaId": "FB406721-7B8D-48EC-9521-AC74D3877AF2" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.18.2.8:*:*:*:*:*:*:*", - "matchCriteriaId": "65D5E552-2677-4E8E-809E-53A6B1889154" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.18.3:*:*:*:*:*:*:*", - "matchCriteriaId": "EFDDE002-A886-4C6D-9373-7FEB4D6B6A4B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.18.3.39:*:*:*:*:*:*:*", - "matchCriteriaId": "28FA58BD-B33E-45EC-AA58-A33CEC12C6BE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.18.3.46:*:*:*:*:*:*:*", - "matchCriteriaId": "373DE7AE-EF8A-47C2-8BAF-25E6C762EEB3" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.18.3.53:*:*:*:*:*:*:*", - "matchCriteriaId": "2973DA5E-B5EE-430F-93CD-E9288C5BF3FA" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.18.3.55:*:*:*:*:*:*:*", - "matchCriteriaId": "F9362F3E-9E96-47D0-B059-A4A350E2BC77" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.19.1:*:*:*:*:*:*:*", - "matchCriteriaId": "98FFEC19-5D89-414A-94C4-744C72E057B0" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.19.1.5:*:*:*:*:*:*:*", - "matchCriteriaId": "09635D47-0FD8-46EE-ADF8-D7C191C67F19" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.19.1.9:*:*:*:*:*:*:*", - "matchCriteriaId": "2678EC5C-F330-485E-9901-2AB410E10581" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.19.1.12:*:*:*:*:*:*:*", - "matchCriteriaId": "D1EC0911-A71B-43CC-8C48-0292E518E157" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:9.19.1.18:*:*:*:*:*:*:*", - "matchCriteriaId": "2BE9BF7D-C928-402C-A90D-B35AF4210B7F" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/sec.cloudapps.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-asaftd-ravpn-auth-8LyfCkeC", - "source": "ykramarz@cisco.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-38484", - "sourceIdentifier": "security-alert@hpe.com", - "published": "2023-09-06T18:15:08.393", - "lastModified": "2023-09-15T14:19:09.023", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Vulnerabilities exist in the BIOS implementation of Aruba 9200 and 9000 Series Controllers and Gateways that could allow an attacker to execute arbitrary code early in the boot sequence. An attacker could exploit this vulnerability to gain access to and change underlying sensitive information in the affected controller leading to complete system compromise." - }, - { - "lang": "es", - "value": "Existen vulnerabilidades en la implementación de la BIOS de los Controladores y Gateways de las Series 9200 y 9000 de Aruba que podrían permitir a un atacante ejecutar código arbitrario en las primeras etapas de la secuencia de inicio. Un atacante podría aprovechar esta vulnerabilidad para obtener acceso y cambiar información sensible subyacente en el controlador afectado, lo que comprometería completamente el sistema." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:H\/PR:H\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "HIGH", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 6.4, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 0.5, - "impactScore": 5.9 - }, - { - "source": "security-alert@hpe.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:H\/PR:H\/UI:N\/S:C\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "HIGH", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "CHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.0, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.3, - "impactScore": 6.0 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-94" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*", - "versionStartIncluding": "8.6.0.0", - "versionEndExcluding": "8.6.0.22", - "matchCriteriaId": "ADB9BE64-9455-46B2-80C8-BD9B88A8F372" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*", - "versionStartIncluding": "8.10.0.0", - "versionEndExcluding": "8.10.0.7", - "matchCriteriaId": "48293E3F-C6BD-4875-8C7A-67ED41B7C18D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*", - "versionStartIncluding": "8.11.0.0", - "versionEndExcluding": "8.11.1.1", - "matchCriteriaId": "A22E7E61-B318-47C8-8C72-498A17031997" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*", - "versionStartIncluding": "10.4.0.0", - "versionEndExcluding": "10.4.0.2", - "matchCriteriaId": "6418722E-304A-46EF-8D9E-EB42596F0DFC" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:arubanetworks:9004:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CFA13FF5-7C60-48B4-AF46-18A9F19D5D42" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:arubanetworks:9004-lte:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0B1EB3D9-77B5-4DBE-9518-23DD0DA06BC9" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:arubanetworks:9012:-:*:*:*:*:*:*:*", - "matchCriteriaId": "17162DB3-973E-47C6-9157-39A0E94603F2" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:arubanetworks:9240:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A6BF9E0D-630F-40B4-9109-560CA13C981B" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.arubanetworks.com\/assets\/alert\/ARUBA-PSA-2023-014.txt", - "source": "security-alert@hpe.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-38485", - "sourceIdentifier": "security-alert@hpe.com", - "published": "2023-09-06T18:15:08.480", - "lastModified": "2023-09-15T17:40:14.727", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Vulnerabilities exist in the BIOS implementation of Aruba 9200 and 9000 Series Controllers and Gateways that could allow an attacker to execute arbitrary code early in the boot sequence. An attacker could exploit this vulnerability to gain access to and change underlying sensitive information in the affected controller leading to complete system compromise." - }, - { - "lang": "es", - "value": "Existen vulnerabilidades en la implementación del BIOS de los Controladores y Gateways de las Series 9200 y 9000 de Aruba que podrían permitir a un atacante ejecutar código arbitrario en las primeras etapas de la secuencia de inicio. Un atacante podría aprovechar esta vulnerabilidad para obtener acceso y cambiar información sensible subyacente en el controlador afectado, lo que comprometería completamente el sistema." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:H\/PR:H\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "HIGH", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 6.4, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 0.5, - "impactScore": 5.9 - }, - { - "source": "security-alert@hpe.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:H\/PR:H\/UI:N\/S:C\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "HIGH", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "CHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.0, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.3, - "impactScore": 6.0 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-787" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*", - "versionStartIncluding": "8.6.0.0", - "versionEndExcluding": "8.6.0.22", - "matchCriteriaId": "ADB9BE64-9455-46B2-80C8-BD9B88A8F372" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*", - "versionStartIncluding": "8.10.0.0", - "versionEndExcluding": "8.10.0.7", - "matchCriteriaId": "48293E3F-C6BD-4875-8C7A-67ED41B7C18D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*", - "versionStartIncluding": "8.11.0.0", - "versionEndExcluding": "8.11.1.1", - "matchCriteriaId": "A22E7E61-B318-47C8-8C72-498A17031997" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*", - "versionStartIncluding": "10.4.0.0", - "versionEndExcluding": "10.4.0.2", - "matchCriteriaId": "6418722E-304A-46EF-8D9E-EB42596F0DFC" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:arubanetworks:9004:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CFA13FF5-7C60-48B4-AF46-18A9F19D5D42" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:arubanetworks:9004-lte:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0B1EB3D9-77B5-4DBE-9518-23DD0DA06BC9" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:arubanetworks:9012:-:*:*:*:*:*:*:*", - "matchCriteriaId": "17162DB3-973E-47C6-9157-39A0E94603F2" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:arubanetworks:9240:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A6BF9E0D-630F-40B4-9109-560CA13C981B" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.arubanetworks.com\/assets\/alert\/ARUBA-PSA-2023-014.txt", - "source": "security-alert@hpe.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-38486", - "sourceIdentifier": "security-alert@hpe.com", - "published": "2023-09-06T18:15:08.547", - "lastModified": "2023-09-15T17:39:43.697", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "A vulnerability in the secure boot implementation on affected Aruba 9200 and 9000 Series Controllers and Gateways allows an attacker to bypass security controls which would normally prohibit unsigned kernel images from executing. An attacker can use this vulnerability to execute arbitrary runtime operating systems, including unverified and unsigned OS images." - }, - { - "lang": "es", - "value": "Una vulnerabilidad en la implementación de arranque seguro en los Controladores y Gateways de las Series Aruba 9200 y 9000 afectados permite a un atacante eludir los controles de seguridad que normalmente prohibirían la ejecución de imágenes del kernel sin firmar. Un atacante puede utilizar esta vulnerabilidad para ejecutar sistemas operativos en tiempo de ejecución arbitrarios, incluidas imágenes de sistema operativo no verificadas y sin firmar." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:H\/PR:H\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "HIGH", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 6.4, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 0.5, - "impactScore": 5.9 - }, - { - "source": "security-alert@hpe.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:H\/PR:H\/UI:N\/S:C\/C:H\/I:H\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "HIGH", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "CHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "NONE", - "baseScore": 7.7, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.3, - "impactScore": 5.8 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-863" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*", - "versionStartIncluding": "8.6.0.0", - "versionEndExcluding": "8.6.0.22", - "matchCriteriaId": "ADB9BE64-9455-46B2-80C8-BD9B88A8F372" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*", - "versionStartIncluding": "8.10.0.0", - "versionEndExcluding": "8.10.0.7", - "matchCriteriaId": "48293E3F-C6BD-4875-8C7A-67ED41B7C18D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*", - "versionStartIncluding": "8.11.0.0", - "versionEndExcluding": "8.11.1.1", - "matchCriteriaId": "A22E7E61-B318-47C8-8C72-498A17031997" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*", - "versionStartIncluding": "10.4.0.0", - "versionEndExcluding": "10.4.0.2", - "matchCriteriaId": "6418722E-304A-46EF-8D9E-EB42596F0DFC" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:arubanetworks:9004:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CFA13FF5-7C60-48B4-AF46-18A9F19D5D42" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:arubanetworks:9004-lte:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0B1EB3D9-77B5-4DBE-9518-23DD0DA06BC9" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:arubanetworks:9012:-:*:*:*:*:*:*:*", - "matchCriteriaId": "17162DB3-973E-47C6-9157-39A0E94603F2" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:h:arubanetworks:9240:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A6BF9E0D-630F-40B4-9109-560CA13C981B" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.arubanetworks.com\/assets\/alert\/ARUBA-PSA-2023-014.txt", - "source": "security-alert@hpe.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-39511", - "sourceIdentifier": "security-advisories@github.com", - "published": "2023-09-06T18:15:08.627", - "lastModified": "2023-11-03T21:15:15.240", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability which allows an authenticated user to poison data stored in the _cacti_'s database. These data will be viewed by administrative _cacti_ accounts and execute JavaScript code in the victim's browser at view-time. The script under `reports_admin.php` displays reporting information about graphs, devices, data sources etc. _CENSUS_ found that an adversary that is able to configure a malicious device name, related to a graph attached to a report, can deploy a stored XSS attack against any super user who has privileges of viewing the `reports_admin.php` page, such as administrative accounts. A user that possesses the _General Administration>Sites\/Devices\/Data_ permissions can configure the device names in _cacti_. This configuration occurs through `http:\/\/\/cacti\/host.php`, while the rendered malicious payload is exhibited at `http:\/\/\/cacti\/reports_admin.php` when the a graph with the maliciously altered device name is linked to the report. This issue has been addressed in version 1.2.25. Users are advised to upgrade. Users unable to upgrade should manually filter HTML output.\n" - }, - { - "lang": "es", - "value": "Cacti es un framework de gestión de fallas y monitoreo operativo de código abierto. Las versiones afectadas están sujetas a una vulnerabilidad de Cross-Site-Scripting (XSS) almacenada que permite a un usuario autenticado envenenar los datos almacenados en la base de datos de _cacti_. Estos datos serán vistos por cuentas administrativas de _cacti_ y ejecutarán código JavaScript en el navegador de la víctima en el momento de la visualización. El script bajo `reports_admin.php` muestra información de informes sobre gráficos, dispositivos, fuentes de datos, etc. _CENSUS_ descubrió que un adversario que puede configurar un nombre de dispositivo malicioso, relacionado con un gráfico adjunto a un informe, puede implementar un ataque XSS almacenado contra cualquier superusuario que tenga privilegios de ver la página `reports_admin.php`, como cuentas administrativas. Un usuario que posee los permisos _General Administration>Sites\/Devices\/Data_ permissions puede configurar los nombres de los dispositivos en _cacti_. Esta configuración ocurre a través de `http:\/\/\/cacti\/host.php`, mientras que el payload manipulado representado se exhibe en `http:\/\/\/cacti\/reports_admin.php` cuando se muestra un gráfico con el contenido malicioso. El nombre del dispositivo modificado está vinculado al informe. Este problema se solucionó en la versión 1.2.25. Se recomienda a los usuarios que actualicen. Los usuarios que no puedan actualizar deben filtrar manualmente la salida HTML." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:R\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 4.8, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.7, - "impactScore": 2.7 - }, - { - "source": "security-advisories@github.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:R\/S:U\/C:H\/I:H\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "NONE", - "baseScore": 6.1, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 0.9, - "impactScore": 5.2 - } - ] - }, - "weaknesses": [ - { - "source": "security-advisories@github.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-79" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*", - "versionEndExcluding": "1.2.25", - "matchCriteriaId": "11743AE1-4C92-47E9-BDA5-764FE3984CE8" - } - ] - } - ] - }, - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", - "matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*", - "matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/github.com\/Cacti\/cacti\/security\/advisories\/GHSA-5hpr-4hhc-8q42", - "source": "security-advisories@github.com", - "tags": [ - "Exploit", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH\/", - "source": "security-advisories@github.com", - "tags": [ - "Mailing List" - ] - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH\/", - "source": "security-advisories@github.com" - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN\/", - "source": "security-advisories@github.com", - "tags": [ - "Mailing List" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-41050", - "sourceIdentifier": "security-advisories@github.com", - "published": "2023-09-06T18:15:08.847", - "lastModified": "2023-09-13T02:47:08.580", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "AccessControl provides a general security framework for use in Zope. Python's \"format\" functionality allows someone controlling the format string to \"read\" objects accessible (recursively) via attribute access and subscription from accessible objects. Those attribute accesses and subscriptions use Python's full blown `getattr` and `getitem`, not the policy restricted `AccessControl` variants `_getattr_` and `_getitem_`. This can lead to critical information disclosure. `AccessControl` already provides a safe variant for `str.format` and denies access to `string.Formatter`. However, `str.format_map` is still unsafe. Affected are all users who allow untrusted users to create `AccessControl` controlled Python code and execute it. A fix has been introduced in versions 4.4, 5.8 and 6.2. Users are advised to upgrade. There are no known workarounds for this vulnerability." - }, - { - "lang": "es", - "value": "AccessControl proporciona un marco de seguridad general para su uso en Zope. La funcionalidad \"format\" de Python permite que alguien que controle la cadena de formato \"lea\" objetos accesibles (recursivamente) mediante acceso a atributos y suscripción desde objetos accesibles. Esos accesos a atributos y suscripciones utilizan las variantes `getattr` y `getitem` completas de Python, no las variantes `_getattr_` y `_getitem_` restringidas por políticas de `AccessControl`. Esto puede conducir a la divulgación de información crítica. `AccessControl` ya proporciona una variante segura para `str.format` y niega el acceso a `string.Formatter`. Sin embargo, `str.format_map` todavía no es seguro. Los afectados son todos los usuarios que permiten a usuarios no confiables crear código Python controlado por `AccessControl` y ejecutarlo. Se ha introducido una solución en las versiones 4.4, 5.8 y 6.2. Se recomienda a los usuarios que actualicen. No se conocen workarounds para esta vulnerabilidad." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:C\/C:H\/I:N\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "CHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 7.7, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 3.1, - "impactScore": 4.0 - }, - { - "source": "security-advisories@github.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:N\/S:C\/C:H\/I:N\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "CHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 6.8, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.3, - "impactScore": 4.0 - } - ] - }, - "weaknesses": [ - { - "source": "security-advisories@github.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-200" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:zope:accesscontrol:*:*:*:*:*:*:*:*", - "versionEndExcluding": "4.4", - "matchCriteriaId": "80528419-1860-4426-8384-A9DC16FF770F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:zope:accesscontrol:*:*:*:*:*:*:*:*", - "versionStartIncluding": "5.0", - "versionEndExcluding": "5.8", - "matchCriteriaId": "3E2BAF08-A726-4A9F-909D-733829F76FA2" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:zope:accesscontrol:*:*:*:*:*:*:*:*", - "versionStartIncluding": "6.0", - "versionEndExcluding": "6.2", - "matchCriteriaId": "B49795D9-E2CD-4F45-A486-3B8D199BE3CC" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:zope:zope:*:*:*:*:*:*:*:*", - "versionEndExcluding": "4.8.9", - "matchCriteriaId": "9EABFCB8-F6C1-4425-B7D4-3241531B0FC6" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:zope:zope:*:*:*:*:*:*:*:*", - "versionStartIncluding": "5.0", - "versionEndExcluding": "5.8.4", - "matchCriteriaId": "373E139B-C96D-4CDA-8961-284CCE134B0D" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/github.com\/zopefoundation\/AccessControl\/commit\/6bc32692e0d4b8d5cf64eae3d19de987c7375bc9", - "source": "security-advisories@github.com", - "tags": [ - "Patch" - ] - }, - { - "url": "https:\/\/github.com\/zopefoundation\/AccessControl\/security\/advisories\/GHSA-8xv7-89vj-q48c", - "source": "security-advisories@github.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-41319", - "sourceIdentifier": "security-advisories@github.com", - "published": "2023-09-06T18:15:08.937", - "lastModified": "2023-09-13T14:25:28.587", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Fides is an open-source privacy engineering platform for managing the fulfillment of data privacy requests in a runtime environment, and the enforcement of privacy regulations in code. The Fides webserver API allows custom integrations to be uploaded as a ZIP file. This ZIP file must contain YAML files, but Fides can be configured to also accept the inclusion of custom Python code in it. The custom code is executed in a restricted, sandboxed environment, but the sandbox can be bypassed to execute any arbitrary code. The vulnerability allows the execution of arbitrary code on the target system within the context of the webserver python process owner on the webserver container, which by default is `root`, and leverage that access to attack underlying infrastructure and integrated systems. This vulnerability affects Fides versions `2.11.0` through `2.19.0`. Exploitation is limited to API clients with the `CONNECTOR_TEMPLATE_REGISTER` authorization scope. In the Fides Admin UI this scope is restricted to highly privileged users, specifically root users and users with the owner role. Exploitation is only possible if the security configuration parameter `allow_custom_connector_functions` is enabled by the user deploying the Fides webserver container, either in `fides.toml` or by setting the env var `FIDES__SECURITY__ALLOW_CUSTOM_CONNECTOR_FUNCTIONS=True`. By default this configuration parameter is disabled. The vulnerability has been patched in Fides version `2.19.0`. Users are advised to upgrade to this version or later to secure their systems against this threat. Users unable to upgrade should ensure that `allow_custom_connector_functions` in `fides.toml` and the `FIDES__SECURITY__ALLOW_CUSTOM_CONNECTOR_FUNCTIONS` are both either unset or explicit set to `False`." - }, - { - "lang": "es", - "value": "Fides es una plataforma de ingeniería de privacidad de código abierto para gestionar el cumplimiento de solicitudes de privacidad de datos en un entorno de ejecución y la aplicación de regulaciones de privacidad en código. La API del servidor web de Fides permite cargar integraciones personalizadas como un archivo ZIP. Este archivo ZIP debe contener archivos YAML, pero Fides se puede configurar para que también acepte la inclusión de código Python personalizado. El código personalizado se ejecuta en un entorno restringido y aislado, pero el entorno aislado se puede omitir para ejecutar cualquier código arbitrario. La vulnerabilidad permite la ejecución de código arbitrario en el sistema de destino dentro del contexto del propietario del proceso Python del servidor web en el contenedor del servidor web, que de forma predeterminada es \"root\", y aprovecha ese acceso para atacar la infraestructura subyacente y los sistemas integrados. Esta vulnerabilidad afecta a las versiones de Fides `2.11.0` hasta la `2.19.0`. La explotación está limitada a clientes API con el alcance de autorización `CONNECTOR_TEMPLATE_REGISTER`. En la interfaz de usuario de administración de Fides, este alcance está restringido a usuarios con privilegios elevados, específicamente usuarios root y usuarios con rol de propietario. La explotación solo es posible si el parámetro de configuración de seguridad `allow_custom_connector_functions` está habilitado por el usuario que implementa el contenedor del servidor web Fides, ya sea en `fides.toml` o estableciendo la variable env `FIDES__SECURITY__ALLOW_CUSTOM_CONNECTOR_FUNCTIONS=True`. Por defecto este parámetro de configuración está deshabilitado. La vulnerabilidad ha sido parcheada en la versión `2.19.0` de Fides. Se recomienda a los usuarios que actualicen a esta versión o posterior para proteger sus sistemas contra esta amenaza. Los usuarios que no puedan actualizar deben asegurarse de que `allow_custom_connector_functions` en `fides.toml` y `FIDES__SECURITY__ALLOW_CUSTOM_CONNECTOR_FUNCTIONS` no estén configurados o estén configurados explícitamente en `False`." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.2, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.2, - "impactScore": 5.9 - }, - { - "source": "security-advisories@github.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "security-advisories@github.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-693" - }, - { - "lang": "en", - "value": "CWE-94" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:ethyca:fides:*:*:*:*:*:*:*:*", - "versionStartIncluding": "2.11.0", - "versionEndExcluding": "2.19.0", - "matchCriteriaId": "7987098A-C17F-4C91-9406-7B5BAD1786DD" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/github.com\/ethyca\/fides\/commit\/5989b5fa744c8d8c340963b895a054883549358a", - "source": "security-advisories@github.com", - "tags": [ - "Patch" - ] - }, - { - "url": "https:\/\/github.com\/ethyca\/fides\/security\/advisories\/GHSA-p6p2-qq95-vq5h", - "source": "security-advisories@github.com", - "tags": [ - "Mitigation", - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-41328", - "sourceIdentifier": "security-advisories@github.com", - "published": "2023-09-06T18:15:09.047", - "lastModified": "2023-09-11T18:05:46.093", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Frappe is a low code web framework written in Python and Javascript. A SQL Injection vulnerability has been identified in the Frappe Framework which could allow a malicious actor to access sensitive information. This issue has been addressed in versions 13.46.1 and 14.20.0. Users are advised to upgrade. There's no workaround to fix this without upgrading." - }, - { - "lang": "es", - "value": "Frappe es un framework web de código bajo escrito en Python y Javascript. Se ha identificado una vulnerabilidad de inyección SQL en Frappe Framework que podría permitir a un actor malintencionado acceder a información confidencial. Este problema se ha solucionado en las versiones 13.46.1 y 14.20.0. Se recomienda a los usuarios que actualicen. No hay ningún workaround para solucionar esto sin actualizar." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:N\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 7.5, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - }, - { - "source": "security-advisories@github.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:H\/PR:L\/UI:N\/S:U\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "HIGH", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 4.2, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.6, - "impactScore": 2.5 - } - ] - }, - "weaknesses": [ - { - "source": "security-advisories@github.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-89" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:frappe:frappe:*:*:*:*:*:*:*:*", - "versionEndExcluding": "13.46.1", - "matchCriteriaId": "418BFA9F-DE58-440C-BC07-A7195C346BE5" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:frappe:frappe:*:*:*:*:*:*:*:*", - "versionStartIncluding": "14.0.0", - "versionEndExcluding": "14.20.0", - "matchCriteriaId": "257F1200-5913-42A0-B2FF-C9B7A5FDC7DD" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/github.com\/frappe\/frappe\/releases\/tag\/v13.46.1", - "source": "security-advisories@github.com", - "tags": [ - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/github.com\/frappe\/frappe\/releases\/tag\/v14.20.0", - "source": "security-advisories@github.com", - "tags": [ - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/github.com\/frappe\/frappe\/security\/advisories\/GHSA-53wh-f67g-9679", - "source": "security-advisories@github.com", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-41330", - "sourceIdentifier": "security-advisories@github.com", - "published": "2023-09-06T18:15:09.153", - "lastModified": "2023-09-12T20:42:58.853", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "knplabs\/knp-snappy is a PHP library allowing thumbnail, snapshot or PDF generation from a url or a html page.\n## Issue\n\nOn March 17th the vulnerability CVE-2023-28115 was disclosed, allowing an attacker to gain remote code execution through PHAR deserialization. Version 1.4.2 added a check `if (\\strpos($filename, 'phar:\/\/') === 0)` in the `prepareOutput` function to resolve this CVE, however if the user is able to control the second parameter of the `generateFromHtml()` function of Snappy, it will then be passed as the `$filename` parameter in the `prepareOutput()` function. In the original vulnerability, a file name with a `phar:\/\/` wrapper could be sent to the `fileExists()` function, equivalent to the `file_exists()` PHP function. This allowed users to trigger a deserialization on arbitrary PHAR files. To fix this issue, the string is now passed to the `strpos()` function and if it starts with `phar:\/\/`, an exception is raised. However, PHP wrappers being case insensitive, this patch can be bypassed using `PHAR:\/\/` instead of `phar:\/\/`. A successful exploitation of this vulnerability allows executing arbitrary code and accessing the underlying filesystem. The attacker must be able to upload a file and the server must be running a PHP version prior to 8. This issue has been addressed in commit `d3b742d61a` which has been included in version 1.4.3. Users are advised to upgrade. Users unable to upgrade should ensure that only trusted users may submit data to the `AbstractGenerator->generate(...)` function.\n" - }, - { - "lang": "es", - "value": "knplabs\/knp-snappy es una librería PHP que permite la generación de thumbnail, snapshots o PDFs desde una URL o una página HTML. ## El problema que reveló la vulnerabilidad CVE-2023-28115 el 17 de marzo, permite a un atacante obtener la ejecución remota de código mediante la deserialización PHAR. La versión 1.4.2 agregó una verificación `if (\\strpos($filename, 'phar:\/\/') === 0)` en la función `prepareOutput` para resolver este CVE, sin embargo, si el usuario puede controlar el segundo parámetro de la función `generateFromHtml()` de Snappy, luego se pasará como el parámetro `$filename` en la función `prepareOutput()`. En la vulnerabilidad original, un nombre de archivo con un contenedor `phar:\/\/` podría enviarse a la función `fileExists()`, equivalente a la función PHP `file_exists()`. Esto permitió a los usuarios activar una deserialización en archivos PHAR arbitrarios. Para solucionar este problema, la cadena ahora se pasa a la función `strpos()` y si comienza con `phar:\/\/`, se genera una excepción. Sin embargo, como los contenedores de PHP no distinguen entre mayúsculas y minúsculas, este parche se puede omitir usando `PHAR:\/\/` en lugar de `phar:\/\/`. Una explotación exitosa de esta vulnerabilidad permite ejecutar código arbitrario y acceder al sistema de archivos subyacente. El atacante debe poder cargar un archivo y el servidor debe ejecutar una versión de PHP anterior a la 8. Este problema se solucionó en el commit `d3b742d61a` que se incluyó en la versión 1.4.3. Se recomienda a los usuarios que actualicen. Los usuarios que no puedan actualizar deben asegurarse de que solo los usuarios confiables puedan enviar datos a la función `AbstractGenerator->generate(...)`." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL" - }, - "exploitabilityScore": 3.9, - "impactScore": 5.9 - }, - { - "source": "security-advisories@github.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL" - }, - "exploitabilityScore": 3.9, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "security-advisories@github.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-502" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:knplabs:snappy:*:*:*:*:*:*:*:*", - "versionEndExcluding": "1.4.3", - "matchCriteriaId": "C2412BC7-4738-4E4B-9382-9C967F55BEC0" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/github.com\/KnpLabs\/snappy\/commit\/d3b742d61a68bf93866032c2c0a7f1486128b67e", - "source": "security-advisories@github.com", - "tags": [ - "Patch" - ] - }, - { - "url": "https:\/\/github.com\/KnpLabs\/snappy\/security\/advisories\/GHSA-92rv-4j2h-8mjj", - "source": "security-advisories@github.com", - "tags": [ - "Exploit", - "Mitigation", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/github.com\/KnpLabs\/snappy\/security\/advisories\/GHSA-gq6w-q6wh-jggc", - "source": "security-advisories@github.com", - "tags": [ - "Exploit", - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2020-10129", - "sourceIdentifier": "cret@cert.org", - "published": "2023-09-06T19:15:43.727", - "lastModified": "2023-11-07T03:14:06.587", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "SearchBlox before Version 9.2.1 is vulnerable to Privileged Escalation-Lower user is able to access Admin functionality." - }, - { - "lang": "es", - "value": "SearchBlox antes de la versión 9.2.1 es vulnerable a la escalada de privilegios: el usuario sin privilegios puede acceder a la funcionalidad de Administración.\n" - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-269" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:searchblox:searchblox:*:*:*:*:*:*:*:*", - "versionEndExcluding": "9.2.1", - "matchCriteriaId": "5D41ADDB-3434-439B-9BE0-A72BE913E22D" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/developer.searchblox.com\/v9.2\/changelog\/version-91", - "source": "cret@cert.org", - "tags": [ - "Release Notes" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2020-10130", - "sourceIdentifier": "cret@cert.org", - "published": "2023-09-06T19:15:43.847", - "lastModified": "2023-11-07T03:14:06.697", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "SearchBlox before Version 9.1 is vulnerable to business logic bypass where the user is able to create multiple super admin users in the system." - }, - { - "lang": "es", - "value": "SearchBlox antes de la versión 9.1 es vulnerable a la omisión de la lógica empresarial donde el usuario puede crear varios usuarios superadministradores en el sistema.\n" - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-639" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:searchblox:searchblox:*:*:*:*:*:*:*:*", - "versionEndExcluding": "9.1", - "matchCriteriaId": "D217B14E-5241-4ECC-BBC9-DE0C1E7845C5" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/developer.searchblox.com\/v9.2\/changelog\/version-91", - "source": "cret@cert.org", - "tags": [ - "Release Notes" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2020-10131", - "sourceIdentifier": "cret@cert.org", - "published": "2023-09-06T19:15:43.913", - "lastModified": "2023-11-07T03:14:06.803", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "SearchBlox before Version 9.2.1 is vulnerable to CSV macro injection in \"Featured Results\" parameter." - }, - { - "lang": "es", - "value": "SearchBlox antes de la versión 9.2.1 es vulnerable a la inyección de macros CSV en el parámetro \"Featured Results\".\n" - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL" - }, - "exploitabilityScore": 3.9, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-1236" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:searchblox:searchblox:*:*:*:*:*:*:*:*", - "versionEndExcluding": "9.2.1", - "matchCriteriaId": "5D41ADDB-3434-439B-9BE0-A72BE913E22D" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/developer.searchblox.com\/v9.2\/changelog\/version-921", - "source": "cret@cert.org", - "tags": [ - "Release Notes" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2020-10132", - "sourceIdentifier": "cret@cert.org", - "published": "2023-09-06T19:15:43.987", - "lastModified": "2023-11-07T03:14:06.940", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "SearchBlox before Version 9.1 is vulnerable to cross-origin resource sharing misconfiguration." - }, - { - "lang": "es", - "value": "SearchBlox antes de la versión 9.1 es vulnerable a la configuración incorrecta del uso compartido de recursos entre orígenes.\n" - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 6.1, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 2.7 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-79" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:searchblox:searchblox:*:*:*:*:*:*:*:*", - "versionEndExcluding": "9.1", - "matchCriteriaId": "D217B14E-5241-4ECC-BBC9-DE0C1E7845C5" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/developer.searchblox.com\/v9.2\/changelog\/version-91", - "source": "cret@cert.org", - "tags": [ - "Release Notes" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-40591", - "sourceIdentifier": "security-advisories@github.com", - "published": "2023-09-06T19:15:44.100", - "lastModified": "2023-09-12T15:24:11.223", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "go-ethereum (geth) is a golang execution layer implementation of the Ethereum protocol. A vulnerable node, can be made to consume unbounded amounts of memory when handling specially crafted p2p messages sent from an attacker node. The fix is included in geth version `1.12.1-stable`, i.e, `1.12.2-unstable` and onwards. Users are advised to upgrade. There are no known workarounds for this vulnerability.\n" - }, - { - "lang": "es", - "value": "go-ethereum (geth) es una implementación de la capa de ejecución golang del protocolo Ethereum. Se puede hacer que un nodo vulnerable consuma cantidades ilimitadas de memoria cuando se manejan mensajes p2p especialmente manipulados enviados desde un nodo atacante. La corrección se incluye en la versión de geth '1.12.1-stable', es decir, '1.12.2-unstable' y posteriores. Se recomienda a los usuarios que actualicen. No hay workarounds conocidas para esta vulnerabilidad." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:N\/I:N\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "availabilityImpact": "HIGH", - "baseScore": 7.5, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - }, - { - "source": "security-advisories@github.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:N\/I:N\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "availabilityImpact": "HIGH", - "baseScore": 7.5, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "security-advisories@github.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-400" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:ethereum:go_ethereum:*:*:*:*:*:*:*:*", - "versionStartIncluding": "1.10.0", - "versionEndExcluding": "1.12.1", - "matchCriteriaId": "0BB58DD3-06EB-4264-A101-4274CF19120E" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/geth.ethereum.org\/docs\/developers\/geth-developer\/disclosures", - "source": "security-advisories@github.com", - "tags": [ - "Product" - ] - }, - { - "url": "https:\/\/github.com\/ethereum\/go-ethereum\/releases\/tag\/v1.12.1", - "source": "security-advisories@github.com", - "tags": [ - "Release Notes" - ] - }, - { - "url": "https:\/\/github.com\/ethereum\/go-ethereum\/security\/advisories\/GHSA-ppjg-v974-84cm", - "source": "security-advisories@github.com", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-41601", - "sourceIdentifier": "cve@mitre.org", - "published": "2023-09-06T20:15:07.857", - "lastModified": "2023-09-11T18:03:19.453", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Multiple cross-site scripting (XSS) vulnerabilities in install\/index.php of CSZ CMS v1.3.0 allow attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Database Username or Database Host parameters." - }, - { - "lang": "es", - "value": "Múltiples vulnerabilidades de Cross-Site Scripting (XSS) en install\/index.php de CSZ CMS v1.3.0 permiten a los atacantes ejecutar scripts web arbitrarias o HTML a través de un payload manipulado inyectado en los parámetros Nombre de usuario de base de datos o Host de base de datos." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 6.1, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 2.7 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-79" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cszcms:csz_cms:1.3.0:*:*:*:*:*:*:*", - "matchCriteriaId": "B83DE2F9-E5FF-4A78-A40C-AB8CFF373992" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/github.com\/al3zx\/csz_cms_1_3_0_xss_in_install_page\/blob\/main\/README.md", - "source": "cve@mitre.org", - "tags": [ - "Exploit", - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/www.cszcms.com\/", - "source": "cve@mitre.org", - "tags": [ - "Product" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-4809", - "sourceIdentifier": "secteam@freebsd.org", - "published": "2023-09-06T20:15:08.080", - "lastModified": "2023-12-21T22:15:15.217", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "In pf packet processing with a 'scrub fragment reassemble' rule, a packet containing multiple IPv6 fragment headers would be reassembled, and then immediately processed. That is, a packet with multiple fragment extension headers would not be recognized as the correct ultimate payload. Instead a packet with multiple IPv6 fragment headers would unexpectedly be interpreted as a fragmented packet, rather than as whatever the real payload is.\n\n\n\n\nAs a result, IPv6 fragments may bypass pf firewall rules written on the assumption all fragments have been reassembled and, as a result, be forwarded or processed by the host.\n\n" - }, - { - "lang": "es", - "value": "En el procesamiento de paquetes pf con una regla 'scrub fragment reassemble', un paquete que contenga múltiples encabezados de fragmentos IPv6 se reensamblaría y luego se procesaría inmediatamente. Es decir, un paquete con múltiples encabezados de extensión de fragmentos no sería reconocido como el payload final correcto. En cambio, un paquete con múltiples encabezados de fragmentos IPv6 se interpretaría inesperadamente como un paquete fragmentado, en lugar de como cualquier payload real. Como resultado, los fragmentos de IPv6 pueden eludir las reglas del firewall escritas bajo el supuesto de que todos los fragmentos se han reensamblado y, como resultado, el host los reenvía o procesa." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:N\/I:H\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "HIGH", - "availabilityImpact": "NONE", - "baseScore": 7.5, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "NVD-CWE-Other" - } - ] - }, - { - "source": "secteam@freebsd.org", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-167" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*", - "versionEndExcluding": "12.4", - "matchCriteriaId": "A7F6C8B0-9D75-476C-ADBA-754416FBC186" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*", - "versionStartIncluding": "13.0", - "versionEndExcluding": "13.2", - "matchCriteriaId": "BA49E374-9F1A-4F62-B88D-CD36EDEA6060" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:freebsd:freebsd:12.4:-:*:*:*:*:*:*", - "matchCriteriaId": "24920B4D-96C0-401F-B679-BEB086760EAF" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:freebsd:freebsd:12.4:p1:*:*:*:*:*:*", - "matchCriteriaId": "3CE32730-A9F5-4E8D-BDA4-6B8232F84787" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:freebsd:freebsd:12.4:p2:*:*:*:*:*:*", - "matchCriteriaId": "552E81DE-D409-475F-8ED0-E10A0BE43D29" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:freebsd:freebsd:12.4:p3:*:*:*:*:*:*", - "matchCriteriaId": "251CAE22-C3E6-45AD-8301-F36BEE5C6860" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:freebsd:freebsd:12.4:p4:*:*:*:*:*:*", - "matchCriteriaId": "85D94BCA-FA32-4C10-95CD-5D2A69B38A7A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:freebsd:freebsd:12.4:rc2-p1:*:*:*:*:*:*", - "matchCriteriaId": "BA821886-B26B-47A6-ABC9-B8F70CE0ACFB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:freebsd:freebsd:12.4:rc2-p2:*:*:*:*:*:*", - "matchCriteriaId": "220629AD-32CC-4303-86AE-1DD27F0E4C65" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:freebsd:freebsd:13.2:-:*:*:*:*:*:*", - "matchCriteriaId": "A87EFA20-DD6B-41C5-98FD-A29F67D2E732" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:freebsd:freebsd:13.2:p1:*:*:*:*:*:*", - "matchCriteriaId": "2888B0C1-4D85-42EC-9696-03FAD0A9C28F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:freebsd:freebsd:13.2:p2:*:*:*:*:*:*", - "matchCriteriaId": "A3306F11-D3C0-41D6-BB5E-2ABDC3927715" - } - ] - } - ] - } - ], - "references": [ - { - "url": "http:\/\/www.openwall.com\/lists\/oss-security\/2023\/09\/08\/5", - "source": "secteam@freebsd.org", - "tags": [ - "Mailing List", - "Third Party Advisory" - ] - }, - { - "url": "http:\/\/www.openwall.com\/lists\/oss-security\/2023\/09\/08\/6", - "source": "secteam@freebsd.org", - "tags": [ - "Mailing List", - "Third Party Advisory" - ] - }, - { - "url": "http:\/\/www.openwall.com\/lists\/oss-security\/2023\/09\/08\/7", - "source": "secteam@freebsd.org", - "tags": [ - "Mailing List", - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/security.FreeBSD.org\/advisories\/FreeBSD-SA-23:10.pf.asc", - "source": "secteam@freebsd.org", - "tags": [ - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/security.netapp.com\/advisory\/ntap-20231221-0009\/", - "source": "secteam@freebsd.org" - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-23623", - "sourceIdentifier": "security-advisories@github.com", - "published": "2023-09-06T21:15:08.977", - "lastModified": "2023-09-11T19:02:53.833", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. A Content-Security-Policy that disables eval, specifically setting a `script-src` directive and _not_ providing `unsafe-eval` in that directive, is not respected in renderers that have sandbox disabled. i.e. `sandbox: false` in the `webPreferences` object. This allows usage of methods like `eval()` and `new Function` unexpectedly which can result in an expanded attack surface. This issue only ever affected the 22 and 23 major versions of Electron and has been fixed in the latest versions of those release lines. Specifically, these versions contain the fixes: 22.0.1 and 23.0.0-alpha.2 We recommend all apps upgrade to the latest stable version of Electron. If upgrading isn't possible, this issue can be addressed without upgrading by enabling `sandbox: true` on all renderers." - }, - { - "lang": "es", - "value": "Electron es un framework que le permite escribir aplicaciones de escritorio multiplataforma utilizando JavaScript, HTML y CSS. Una política de seguridad de contenido que deshabilita la evaluación, específicamente estableciendo una directiva `script-src` y _no_ proporcionando `unsafe-eval` en esa directiva, no se respeta en los renderizadores que tienen la zona de pruebas deshabilitada. es decir, `sandbox: false` en el objeto `webPreferences`. Esto permite el uso inesperado de métodos como `eval()` y `new Function`, lo que puede resultar en una superficie de ataque ampliada. Este problema solo afectó a las versiones principales 22 y 23 de Electron y se solucionó en las últimas versiones de esas líneas de lanzamiento. Específicamente, estas versiones contienen las correcciones: 22.0.1 y 23.0.0-alpha.2. Recomendamos que todas las aplicaciones actualicen a la última versión estable de Electron. Si no es posible realizar la actualización, este problema se puede solucionar sin realizar la actualización habilitando `sandbox: true` en todos los renderizadores.\n" - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL" - }, - "exploitabilityScore": 3.9, - "impactScore": 5.9 - }, - { - "source": "security-advisories@github.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:H\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "HIGH", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.5, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.6, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "security-advisories@github.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-670" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:electronjs:electron:22.0.0:-:*:*:*:node.js:*:*", - "matchCriteriaId": "EA67DC7F-0492-45A6-A585-C1F6BA8CB125" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:electronjs:electron:22.0.0:beta1:*:*:*:node.js:*:*", - "matchCriteriaId": "8313BBF8-2C7B-471E-B379-E8F587EB4F98" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:electronjs:electron:22.0.0:beta2:*:*:*:node.js:*:*", - "matchCriteriaId": "9B73F495-8C0E-409E-86AC-2FC1A214AA9F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:electronjs:electron:22.0.0:beta3:*:*:*:node.js:*:*", - "matchCriteriaId": "77E1E30F-0BAC-409B-B2D3-FF3B1FDCFE6A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:electronjs:electron:22.0.0:beta4:*:*:*:node.js:*:*", - "matchCriteriaId": "6C556804-A20C-4E9F-8F4D-8E824A0032D8" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:electronjs:electron:22.0.0:beta5:*:*:*:node.js:*:*", - "matchCriteriaId": "F0995881-8E6C-4B2C-9F3A-F10668916039" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:electronjs:electron:22.0.0:beta6:*:*:*:node.js:*:*", - "matchCriteriaId": "EB9BD805-BAC9-425D-A590-28B0FB68C3F0" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:electronjs:electron:22.0.0:beta7:*:*:*:node.js:*:*", - "matchCriteriaId": "197DA034-183C-4407-BD95-B610CBF980A9" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:electronjs:electron:22.0.0:beta8:*:*:*:node.js:*:*", - "matchCriteriaId": "D14A589D-E6F7-4ED7-A123-C83633AC2004" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:electronjs:electron:23.0.0:alpha1:*:*:*:node.js:*:*", - "matchCriteriaId": "8074214C-1787-46B6-A5CC-8DF31BC269EF" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/github.com\/electron\/electron\/security\/advisories\/GHSA-gxh7-wv9q-fwfr", - "source": "security-advisories@github.com", - "tags": [ - "Mitigation", - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-29198", - "sourceIdentifier": "security-advisories@github.com", - "published": "2023-09-06T21:15:11.560", - "lastModified": "2023-09-11T18:58:07.770", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. Electron apps using `contextIsolation` and `contextBridge` are affected. This is a context isolation bypass, meaning that code running in the main world context in the renderer can reach into the isolated Electron context and perform privileged actions. This issue is only exploitable if an API exposed to the main world via `contextBridge` can return an object or array that contains a javascript object which cannot be serialized, for instance, a canvas rendering context. This would normally result in an exception being thrown `Error: object could not be cloned`. The app side workaround is to ensure that such a case is not possible. Ensure all values returned from a function exposed over the context bridge are supported. This issue has been fixed in versions `25.0.0-alpha.2`, `24.0.1`, `23.2.3`, and `22.3.6`." - }, - { - "lang": "es", - "value": "Electron es un framework que le permite escribir aplicaciones de escritorio multiplataforma utilizando JavaScript, HTML y CSS. Las aplicaciones de Electron que usan `contextIsolation` y `contextBridge` se ven afectadas. Se trata de una omisión de aislamiento de contexto, lo que significa que el código que se ejecuta en el contexto mundial principal en el renderizador puede acceder al contexto aislado de Electron y realizar acciones privilegiadas. Este problema solo se puede explotar si una API expuesta al mundo principal a través de `contextBridge` puede devolver un objeto o matriz que contenga un objeto javascript que no se pueda serializar, por ejemplo, un contexto de representación de lienzo. Esto normalmente daría como resultado que se lanzara una excepción \"Error: el objeto no se pudo clonar\". El workaround del lado de la aplicación es garantizar que tal caso no sea posible. Asegúrese de que todos los valores devueltos por una función expuesta a través del puente de contexto sean compatibles. Este problema se solucionó en las versiones `25.0.0-alpha.2`, `24.0.1`, `23.2.3` y `22.3.6`." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:H\/PR:L\/UI:N\/S:C\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "HIGH", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "CHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.5, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 6.0 - }, - { - "source": "security-advisories@github.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:H\/PR:L\/UI:N\/S:C\/C:L\/I:L\/A:L", - "attackVector": "NETWORK", - "attackComplexity": "HIGH", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "LOW", - "baseScore": 6.0, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.8, - "impactScore": 3.7 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-754" - } - ] - }, - { - "source": "security-advisories@github.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-754" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:electronjs:electron:*:*:*:*:*:node.js:*:*", - "versionEndExcluding": "22.3.6", - "matchCriteriaId": "1C14CCD1-146F-4A22-B093-C9FEC8047E91" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:electronjs:electron:*:*:*:*:*:node.js:*:*", - "versionStartIncluding": "23.0.0", - "versionEndExcluding": "23.2.3", - "matchCriteriaId": "B080AD66-1912-4AD2-BE21-B69935B4F04D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:electronjs:electron:24.0.0:-:*:*:*:node.js:*:*", - "matchCriteriaId": "2635DE47-9315-4D0D-BA52-215D97A09BF3" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:electronjs:electron:24.0.0:alpha1:*:*:*:node.js:*:*", - "matchCriteriaId": "800543E5-0E06-4E9B-A18D-9857524244D0" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:electronjs:electron:24.0.0:alpha2:*:*:*:node.js:*:*", - "matchCriteriaId": "47E4540B-0EAE-41B8-878F-F22C3BDF0FE5" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:electronjs:electron:24.0.0:alpha3:*:*:*:node.js:*:*", - "matchCriteriaId": "05448824-0FA1-41DF-938F-0FC5D82C9FE0" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:electronjs:electron:24.0.0:alpha4:*:*:*:node.js:*:*", - "matchCriteriaId": "FDB7E385-A58F-4B91-B7EE-75475D65038C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:electronjs:electron:24.0.0:alpha5:*:*:*:node.js:*:*", - "matchCriteriaId": "2ADACB20-163D-4BE0-AFD9-D93A5D58A910" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:electronjs:electron:24.0.0:alpha6:*:*:*:node.js:*:*", - "matchCriteriaId": "8EEBC95D-093C-49BE-A309-DE544BCD698C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:electronjs:electron:24.0.0:alpha7:*:*:*:node.js:*:*", - "matchCriteriaId": "501BF9A9-4EC1-485F-953B-E129252FC9B2" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:electronjs:electron:24.0.0:beta1:*:*:*:node.js:*:*", - "matchCriteriaId": "8F28A9E8-D1CD-476F-9BF7-F205B1FCDBC7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:electronjs:electron:24.0.0:beta2:*:*:*:node.js:*:*", - "matchCriteriaId": "19F9825C-3265-411E-96E0-1C470D4F6830" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:electronjs:electron:24.0.0:beta3:*:*:*:node.js:*:*", - "matchCriteriaId": "7CD55BDC-94ED-4ED8-905C-3AFBAB59AA63" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:electronjs:electron:24.0.0:beta4:*:*:*:node.js:*:*", - "matchCriteriaId": "E65B67F6-3AA6-4E7C-9290-C71A8CCB9A1A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:electronjs:electron:24.0.0:beta5:*:*:*:node.js:*:*", - "matchCriteriaId": "CC14A98C-9410-42A2-A71B-DC73C3855901" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:electronjs:electron:24.0.0:beta6:*:*:*:node.js:*:*", - "matchCriteriaId": "01B7E19C-F35A-4EAD-9640-926EE76E5FB0" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:electronjs:electron:24.0.0:beta7:*:*:*:node.js:*:*", - "matchCriteriaId": "509E7716-E3DB-4ABF-820D-514DEE59F251" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:electronjs:electron:25.0.0:alpha1:*:*:*:node.js:*:*", - "matchCriteriaId": "4F2529F8-84AF-4F04-BD1A-3C4A2AF49B6A" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/github.com\/electron\/electron\/security\/advisories\/GHSA-p7v2-p9m8-qqg7", - "source": "security-advisories@github.com", - "tags": [ - "Mitigation", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/www.electronjs.org\/docs\/latest\/api\/context-bridge#parameter--error--return-type-support", - "source": "security-advisories@github.com", - "tags": [ - "Product" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-38605", - "sourceIdentifier": "product-security@apple.com", - "published": "2023-09-06T21:15:12.783", - "lastModified": "2023-12-22T16:22:47.960", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Ventura 13.5. An app may be able to determine a user’s current location." - }, - { - "lang": "es", - "value": "Este problema se solucionó mejorando la redacción de información sensible. Este problema se solucionó en macOS Ventura 13.5. Una aplicación puede determinar la ubicación actual de un usuario." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:L\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 3.3, - "baseSeverity": "LOW" - }, - "exploitabilityScore": 1.8, - "impactScore": 1.4 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "NVD-CWE-noinfo" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*", - "versionEndExcluding": "15.7.8", - "matchCriteriaId": "5E276423-4032-4E12-AB11-88F7047E35EA" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*", - "versionStartIncluding": "16.0", - "versionEndExcluding": "16.6", - "matchCriteriaId": "33013784-1828-4402-81CF-2794D94A7C48" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", - "versionEndExcluding": "15.7.8", - "matchCriteriaId": "8635FA0F-1876-4E3A-B02D-31AEA459C38E" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", - "versionStartIncluding": "16.0", - "versionEndExcluding": "16.6", - "matchCriteriaId": "4C67BFEB-764A-4C07-A02A-117C6AFAAC6A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", - "versionEndExcluding": "12.6.8", - "matchCriteriaId": "470A3D9B-5DD1-4708-8291-F6DEDE5618E7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", - "versionStartIncluding": "13.0", - "versionEndExcluding": "13.5", - "matchCriteriaId": "3D701507-146E-4E5B-8C32-60E797E46627" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/support.apple.com\/en-us\/HT213843", - "source": "product-security@apple.com", - "tags": [ - "Release Notes", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/support.apple.com\/kb\/HT213841", - "source": "product-security@apple.com", - "tags": [ - "Release Notes", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/support.apple.com\/kb\/HT213842", - "source": "product-security@apple.com", - "tags": [ - "Release Notes", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/support.apple.com\/kb\/HT213844", - "source": "product-security@apple.com", - "tags": [ - "Release Notes", - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-38616", - "sourceIdentifier": "product-security@apple.com", - "published": "2023-09-06T21:15:13.063", - "lastModified": "2023-09-12T12:57:45.157", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "A race condition was addressed with improved state handling. This issue is fixed in macOS Ventura 13.5. An app may be able to execute arbitrary code with kernel privileges." - }, - { - "lang": "es", - "value": "La condición de ejecución se gestionó con un mejor manejo del estado. Este problema se solucionó en macOS Ventura 13.5. Una aplicación puede ejecutar código arbitrario con privilegios de kernel." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:H\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "HIGH", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.0, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.0, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-362" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", - "versionEndExcluding": "13.5", - "matchCriteriaId": "7FB2CB0B-A635-4057-98B8-AF71F9CB0171" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/support.apple.com\/en-us\/HT213843", - "source": "product-security@apple.com", - "tags": [ - "Release Notes", - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-39956", - "sourceIdentifier": "security-advisories@github.com", - "published": "2023-09-06T21:15:13.217", - "lastModified": "2023-09-12T12:32:48.677", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. Electron apps that are launched as command line executables are impacted. Specifically this issue can only be exploited if the following conditions are met: 1. The app is launched with an attacker-controlled working directory and 2. The attacker has the ability to write files to that working directory. This makes the risk quite low, in fact normally issues of this kind are considered outside of our threat model as similar to Chromium we exclude Physically Local Attacks but given the ability for this issue to bypass certain protections like ASAR Integrity it is being treated with higher importance. This issue has been fixed in versions:`26.0.0-beta.13`, `25.4.1`, `24.7.1`, `23.3.13`, and `22.3.19`. There are no app side workarounds, users must update to a patched version of Electron." - }, - { - "lang": "es", - "value": "\"Electron es un framework que le permite escribir aplicaciones de escritorio multiplataforma utilizando JavaScript, HTML y CSS. Las aplicaciones de Electron que se inician como ejecutables de línea de comandos se ven afectadas. Específicamente, este problema solo puede explotarse si se cumplen las siguientes condiciones: \n1. La aplicación se inicia con un directorio de trabajo controlado por el atacante y \n2. El atacante tiene la capacidad de escribir archivos en ese directorio de trabajo.\nEsto hace que el riesgo sea bastante bajo, de hecho, normalmente los problemas de este tipo se consideran fuera de nuestro modelo de amenaza, ya que son similares a Chromium y excluimos los ataques físicamente locales, pero dada la capacidad de este problema para eludir ciertas protecciones como la Integridad ASAR, se está tratando con niveles más altos de importancia. Este problema se solucionó en las versiones: `26.0.0-beta.13`, `25.4.1`, `24.7.1`, `23.3.13` y `22.3.19`. No existen workarounds en la aplicación, los usuarios deben actualizar a una versión parcheada de Electron.\"" - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:L\/I:H\/A:L", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "HIGH", - "availabilityImpact": "LOW", - "baseScore": 6.6, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.8, - "impactScore": 4.7 - }, - { - "source": "security-advisories@github.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:R\/S:U\/C:L\/I:H\/A:L", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "HIGH", - "availabilityImpact": "LOW", - "baseScore": 6.1, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.3, - "impactScore": 4.7 - } - ] - }, - "weaknesses": [ - { - "source": "security-advisories@github.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-94" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:electronjs:electron:*:*:*:*:*:node.js:*:*", - "versionEndExcluding": "22.3.9", - "matchCriteriaId": "876893B6-020E-4F0C-ADA8-0AAAFDFB3922" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:electronjs:electron:*:*:*:*:*:node.js:*:*", - "versionStartIncluding": "23.0.0", - "versionEndExcluding": "23.3.13", - "matchCriteriaId": "3C0714E9-9092-49C0-AD01-F56AF468BA49" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:electronjs:electron:*:*:*:*:*:node.js:*:*", - "versionStartIncluding": "24.0.0", - "versionEndExcluding": "24.7.1", - "matchCriteriaId": "95DEED4B-F4E0-486B-B46B-4397519235EC" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:electronjs:electron:*:*:*:*:*:node.js:*:*", - "versionStartIncluding": "25.0.0", - "versionEndExcluding": "25.5.0", - "matchCriteriaId": "1BB069BB-C9A7-480C-A689-F83FC630534C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:electronjs:electron:26.0.0:alpha1:*:*:*:node.js:*:*", - "matchCriteriaId": "39BCC6D5-834D-4883-B7B8-89F7E67BC61E" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:electronjs:electron:26.0.0:alpha2:*:*:*:node.js:*:*", - "matchCriteriaId": "EBEBCE23-C4FC-4EDC-BDC5-2FE8DB113EA7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:electronjs:electron:26.0.0:alpha3:*:*:*:node.js:*:*", - "matchCriteriaId": "84FBB241-6F29-49FD-897B-0A0DFDF884FC" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:electronjs:electron:26.0.0:alpha4:*:*:*:node.js:*:*", - "matchCriteriaId": "A88CA9F8-D261-4386-89FF-619F485DF6CD" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:electronjs:electron:26.0.0:alpha5:*:*:*:node.js:*:*", - "matchCriteriaId": "6C56F8DA-3DF0-41F0-AA2B-A6038F0F5C67" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:electronjs:electron:26.0.0:alpha6:*:*:*:node.js:*:*", - "matchCriteriaId": "8BA72227-F2E5-47FA-9A0E-15A7A4427633" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:electronjs:electron:26.0.0:alpha7:*:*:*:node.js:*:*", - "matchCriteriaId": "9EF46C92-82F7-4D80-BEA5-3E397E76EC53" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:electronjs:electron:26.0.0:alpha8:*:*:*:node.js:*:*", - "matchCriteriaId": "82F847A9-299A-4EF8-B132-538B25B3CC7E" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:electronjs:electron:26.0.0:beta1:*:*:*:node.js:*:*", - "matchCriteriaId": "AF7D1848-6965-4C53-8034-1927E36F51A5" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:electronjs:electron:26.0.0:beta10:*:*:*:node.js:*:*", - "matchCriteriaId": "513AF17A-CB29-4C15-831E-EA85A030CF69" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:electronjs:electron:26.0.0:beta11:*:*:*:node.js:*:*", - "matchCriteriaId": "1A6182B1-2B14-4AD8-AE84-234399E57EF4" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:electronjs:electron:26.0.0:beta12:*:*:*:node.js:*:*", - "matchCriteriaId": "25D4C39D-27FA-4463-8673-7FA542EC984F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:electronjs:electron:26.0.0:beta2:*:*:*:node.js:*:*", - "matchCriteriaId": "F204551A-6B2F-4C48-83F7-35B948B63CBE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:electronjs:electron:26.0.0:beta3:*:*:*:node.js:*:*", - "matchCriteriaId": "821BAF73-8B32-4659-B85D-C9E04A5E3FFD" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:electronjs:electron:26.0.0:beta4:*:*:*:node.js:*:*", - "matchCriteriaId": "2A8A2C17-34D3-4726-A8F3-F122496AE57B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:electronjs:electron:26.0.0:beta5:*:*:*:node.js:*:*", - "matchCriteriaId": "B4A630C6-9D54-4D96-9D49-D4CAAE9EA5FE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:electronjs:electron:26.0.0:beta6:*:*:*:node.js:*:*", - "matchCriteriaId": "F71F0038-5C57-498D-9FFB-804975C24C78" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:electronjs:electron:26.0.0:beta7:*:*:*:node.js:*:*", - "matchCriteriaId": "1DA4DBAF-F34B-4788-AD0D-03A03008FB47" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:electronjs:electron:26.0.0:beta8:*:*:*:node.js:*:*", - "matchCriteriaId": "A6082EF5-BFE1-43EA-BCE9-A7420B50085C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:electronjs:electron:26.0.0:beta9:*:*:*:node.js:*:*", - "matchCriteriaId": "D31FA398-54AE-4162-9A0B-5CC367DBBF63" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/github.com\/electron\/electron\/security\/advisories\/GHSA-7x97-j373-85x5", - "source": "security-advisories@github.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-39967", - "sourceIdentifier": "security-advisories@github.com", - "published": "2023-09-06T21:15:13.320", - "lastModified": "2023-09-13T12:42:37.057", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "WireMock is a tool for mocking HTTP services. When certain request URLs like “@127.0.0.1:1234\" are used in WireMock Studio configuration fields, the request might be forwarded to an arbitrary service reachable from WireMock’s instance. There are 3 identified potential attack vectors: via “TestRequester” functionality, webhooks and the proxy mode. As we can control HTTP Method, HTTP Headers, HTTP Data, it allows sending requests with the default level of credentials for the WireMock instance. The vendor has discontinued the affected Wiremock studio product and there will be no fix. Users are advised to find alternatives." - }, - { - "lang": "es", - "value": "WireMock es una herramienta para imitar servicios HTTP. Cuando ciertas URL de solicitud como \"@127.0.0.1:1234\" se utilizan en los campos de configuración de WireMock Studio, la solicitud podría reenviarse a un servicio arbitrario accesible desde la instancia de WireMock. Hay 3 posibles vectores de ataque identificados: a través de la funcionalidad \"TestRequester\", webhooks y el modo proxy. Como podemos controlar el método HTTP, los encabezados HTTP y los datos HTTP, permite enviar solicitudes con el nivel predeterminado de credenciales para la instancia de WireMock. El proveedor ha descontinuado el producto Wiremock Studio afectado y no habrá ningún parche. Se recomienda buscar alternativas." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:C\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "CHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 10.0, - "baseSeverity": "CRITICAL" - }, - "exploitabilityScore": 3.9, - "impactScore": 6.0 - }, - { - "source": "security-advisories@github.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:C\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "CHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 10.0, - "baseSeverity": "CRITICAL" - }, - "exploitabilityScore": 3.9, - "impactScore": 6.0 - } - ] - }, - "weaknesses": [ - { - "source": "security-advisories@github.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-918" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:wiremock:studio:*:*:*:*:*:*:*:*", - "versionEndIncluding": "2.32.0-17", - "matchCriteriaId": "94D6D047-97F7-4326-AAF8-09ACB980D549" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/github.com\/wiremock\/wiremock\/security\/advisories\/GHSA-676j-xrv3-73vc", - "source": "security-advisories@github.com", - "tags": [ - "Exploit", - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-40392", - "sourceIdentifier": "product-security@apple.com", - "published": "2023-09-06T21:15:13.560", - "lastModified": "2023-12-22T15:18:01.370", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.5. An app may be able to read sensitive location information." - }, - { - "lang": "es", - "value": "Se solucionó un problema de privacidad mejorando la redacción de datos privados para las entradas de registro. Este problema se solucionó en macOS Ventura 13.5. Una aplicación puede leer información de ubicación confidencial." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:L\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 3.3, - "baseSeverity": "LOW" - }, - "exploitabilityScore": 1.8, - "impactScore": 1.4 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-532" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*", - "versionEndExcluding": "15.7.8", - "matchCriteriaId": "5E276423-4032-4E12-AB11-88F7047E35EA" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*", - "versionStartIncluding": "16.0", - "versionEndExcluding": "16.6", - "matchCriteriaId": "33013784-1828-4402-81CF-2794D94A7C48" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", - "versionEndExcluding": "15.7.8", - "matchCriteriaId": "8635FA0F-1876-4E3A-B02D-31AEA459C38E" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", - "versionStartIncluding": "16.0", - "versionEndExcluding": "16.6", - "matchCriteriaId": "4C67BFEB-764A-4C07-A02A-117C6AFAAC6A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", - "versionEndExcluding": "11.7.9", - "matchCriteriaId": "32C6C615-0E8E-458B-88C6-A8BF29D3DB69" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", - "versionStartIncluding": "12.0", - "versionEndExcluding": "12.6.8", - "matchCriteriaId": "5B763A1F-C183-4728-B593-67558FD9FC36" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", - "versionStartIncluding": "12.0.0", - "versionEndExcluding": "12.6.8", - "matchCriteriaId": "A47C992E-C336-403A-A534-E1A33C7338DE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", - "versionStartIncluding": "13.0", - "versionEndExcluding": "13.5", - "matchCriteriaId": "3D701507-146E-4E5B-8C32-60E797E46627" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/support.apple.com\/en-us\/HT213843", - "source": "product-security@apple.com", - "tags": [ - "Release Notes", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/support.apple.com\/kb\/HT213841", - "source": "product-security@apple.com", - "tags": [ - "Release Notes", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/support.apple.com\/kb\/HT213842", - "source": "product-security@apple.com", - "tags": [ - "Release Notes", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/support.apple.com\/kb\/HT213844", - "source": "product-security@apple.com", - "tags": [ - "Release Notes", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/support.apple.com\/kb\/HT213845", - "source": "product-security@apple.com", - "tags": [ - "Release Notes", - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-40397", - "sourceIdentifier": "product-security@apple.com", - "published": "2023-09-06T21:15:13.850", - "lastModified": "2024-01-05T14:15:47.920", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.5. A remote attacker may be able to cause arbitrary javascript code execution." - }, - { - "lang": "es", - "value": "El problema se solucionó mejorando las comprobaciones. Este problema se solucionó en macOS Ventura 13.5. Un atacante remoto puede ser capaz de provocar la ejecución arbitraria de código javascript." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL" - }, - "exploitabilityScore": 3.9, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "NVD-CWE-noinfo" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", - "versionEndExcluding": "13.5", - "matchCriteriaId": "7FB2CB0B-A635-4057-98B8-AF71F9CB0171" - } - ] - } - ] - }, - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:webkitgtk:webkitgtk:*:*:*:*:*:*:*:*", - "versionEndExcluding": "2.40.5", - "matchCriteriaId": "8323D399-B803-4CE3-ABB4-DB6972FB22AC" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:wpewebkit:wpe_webkit:*:*:*:*:*:*:*:*", - "versionEndExcluding": "2.40.5", - "matchCriteriaId": "53249158-E300-4F0D-A16D-9C19701E2E05" - } - ] - } - ] - } - ], - "references": [ - { - "url": "http:\/\/www.openwall.com\/lists\/oss-security\/2023\/09\/11\/1", - "source": "product-security@apple.com", - "tags": [ - "Mailing List", - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/security.gentoo.org\/glsa\/202401-04", - "source": "product-security@apple.com" - }, - { - "url": "https:\/\/support.apple.com\/en-us\/HT213843", - "source": "product-security@apple.com", - "tags": [ - "Release Notes", - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-41053", - "sourceIdentifier": "security-advisories@github.com", - "published": "2023-09-06T21:15:14.137", - "lastModified": "2023-09-16T04:15:23.450", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Redis is an in-memory database that persists on disk. Redis does not correctly identify keys accessed by `SORT_RO` and as a result may grant users executing this command access to keys that are not explicitly authorized by the ACL configuration. The problem exists in Redis 7.0 or newer and has been fixed in Redis 7.0.13 and 7.2.1. Users are advised to upgrade. There are no known workarounds for this vulnerability." - }, - { - "lang": "es", - "value": "Redis es una base de datos en memoria que persiste en el disco. Redis no identifica correctamente las claves a las que accede `SORT_RO` y, como resultado, puede otorgar a los usuarios que ejecutan este comando acceso a claves que no están autorizadas explícitamente por la configuración de ACL. El problema existe en Redis 7.0 o posterior y se solucionó en Redis 7.0.13 y 7.2.1. Se recomienda a los usuarios que actualicen. No se conocen workarounds para esta vulnerabilidad." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:L\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 3.3, - "baseSeverity": "LOW" - }, - "exploitabilityScore": 1.8, - "impactScore": 1.4 - }, - { - "source": "security-advisories@github.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:L\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 3.3, - "baseSeverity": "LOW" - }, - "exploitabilityScore": 1.8, - "impactScore": 1.4 - } - ] - }, - "weaknesses": [ - { - "source": "security-advisories@github.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-269" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:redis:redis:*:*:*:*:*:*:*:*", - "versionStartIncluding": "7.0", - "versionEndExcluding": "7.0.13", - "matchCriteriaId": "9E282AA9-8D85-45E2-8172-8E0812158236" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:redis:redis:7.2.0:-:*:*:*:*:*:*", - "matchCriteriaId": "22D9F44A-6BF8-41CD-8C01-9DC43C9AB7BB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:redis:redis:7.2.0:rc1:*:*:*:*:*:*", - "matchCriteriaId": "A6033CAF-9EB3-4B3A-8E9D-C75D961F15E5" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:redis:redis:7.2.0:rc2:*:*:*:*:*:*", - "matchCriteriaId": "49A74653-1F7E-4052-ABC6-A9C17FB7F52C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:redis:redis:7.2.0:rc3:*:*:*:*:*:*", - "matchCriteriaId": "4FCB1A20-8C00-4C17-8E20-2329F51C60C5" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/github.com\/redis\/redis\/commit\/9e505e6cd842338424e05883521ca1fb7d0f47f6", - "source": "security-advisories@github.com", - "tags": [ - "Patch" - ] - }, - { - "url": "https:\/\/github.com\/redis\/redis\/security\/advisories\/GHSA-q4jr-5p56-4xwc", - "source": "security-advisories@github.com", - "tags": [ - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/OLBPIUUD273UGRN2WAYHPVUAULY36QVL\/", - "source": "security-advisories@github.com" - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/UA4MSJ623BH6HP5UHSJD2FOTN3QM5DQS\/", - "source": "security-advisories@github.com" - }, - { - "url": "https:\/\/lists.fedoraproject.org\/archives\/list\/package-announce@lists.fedoraproject.org\/message\/YLYNYT52EHR63E7L7SHRTHEPUMAFFDLX\/", - "source": "security-advisories@github.com" - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-41327", - "sourceIdentifier": "security-advisories@github.com", - "published": "2023-09-06T21:15:14.323", - "lastModified": "2023-09-12T20:43:26.803", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "WireMock is a tool for mocking HTTP services. WireMock can be configured to only permit proxying (and therefore recording) to certain addresses. This is achieved via a list of allowed address rules and a list of denied address rules, where the allowed list is evaluated first. \n\nUntil WireMock Webhooks Extension 3.0.0-beta-15, the filtering of target addresses from the proxy mode DID NOT work for Webhooks, so the users were potentially vulnerable regardless of the `limitProxyTargets` settings. Via the WireMock webhooks configuration, POST requests from a webhook might be forwarded to an arbitrary service reachable from WireMock’s instance. For example, If someone is running the WireMock docker Container inside a private cluster, they can trigger internal POST requests against unsecured APIs or even against secure ones by passing a token, discovered using another exploit, via authentication headers. This issue has been addressed in versions 2.35.1 and 3.0.3 of wiremock. Wiremock studio has been discontinued and will not see a fix. Users unable to upgrade should use external firewall rules to define the list of permitted destinations." - }, - { - "lang": "es", - "value": "WireMock es una herramienta para imitar servicios HTTP. WireMock se puede configurar para permitir solo el proxy (y por lo tanto la grabación) en ciertas direcciones. Esto se logra mediante una lista de reglas de direcciones permitidas y una lista de reglas de direcciones denegadas, donde la lista permitida se evalúa primero. Hasta WireMock Webhooks Extension 3.0.0-beta-15, el filtrado de direcciones de destino desde el modo proxy NO funcionaba para Webhooks, por lo que los usuarios eran potencialmente vulnerables independientemente de la configuración de `limitProxyTargets`. A través de la configuración de los webhooks de WireMock, las solicitudes POST de un webhook pueden reenviarse a un servicio arbitrario accesible desde la instancia de WireMock. Por ejemplo, si alguien ejecuta el contenedor acoplable WireMock dentro de un clúster privado, puede activar solicitudes POST internas contra APIs no seguras o incluso contra APIs seguras pasando un token, descubierto mediante otro exploit, a través de encabezados de autenticación. Este problema se solucionó en las versiones 2.35.1 y 3.0.3 de wiremock. Wiremock Studio ha sido descontinuado y no se implementará un parche. Los usuarios que no puedan actualizar deben usar reglas de firewall externas para definir la lista de destinos permitidos." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:A\/AC:L\/PR:N\/UI:N\/S:U\/C:N\/I:L\/A:L", - "attackVector": "ADJACENT_NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "LOW", - "availabilityImpact": "LOW", - "baseScore": 5.4, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 2.5 - }, - { - "source": "security-advisories@github.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:A\/AC:L\/PR:N\/UI:R\/S:U\/C:N\/I:L\/A:L", - "attackVector": "ADJACENT_NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "LOW", - "availabilityImpact": "LOW", - "baseScore": 4.6, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.1, - "impactScore": 2.5 - } - ] - }, - "weaknesses": [ - { - "source": "security-advisories@github.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-918" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:wiremock:studio:*:*:*:*:*:*:*:*", - "versionEndIncluding": "2.32.0-17", - "matchCriteriaId": "94D6D047-97F7-4326-AAF8-09ACB980D549" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:wiremock:wiremock:*:*:*:*:*:*:*:*", - "versionStartIncluding": "2.0.0", - "versionEndExcluding": "2.35.1", - "matchCriteriaId": "418B9CC0-59C9-4560-9E92-5C0B1D547916" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:wiremock:wiremock:*:*:*:*:*:*:*:*", - "versionStartIncluding": "3.0.0", - "versionEndExcluding": "3.0.3", - "matchCriteriaId": "5E2F15FC-7298-49C1-9C37-6B0AE0C5B272" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/github.com\/wiremock\/wiremock\/releases\/tag\/3.0.0-beta-15", - "source": "security-advisories@github.com", - "tags": [ - "Release Notes" - ] - }, - { - "url": "https:\/\/github.com\/wiremock\/wiremock\/security\/advisories\/GHSA-hq8w-9w8w-pmx7", - "source": "security-advisories@github.com", - "tags": [ - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/wiremock.org\/docs\/configuration\/#preventing-proxying-to-and-recording-from-specific-target-addresses", - "source": "security-advisories@github.com", - "tags": [ - "Patch" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-41329", - "sourceIdentifier": "security-advisories@github.com", - "published": "2023-09-06T21:15:14.517", - "lastModified": "2023-09-12T20:45:24.907", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "WireMock is a tool for mocking HTTP services. The proxy mode of WireMock, can be protected by the network restrictions configuration, as documented in Preventing proxying to and recording from specific target addresses. These restrictions can be configured using the domain names, and in such a case the configuration is vulnerable to the DNS rebinding attacks. A similar patch was applied in WireMock 3.0.0-beta-15 for the WireMock Webhook Extensions. The root cause of the attack is a defect in the logic which allows for a race condition triggered by a DNS server whose address expires in between the initial validation and the outbound network request that might go to a domain that was supposed to be prohibited. Control over a DNS service is required to exploit this attack, so it has high execution complexity and limited impact. This issue has been addressed in version 2.35.1 of wiremock-jre8 and wiremock-jre8-standalone, version 3.0.3 of wiremock and wiremock-standalone, version 2.6.1 of the python version of wiremock, and versions 2.35.1-1 and 3.0.3-1 of the wiremock\/wiremock Docker container. Users are advised to upgrade. Users unable to upgrade should either configure firewall rules to define the list of permitted destinations or to configure WireMock to use IP addresses instead of the domain names." - }, - { - "lang": "es", - "value": "WireMock es una herramienta para imitar servicios HTTP. El modo proxy de WireMock se puede proteger mediante la configuración de restricciones de red, como se documenta en Preventing proxying y la grabación desde direcciones de destino específicas. Estas restricciones se pueden configurar utilizando los nombres de dominio y, en tal caso, la configuración es vulnerable a los ataques de vinculación de DNS. Se aplicó un parche similar en WireMock 3.0.0-beta-15 para las extensiones WireMock Webhook. La causa principal del ataque es un defecto en la lógica que permite una condición de ejecución desencadenada por un servidor DNS cuya dirección expira entre la validación inicial y la solicitud de red saliente que podría ir a un dominio que se suponía estaba prohibido. Se requiere control sobre un servicio DNS para explotar este ataque, por lo que tiene una alta complejidad de ejecución y un impacto limitado. Este problema se solucionó en la versión 2.35.1 de wiremock-jre8 y wiremock-jre8-standalone, la versión 3.0.3 de wiremock y wiremock-standalone, la versión 2.6.1 de la versión Python de wiremock y las versiones 2.35.1-1 y 3.0.3-1 del contenedor Docker wiremock\/wiremock. Se recomienda a los usuarios que actualicen. Los usuarios que no puedan actualizar deben configurar reglas de firewall para definir la lista de destinos permitidos o configurar WireMock para usar direcciones IP en lugar de nombres de dominio." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:H\/PR:H\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "HIGH", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 6.6, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 0.7, - "impactScore": 5.9 - }, - { - "source": "security-advisories@github.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:A\/AC:H\/PR:H\/UI:N\/S:U\/C:L\/I:L\/A:L", - "attackVector": "ADJACENT_NETWORK", - "attackComplexity": "HIGH", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "LOW", - "baseScore": 3.9, - "baseSeverity": "LOW" - }, - "exploitabilityScore": 0.5, - "impactScore": 3.4 - } - ] - }, - "weaknesses": [ - { - "source": "security-advisories@github.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-290" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:wiremock:python_wiremock:*:*:*:*:*:*:*:*", - "versionEndExcluding": "2.6.1", - "matchCriteriaId": "C996BA43-2702-4ECA-AB34-F6E7FA0811A2" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:wiremock:studio:*:*:*:*:*:*:*:*", - "versionEndIncluding": "2.32.0-17", - "matchCriteriaId": "94D6D047-97F7-4326-AAF8-09ACB980D549" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:wiremock:wiremock:*:*:*:*:*:*:*:*", - "versionEndExcluding": "2.35.1", - "matchCriteriaId": "C970946B-2D32-441B-B920-43B29BDB31AD" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:wiremock:wiremock:*:*:*:*:*:*:*:*", - "versionStartIncluding": "3.0.0", - "versionEndExcluding": "3.0.3", - "matchCriteriaId": "5E2F15FC-7298-49C1-9C37-6B0AE0C5B272" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:wiremock:wiremock_docker:*:*:*:*:*:*:*:*", - "versionStartIncluding": "2.0.0", - "versionEndExcluding": "2.35.1-1", - "matchCriteriaId": "6D536C73-6C99-428A-9F41-A6452708B6D9" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:wiremock:wiremock_docker:*:*:*:*:*:*:*:*", - "versionStartIncluding": "3.0.0", - "versionEndExcluding": "3.0.3-1", - "matchCriteriaId": "6ED4EACC-77AA-476D-83C4-94F1646D0AEA" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/github.com\/wiremock\/wiremock\/security\/advisories\/GHSA-pmxq-pj47-j8j4", - "source": "security-advisories@github.com", - "tags": [ - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/wiremock.org\/docs\/configuration\/#preventing-proxying-to-and-recording-from-specific-target-addresses", - "source": "security-advisories@github.com", - "tags": [ - "Product" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-4772", - "sourceIdentifier": "security@wordfence.com", - "published": "2023-09-07T02:15:08.033", - "lastModified": "2023-11-07T04:22:57.827", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "The Newsletter plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'newsletter_form' shortcode in versions up to, and including, 7.8.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." - }, - { - "lang": "es", - "value": "El plugin Newsletter para WordPress es vulnerable a Cross-Site Scripting (XSS) almacenado a través del shortcode \"newsletter_form\" en versiones hasta, e incluyendo, la 7.8.9 debido a una insuficiente sanitización de entrada y escape de salida en atributos suministrados por el usuario. Esto hace posible que atacantes autenticados con permisos de nivel de colaborador y superiores inyecten scripts web arbitrarios en páginas que se ejecutarán cada vez que un usuario acceda a una página inyectada. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:R\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 5.4, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.3, - "impactScore": 2.7 - }, - { - "source": "security@wordfence.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 6.4, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 3.1, - "impactScore": 2.7 - } - ] - }, - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:thenewsletterplugin:newsletter:*:*:*:*:*:wordpress:*:*", - "versionEndIncluding": "7.8.9", - "matchCriteriaId": "8C51C28A-2E44-4EB9-AE9A-767F9EBAB376" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/plugins.trac.wordpress.org\/browser\/newsletter\/tags\/7.8.9\/subscription\/subscription.php#L1653", - "source": "security@wordfence.com", - "tags": [ - "Product" - ] - }, - { - "url": "https:\/\/plugins.trac.wordpress.org\/changeset\/2955097\/newsletter#file21", - "source": "security@wordfence.com", - "tags": [ - "Patch" - ] - }, - { - "url": "https:\/\/www.wordfence.com\/threat-intel\/vulnerabilities\/id\/87da5300-1add-44fc-a3e0-e8912f946c84?source=cve", - "source": "security@wordfence.com", - "tags": [ - "Patch", - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-4792", - "sourceIdentifier": "security@wordfence.com", - "published": "2023-09-07T02:15:08.163", - "lastModified": "2023-11-07T04:22:58.770", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "The Duplicate Post Page Menu & Custom Post Type plugin for WordPress is vulnerable to unauthorized page and post duplication due to a missing capability check on the duplicate_ppmc_post_as_draft function in versions up to, and including, 2.3.1. This makes it possible for authenticated attackers with subscriber access or higher to duplicate posts and pages." - }, - { - "lang": "es", - "value": "El plugin Duplicate Post Page Menu & Custom Post Type para WordPress es vulnerable a la duplicación no autorizada de páginas y entradas debido a la falta de una comprobación de capacidad en la función \"duplicate_ppmc_post_as_draft\" en versiones hasta la 2.3.1 inclusive. Esto hace posible que atacantes autenticados con acceso a suscriptor o superior dupliquen entradas y páginas. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "security@wordfence.com", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:N\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 4.3, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 1.4 - } - ] - }, - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:inqsys:duplicate_post_page_menu_\\&_custom_post_type:*:*:*:*:*:wordpress:*:*", - "versionEndIncluding": "2.3.1", - "matchCriteriaId": "3CB05349-73A8-4C87-96BA-F390EF3EE437" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/plugins.trac.wordpress.org\/browser\/duplicate-post-page-menu-custom-post-type\/trunk\/duplicate-post-page-menu-cpt.php?rev=2871256#L383", - "source": "security@wordfence.com", - "tags": [ - "Product" - ] - }, - { - "url": "https:\/\/plugins.trac.wordpress.org\/changeset?sfp_email=&sfph_mail=&reponame=&old=2963515%40duplicate-post-page-menu-custom-post-type&new=2963515%40duplicate-post-page-menu-custom-post-type&sfp_email=&sfph_mail=", - "source": "security@wordfence.com", - "tags": [ - "Patch" - ] - }, - { - "url": "https:\/\/www.wordfence.com\/threat-intel\/vulnerabilities\/id\/d6bb08e8-9ef5-41db-a111-c377a5dfae77?source=cve", - "source": "security@wordfence.com", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-34357", - "sourceIdentifier": "twcert@cert.org.tw", - "published": "2023-09-07T03:15:08.263", - "lastModified": "2023-09-12T11:59:33.197", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "\nSoar Cloud Ltd. HR Portal has a weak Password Recovery Mechanism for Forgotten Password. The reset password link sent out through e-mail, and the link will remain valid after the password has been reset and after the expected expiration date. An attacker with access to the browser history or has the line can thus use the URL again to change the password in order to take over the account.\n\n\n\n" - }, - { - "lang": "es", - "value": "Soar Cloud Ltd. HR Portal dispone de un mecanismo de recuperación de contraseñas débil para contraseñas olvidadas. El enlace de restablecimiento de contraseña se envía a través del correo electrónico, y el enlace seguirá siendo válido después de que la contraseña haya sido restablecida y después de la fecha de caducidad prevista. Un atacante con acceso al historial del navegador o al enlace puede así utilizar la URL de nuevo para cambiar la contraseña con el fin de hacerse cargo de la cuenta. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "twcert@cert.org.tw", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "twcert@cert.org.tw", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-640" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:scshr:hr_portal:7.3.2023.0510:*:*:*:*:*:*:*", - "matchCriteriaId": "7B4925F6-A93D-405C-A152-3E6753255964" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:scshr:hr_portal:7.3.2023.0705:*:*:*:*:*:*:*", - "matchCriteriaId": "398FFD5F-CF3E-4159-A46D-F8D706A25F79" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.twcert.org.tw\/tw\/cp-132-7347-2653e-1.html", - "source": "twcert@cert.org.tw", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-38031", - "sourceIdentifier": "twcert@cert.org.tw", - "published": "2023-09-07T04:15:10.273", - "lastModified": "2023-09-12T20:45:43.417", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "\nASUS RT-AC86U Adaptive QoS - Web History function has insufficient filtering of special character. A remote attacker with regular user privilege can exploit this vulnerability to perform command injection attack to execute arbitrary commands, disrupt system or terminate services.\n\n\n\n" - }, - { - "lang": "es", - "value": "La función Adaptive Qos - Web History de ASUS RT-AC86U tiene un filtrado insuficiente de caracteres especiales. Un atacante remoto con privilegios de usuario normal puede aprovechar esta vulnerabilidad para realizar un ataque de inyección de comandos para ejecutar comandos arbitrarios, interrumpir el sistema o terminar servicios." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.8, - "impactScore": 5.9 - }, - { - "source": "twcert@cert.org.tw", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "twcert@cert.org.tw", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-78" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:asus:rt-ac86u_firmware:3.0.0.4_386_51529:*:*:*:*:*:*:*", - "matchCriteriaId": "E3A1AA3F-0CCF-41B0-B8D7-2D72D82C0261" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:asus:rt-ac86u:-:*:*:*:*:*:*:*", - "matchCriteriaId": "89095282-ABBD-4056-B731-7F05638DB1A6" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.twcert.org.tw\/tw\/cp-132-7348-56989-1.html", - "source": "twcert@cert.org.tw", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-38032", - "sourceIdentifier": "twcert@cert.org.tw", - "published": "2023-09-07T07:15:08.107", - "lastModified": "2023-09-12T20:46:03.037", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "\nASUS RT-AC86U AiProtection security- related function has insufficient filtering of special character. A remote attacker with regular user privilege can exploit this vulnerability to perform command injection attack to execute arbitrary commands, disrupt system or terminate services.\n\n\n\n" - }, - { - "lang": "es", - "value": "La función relacionada con la seguridad AiProtection de ASUS RT-AC86U no tiene suficiente filtrado de caracteres especiales. Un atacante remoto con privilegios de usuario normal puede aprovechar esta vulnerabilidad para realizar un ataque de inyección de comandos para ejecutar comandos arbitrarios, interrumpir el sistema o terminar servicios." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "twcert@cert.org.tw", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "twcert@cert.org.tw", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-78" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:asus:rt-ac86u_firmware:3.0.0.4_386_51529:*:*:*:*:*:*:*", - "matchCriteriaId": "E3A1AA3F-0CCF-41B0-B8D7-2D72D82C0261" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:asus:rt-ac86u:-:*:*:*:*:*:*:*", - "matchCriteriaId": "89095282-ABBD-4056-B731-7F05638DB1A6" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.twcert.org.tw\/tw\/cp-132-7349-7f8cd-1.html", - "source": "twcert@cert.org.tw", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-38033", - "sourceIdentifier": "twcert@cert.org.tw", - "published": "2023-09-07T07:15:08.297", - "lastModified": "2023-09-12T20:46:11.303", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "\nASUS RT-AC86U unused Traffic Analyzer legacy Statistic function has insufficient filtering of special character. A remote attacker with regular user privilege can exploit this vulnerability to perform command injection attack to execute arbitrary commands, disrupt system or terminate services.\n\n" - }, - { - "lang": "es", - "value": "La función heredada Statisctis en el Analizador de Tráfico no utilizado de ASUS RT-AC86U tiene un filtrado insuficiente de caracteres especiales. Un atacante remoto con privilegios de usuario normal puede aprovechar esta vulnerabilidad para realizar un ataque de inyección de comandos para ejecutar comandos arbitrarios, interrumpir el sistema o terminar servicios." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "twcert@cert.org.tw", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "twcert@cert.org.tw", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-78" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:asus:rt-ac86u_firmware:3.0.0.4_386_51529:*:*:*:*:*:*:*", - "matchCriteriaId": "E3A1AA3F-0CCF-41B0-B8D7-2D72D82C0261" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:asus:rt-ac86u:-:*:*:*:*:*:*:*", - "matchCriteriaId": "89095282-ABBD-4056-B731-7F05638DB1A6" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.twcert.org.tw\/tw\/cp-132-7350-ded5e-1.html", - "source": "twcert@cert.org.tw", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-39236", - "sourceIdentifier": "twcert@cert.org.tw", - "published": "2023-09-07T07:15:08.440", - "lastModified": "2023-09-12T20:46:29.193", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "\nASUS RT-AC86U Traffic Analyzer - Statistic function has insufficient filtering of special character. A remote attacker with regular user privilege can exploit this vulnerability to perform command injection attack to execute arbitrary commands, disrupt system or terminate services.\n\n" - }, - { - "lang": "es", - "value": "La función de análisis Statistics en el Analizador de Tráfico ASUS RT-AC86U tiene un filtrado insuficiente de caracteres especiales. Un atacante remoto con privilegios de usuario normal puede aprovechar esta vulnerabilidad para realizar un ataque de inyección de comandos para ejecutar comandos arbitrarios, interrumpir el sistema o terminar servicios." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "twcert@cert.org.tw", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-78" - } - ] - }, - { - "source": "twcert@cert.org.tw", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-78" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:asus:rt-ac86u:-:*:*:*:*:*:*:*", - "matchCriteriaId": "89095282-ABBD-4056-B731-7F05638DB1A6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:asus:rt-ac86u_firmware:3.0.0.4_386_51529:*:*:*:*:*:*:*", - "matchCriteriaId": "E3A1AA3F-0CCF-41B0-B8D7-2D72D82C0261" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.twcert.org.tw\/tw\/cp-132-7351-ec8fe-1.html", - "source": "twcert@cert.org.tw", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-39237", - "sourceIdentifier": "twcert@cert.org.tw", - "published": "2023-09-07T07:15:08.537", - "lastModified": "2023-09-12T20:46:41.957", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "\nASUS RT-AC86U Traffic Analyzer - Apps analysis function has insufficient filtering of special character. A remote attacker with regular user privilege can exploit this vulnerability to perform command injection attack to execute arbitrary commands, disrupt system or terminate services.\n\n" - }, - { - "lang": "es", - "value": "La función de análisis Apps en el Analizador de Tráfico ASUS RT-AC86U tiene un filtrado insuficiente de caracteres especiales. Un atacante remoto con privilegios de usuario normal puede aprovechar esta vulnerabilidad para realizar un ataque de inyección de comandos para ejecutar comandos arbitrarios, interrumpir el sistema o terminar servicios." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "twcert@cert.org.tw", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "twcert@cert.org.tw", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-78" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:asus:rt-ac86u_firmware:3.0.0.4_386_51529:*:*:*:*:*:*:*", - "matchCriteriaId": "E3A1AA3F-0CCF-41B0-B8D7-2D72D82C0261" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:asus:rt-ac86u:-:*:*:*:*:*:*:*", - "matchCriteriaId": "89095282-ABBD-4056-B731-7F05638DB1A6" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.twcert.org.tw\/tw\/cp-132-7352-bad68-1.html", - "source": "twcert@cert.org.tw", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-4815", - "sourceIdentifier": "security@huntr.dev", - "published": "2023-09-07T07:15:08.747", - "lastModified": "2023-09-12T11:58:59.727", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Missing Authentication for Critical Function in GitHub repository answerdev\/answer prior to v1.1.3." - }, - { - "lang": "es", - "value": "Falta de Autenticación para la Función Crítica en el repositorio de GitHub answerdev\/answer antes de la versión 1.1.3." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.8, - "impactScore": 5.9 - } - ], - "cvssMetricV30": [ - { - "source": "security@huntr.dev", - "type": "Secondary", - "cvssData": { - "version": "3.0", - "vectorString": "CVSS:3.0\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:L", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "LOW", - "baseScore": 8.3, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.8, - "impactScore": 5.5 - } - ] - }, - "weaknesses": [ - { - "source": "security@huntr.dev", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-306" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:answer:answer:*:*:*:*:*:*:*:*", - "versionEndExcluding": "1.1.3", - "matchCriteriaId": "E54D63D0-16AA-42D4-93AA-0D09E0DE9700" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/github.com\/answerdev\/answer\/commit\/e75142a55546e01d8904f59db228422561f51666", - "source": "security@huntr.dev", - "tags": [ - "Patch" - ] - }, - { - "url": "https:\/\/huntr.dev\/bounties\/4cd3eeb4-57c9-4af2-ad19-2166c9e0fd2c", - "source": "security@huntr.dev", - "tags": [ - "Exploit", - "Issue Tracking", - "Patch", - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-39238", - "sourceIdentifier": "twcert@cert.org.tw", - "published": "2023-09-07T08:15:07.533", - "lastModified": "2024-03-27T07:15:47.557", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "\nIt is identified a format string vulnerability in ASUS RT-AX56U V2. This vulnerability is caused by lacking validation for a specific value within its set_iperf3_svr.cgi module. A remote attacker with administrator privilege can exploit this vulnerability to perform remote arbitrary code execution, arbitrary system operation or disrupt service.\n\n" - }, - { - "lang": "es", - "value": "Se ha identificado una vulnerabilidad de cadena de formato en ASUS RT-AX56U V2. Esta vulnerabilidad se debe a la falta de validación de un valor específico dentro de su módulo set_iperf3_svr.cgi. Un atacante remoto no autenticado puede aprovechar esta vulnerabilidad sin privilegios para realizar la ejecución remota de código arbitrario, el funcionamiento arbitrario del sistema o interrumpir el servicio." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "twcert@cert.org.tw", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.2, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.2, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "twcert@cert.org.tw", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-134" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:asus:rt-ax55:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B8F27D4F-EDC4-4676-8C66-545378850BF1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:asus:rt-ax55_firmware:3.0.0.4.386_50460:*:*:*:*:*:*:*", - "matchCriteriaId": "55D08B1A-85B6-4501-8998-E308F7633DF9" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:asus:rt-ax56u_v2:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FFFF5EF7-E4EC-4DA0-82B4-9996087B951F" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:asus:rt-ax56u_v2_firmware:3.0.0.4.386_50460:*:*:*:*:*:*:*", - "matchCriteriaId": "7201F0D9-5111-414B-8756-3B36838193CD" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:asus:rt-ac86u:-:*:*:*:*:*:*:*", - "matchCriteriaId": "89095282-ABBD-4056-B731-7F05638DB1A6" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:asus:rt-ac86u_firmware:3.0.0.4_386_51529:*:*:*:*:*:*:*", - "matchCriteriaId": "E3A1AA3F-0CCF-41B0-B8D7-2D72D82C0261" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.twcert.org.tw\/tw\/cp-132-7354-4e654-1.html", - "source": "twcert@cert.org.tw", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-39239", - "sourceIdentifier": "twcert@cert.org.tw", - "published": "2023-09-07T08:15:07.620", - "lastModified": "2024-03-27T08:15:37.867", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "\nIt is identified a format string vulnerability in ASUS RT-AX56U V2’s General function API. This vulnerability is caused by lacking validation for a specific value within its apply.cgi module. A remote attacker with administrator privilege can exploit this vulnerability to perform remote arbitrary code execution, arbitrary system operation or disrupt service.\n\n" - }, - { - "lang": "es", - "value": "Se identificó una vulnerabilidad de cadena de formato en la API de función general de ASUS RT-AX56U V2. Esta vulnerabilidad se debe a la falta de validación de un valor específico dentro de su módulo apply.cgi. Un atacante remoto no autenticado puede aprovechar esta vulnerabilidad sin privilegios para realizar la ejecución remota de código arbitrario, el funcionamiento arbitrario del sistema o interrumpir el servicio." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "twcert@cert.org.tw", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.2, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.2, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "twcert@cert.org.tw", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-134" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:asus:rt-ax55_firmware:3.0.0.4.386_50460:*:*:*:*:*:*:*", - "matchCriteriaId": "55D08B1A-85B6-4501-8998-E308F7633DF9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:asus:rt-ax55:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B8F27D4F-EDC4-4676-8C66-545378850BF1" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:asus:rt-ax56u_v2_firmware:3.0.0.4.386_50460:*:*:*:*:*:*:*", - "matchCriteriaId": "7201F0D9-5111-414B-8756-3B36838193CD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:asus:rt-ax56u_v2:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FFFF5EF7-E4EC-4DA0-82B4-9996087B951F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:asus:rt-ac86u_firmware:3.0.0.4_386_51529:*:*:*:*:*:*:*", - "matchCriteriaId": "E3A1AA3F-0CCF-41B0-B8D7-2D72D82C0261" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:asus:rt-ac86u:-:*:*:*:*:*:*:*", - "matchCriteriaId": "89095282-ABBD-4056-B731-7F05638DB1A6" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/https:\/\/www.twcert.org.tw\/tw\/cp-132-7355-0ce8d-1.html", - "source": "twcert@cert.org.tw", - "tags": [ - "Broken Link" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-39240", - "sourceIdentifier": "twcert@cert.org.tw", - "published": "2023-09-07T08:15:07.710", - "lastModified": "2024-03-27T07:15:48.047", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "\nIt is identified a format string vulnerability in ASUS RT-AX56U V2’s iperf client function API. This vulnerability is caused by lacking validation for a specific value within its set_iperf3_cli.cgi module. A remote attacker with administrator privilege can exploit this vulnerability to perform remote arbitrary code execution, arbitrary system operation or disrupt service.\n\n" - }, - { - "lang": "es", - "value": "Se identificó una vulnerabilidad de cadena de formato en la API de función de cliente iperf de ASUS RT-AX56U V2. Esta vulnerabilidad se debe a la falta de validación para un valor específico dentro de su módulo set_iperf3_cli.cgi. Un atacante remoto no autenticado puede aprovechar esta vulnerabilidad sin privilegios para realizar la ejecución remota de código arbitrario, el funcionamiento arbitrario del sistema o interrumpir el servicio." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "twcert@cert.org.tw", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.2, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.2, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "twcert@cert.org.tw", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-134" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:asus:rt-ax55_firmware:3.0.0.4.386_50460:*:*:*:*:*:*:*", - "matchCriteriaId": "55D08B1A-85B6-4501-8998-E308F7633DF9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:asus:rt-ax55:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B8F27D4F-EDC4-4676-8C66-545378850BF1" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:asus:rt-ax56u_v2_firmware:3.0.0.4.386_50460:*:*:*:*:*:*:*", - "matchCriteriaId": "7201F0D9-5111-414B-8756-3B36838193CD" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:asus:rt-ax56u_v2:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FFFF5EF7-E4EC-4DA0-82B4-9996087B951F" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:asus:rt-ac86u_firmware:3.0.0.4_386_51529:*:*:*:*:*:*:*", - "matchCriteriaId": "E3A1AA3F-0CCF-41B0-B8D7-2D72D82C0261" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:asus:rt-ac86u:-:*:*:*:*:*:*:*", - "matchCriteriaId": "89095282-ABBD-4056-B731-7F05638DB1A6" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.twcert.org.tw\/tw\/cp-132-7356-021bf-1.html", - "source": "twcert@cert.org.tw", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2021-40698", - "sourceIdentifier": "psirt@adobe.com", - "published": "2023-09-07T13:15:07.160", - "lastModified": "2023-11-07T03:38:38.247", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "ColdFusion version 2021 update 1 (and earlier) and versions 2018.10 (and earlier) are impacted by an Use of Inherently Dangerous Function vulnerability that can lead to a security feature bypass  . An authenticated attacker could leverage this vulnerability to access and manipulate arbitrary data on the environment. " - }, - { - "lang": "es", - "value": "ColdFusion versión 2021 update 1 (y anteriores) y las versiones 2018.10 (y anteriores) se ven afectadas por una vulnerabilidad de uso de funciones inherentemente peligrosas que puede provocar una omisión de característica de seguridad (previsiblemente). Un atacante autenticado podría aprovechar esta vulnerabilidad para obtener acceso y manipular datos arbitrarios en el entorno." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:C\/C:L\/I:L\/A:L", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "LOW", - "baseScore": 7.4, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 3.1, - "impactScore": 3.7 - }, - { - "source": "psirt@adobe.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:C\/C:L\/I:L\/A:L", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "LOW", - "baseScore": 7.4, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 3.1, - "impactScore": 3.7 - } - ] - }, - "weaknesses": [ - { - "source": "psirt@adobe.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-242" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:coldfusion:*:*:*:*:*:*:*:*", - "versionEndExcluding": "2018", - "matchCriteriaId": "1280A922-1722-4AEC-9D84-275B6FC91C80" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:coldfusion:2018:-:*:*:*:*:*:*", - "matchCriteriaId": "3B54B2B0-B1E1-4B4E-A529-D0BD3B5DEEF3" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:coldfusion:2018:update1:*:*:*:*:*:*", - "matchCriteriaId": "EDB126BF-E09D-4E58-A39F-1190407D1CAB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:coldfusion:2018:update10:*:*:*:*:*:*", - "matchCriteriaId": "8DDD85DF-69A0-476F-8365-CD67C75CF0CE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:coldfusion:2018:update2:*:*:*:*:*:*", - "matchCriteriaId": "59649177-81EE-43C3-BFA5-E56E65B486DF" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:coldfusion:2018:update3:*:*:*:*:*:*", - "matchCriteriaId": "453B96ED-738A-4642-B461-C5216CF45CA3" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:coldfusion:2018:update4:*:*:*:*:*:*", - "matchCriteriaId": "58D32489-627B-4E49-9329-8A3B8F8E4903" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:coldfusion:2018:update5:*:*:*:*:*:*", - "matchCriteriaId": "6D5860E1-D293-48FE-9796-058B78B2D571" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:coldfusion:2018:update6:*:*:*:*:*:*", - "matchCriteriaId": "9F9336CC-E38F-4BCB-83CD-805EC7FEF806" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:coldfusion:2018:update7:*:*:*:*:*:*", - "matchCriteriaId": "97964507-047A-4CC8-8D2B-0EA0C7F9BD50" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:coldfusion:2018:update8:*:*:*:*:*:*", - "matchCriteriaId": "82208628-F32A-4380-9B0F-DC8507E7701D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:coldfusion:2018:update9:*:*:*:*:*:*", - "matchCriteriaId": "1563CE5E-A4F7-40A4-A050-BB96E332D8DD" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:coldfusion:2021:-:*:*:*:*:*:*", - "matchCriteriaId": "7A94B406-C011-4673-8C2B-0DD94D46CC4C" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/helpx.adobe.com\/security\/products\/coldfusion\/apsb21-75.html", - "source": "psirt@adobe.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2021-40699", - "sourceIdentifier": "psirt@adobe.com", - "published": "2023-09-07T13:15:07.300", - "lastModified": "2023-09-12T11:56:32.567", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "ColdFusion version 2021 update 1 (and earlier) and versions 2018.10 (and earlier) are impacted by an improper access control vulnerability when checking permissions in the CFIDE path. An authenticated attacker could leverage this vulnerability to access and manipulate arbitrary data on the environment. " - }, - { - "lang": "es", - "value": "ColdFusion versión 2021 update 1 (y anteriores) y las versiones 2018.10 (y anteriores) se ven afectadas por una vulnerabilidad de control de acceso incorrecta al comprobar los permisos en la ruta CFIDE. Un atacante autenticado podría aprovechar esta vulnerabilidad para obtener acceso y manipular datos arbitrarios en el entorno." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:C\/C:L\/I:L\/A:L", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "LOW", - "baseScore": 7.4, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 3.1, - "impactScore": 3.7 - }, - { - "source": "psirt@adobe.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:C\/C:L\/I:L\/A:L", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "LOW", - "baseScore": 7.4, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 3.1, - "impactScore": 3.7 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "NVD-CWE-Other" - } - ] - }, - { - "source": "psirt@adobe.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-284" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:coldfusion:*:*:*:*:*:*:*:*", - "versionEndExcluding": "2018", - "matchCriteriaId": "1280A922-1722-4AEC-9D84-275B6FC91C80" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:coldfusion:2018:-:*:*:*:*:*:*", - "matchCriteriaId": "3B54B2B0-B1E1-4B4E-A529-D0BD3B5DEEF3" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:coldfusion:2018:update1:*:*:*:*:*:*", - "matchCriteriaId": "EDB126BF-E09D-4E58-A39F-1190407D1CAB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:coldfusion:2018:update10:*:*:*:*:*:*", - "matchCriteriaId": "8DDD85DF-69A0-476F-8365-CD67C75CF0CE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:coldfusion:2018:update2:*:*:*:*:*:*", - "matchCriteriaId": "59649177-81EE-43C3-BFA5-E56E65B486DF" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:coldfusion:2018:update3:*:*:*:*:*:*", - "matchCriteriaId": "453B96ED-738A-4642-B461-C5216CF45CA3" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:coldfusion:2018:update4:*:*:*:*:*:*", - "matchCriteriaId": "58D32489-627B-4E49-9329-8A3B8F8E4903" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:coldfusion:2018:update5:*:*:*:*:*:*", - "matchCriteriaId": "6D5860E1-D293-48FE-9796-058B78B2D571" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:coldfusion:2018:update6:*:*:*:*:*:*", - "matchCriteriaId": "9F9336CC-E38F-4BCB-83CD-805EC7FEF806" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:coldfusion:2018:update7:*:*:*:*:*:*", - "matchCriteriaId": "97964507-047A-4CC8-8D2B-0EA0C7F9BD50" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:coldfusion:2018:update8:*:*:*:*:*:*", - "matchCriteriaId": "82208628-F32A-4380-9B0F-DC8507E7701D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:coldfusion:2018:update9:*:*:*:*:*:*", - "matchCriteriaId": "1563CE5E-A4F7-40A4-A050-BB96E332D8DD" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:coldfusion:2021:-:*:*:*:*:*:*", - "matchCriteriaId": "7A94B406-C011-4673-8C2B-0DD94D46CC4C" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/helpx.adobe.com\/security\/products\/coldfusion\/apsb21-75.html", - "source": "psirt@adobe.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2021-40723", - "sourceIdentifier": "psirt@adobe.com", - "published": "2023-09-07T13:15:07.393", - "lastModified": "2023-11-15T03:38:06.733", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file." - }, - { - "lang": "es", - "value": "Las versiones 2020.013.20074 (y anteriores), 2020.001.30018 (y anteriores) y 2017.011.30188 (y anteriores) de Acrobat Reader DC están afectadas por una vulnerabilidad de lectura fuera de los límites que podría provocar la divulgación de memoria confidencial. Un atacante podría aprovechar esta vulnerabilidad para omitir mitigaciones como ASLR. La explotación de este problema requiere la interacción del usuario en el sentido de que una víctima debe abrir un archivo malicioso." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "psirt@adobe.com", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 5.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.8, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "psirt@adobe.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-125" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", - "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:classic:*:*:*", - "versionEndExcluding": "20.001.30020", - "matchCriteriaId": "22B4033C-15BF-4A03-8E73-A23359EC85EA" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:classic:*:*:*", - "versionStartIncluding": "20.0", - "versionEndExcluding": "20.001.30020", - "matchCriteriaId": "01E7E69D-19CC-4E96-B861-46E9365E97CD" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*", - "versionEndExcluding": "21.001.20135", - "matchCriteriaId": "B24ACA68-A029-45FA-9B56-AA1D31BC7486" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:classic:*:*:*", - "versionEndExcluding": "17.011.30190", - "matchCriteriaId": "9ADAFEDA-2810-4B7C-9475-3B2BE8F70812" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:classic:*:*:*", - "versionStartIncluding": "20.0", - "versionEndExcluding": "20.001.30020", - "matchCriteriaId": "1AEE9144-03DF-4BE9-92C2-605CDDD62C6F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*", - "versionEndExcluding": "21.001.20135", - "matchCriteriaId": "23FA6FFE-263D-447D-99B0-C3EE935EAABF" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/helpx.adobe.com\/security\/products\/acrobat\/apsb21-09.html", - "source": "psirt@adobe.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2021-40790", - "sourceIdentifier": "psirt@adobe.com", - "published": "2023-09-07T13:15:07.507", - "lastModified": "2023-09-11T14:30:30.213", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Adobe Premiere Pro versions 22.0 (and earlier) and 15.4.2 (and earlier) are affected by an Use-After-Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file." - }, - { - "lang": "es", - "value": "Las versiones 22.0 (y anteriores) y 15.4.2 (y anteriores) de Adobe Premiere Pro se ven afectadas por una vulnerabilidad de lectura fuera de los límites que podría provocar la divulgación de memoria sensible. Un atacante podría aprovechar esta vulnerabilidad para evitar mitigaciones como ASLR. La explotación de este problema requiere la interacción del usuario, ya que la víctima debe abrir un archivo malicioso.\n" - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 5.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.8, - "impactScore": 3.6 - }, - { - "source": "psirt@adobe.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 5.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.8, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-416" - } - ] - }, - { - "source": "psirt@adobe.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-416" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:premiere_pro:*:*:*:*:*:*:*:*", - "versionEndExcluding": "15.4.3", - "matchCriteriaId": "BBB0B918-2D63-45CD-B1F2-9660207DCD9F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:premiere_pro:*:*:*:*:*:*:*:*", - "versionStartIncluding": "22.0", - "versionEndExcluding": "22.1.1", - "matchCriteriaId": "08C35A95-8F50-4A12-9809-8FE50F1AB75B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", - "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/helpx.adobe.com\/security\/products\/premiere_pro\/apsb21-117.html", - "source": "psirt@adobe.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2021-40791", - "sourceIdentifier": "psirt@adobe.com", - "published": "2023-09-07T13:15:07.597", - "lastModified": "2023-09-11T14:30:19.897", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Adobe Premiere Pro versions 22.0 (and earlier) and 15.4.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file." - }, - { - "lang": "es", - "value": "Las versiones 22.0 (y anteriores) y 15.4.2 (y anteriores) de Adobe Premiere Pro se ven afectadas por una vulnerabilidad de lectura fuera de los límites que podría provocar la divulgación de memoria sensible. Un atacante podría aprovechar esta vulnerabilidad para evitar mitigaciones como ASLR. La explotación de este problema requiere la interacción del usuario, ya que la víctima debe abrir un archivo malicioso.\n" - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 5.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.8, - "impactScore": 3.6 - }, - { - "source": "psirt@adobe.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 5.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.8, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "psirt@adobe.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-125" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:premiere_pro:*:*:*:*:*:*:*:*", - "versionEndExcluding": "15.4.3", - "matchCriteriaId": "BBB0B918-2D63-45CD-B1F2-9660207DCD9F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:premiere_pro:*:*:*:*:*:*:*:*", - "versionStartIncluding": "22.0", - "versionEndExcluding": "22.1.1", - "matchCriteriaId": "08C35A95-8F50-4A12-9809-8FE50F1AB75B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", - "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/helpx.adobe.com\/security\/products\/premiere_pro\/apsb21-117.html", - "source": "psirt@adobe.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2021-40795", - "sourceIdentifier": "psirt@adobe.com", - "published": "2023-09-07T13:15:07.683", - "lastModified": "2023-09-11T14:30:05.667", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Adobe Premiere Pro versions 22.0 (and earlier) and 15.4.2 (and earlier) are affected by an out-of-bounds read vulnerability which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." - }, - { - "lang": "es", - "value": "Las versiones 22.0 (y anteriores) y 15.4.2 (y anteriores) de Adobe Premiere Pro se ven afectadas por una vulnerabilidad de lectura fuera de los límites que podría provocar una lectura más allá del final de una estructura de memoria asignada. Un atacante podría aprovechar esta vulnerabilidad para ejecutar código en el contexto del usuario actual. La explotación de este problema requiere la interacción del usuario, ya que la víctima debe abrir un archivo malicioso.\n" - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - }, - { - "source": "psirt@adobe.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "psirt@adobe.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-125" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:premiere_pro:*:*:*:*:*:*:*:*", - "versionEndExcluding": "15.4.3", - "matchCriteriaId": "BBB0B918-2D63-45CD-B1F2-9660207DCD9F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:premiere_pro:*:*:*:*:*:*:*:*", - "versionStartIncluding": "22.0", - "versionEndExcluding": "22.1.1", - "matchCriteriaId": "08C35A95-8F50-4A12-9809-8FE50F1AB75B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", - "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/helpx.adobe.com\/security\/products\/premiere_pro\/apsb21-117.html", - "source": "psirt@adobe.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2021-42265", - "sourceIdentifier": "psirt@adobe.com", - "published": "2023-09-07T13:15:07.777", - "lastModified": "2023-09-11T14:29:54.693", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Adobe Premiere Pro versions 22.0 (and earlier) and 15.4.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file." - }, - { - "lang": "es", - "value": "Las versiones 22.0 (y anteriores) y 15.4.2 (y anteriores) de Adobe Premiere Pro se ven afectadas por una vulnerabilidad de lectura fuera de los límites que podría provocar la divulgación de memoria sensible. Un atacante podría aprovechar esta vulnerabilidad para evitar mitigaciones como ASLR. La explotación de este problema requiere la interacción del usuario, ya que la víctima debe abrir un archivo malicioso.\n" - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 5.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.8, - "impactScore": 3.6 - }, - { - "source": "psirt@adobe.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 5.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.8, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "psirt@adobe.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-125" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:premiere_pro:*:*:*:*:*:*:*:*", - "versionEndExcluding": "15.4.3", - "matchCriteriaId": "BBB0B918-2D63-45CD-B1F2-9660207DCD9F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:premiere_pro:*:*:*:*:*:*:*:*", - "versionStartIncluding": "22.0", - "versionEndExcluding": "22.1.1", - "matchCriteriaId": "08C35A95-8F50-4A12-9809-8FE50F1AB75B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", - "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/helpx.adobe.com\/security\/products\/premiere_pro\/apsb21-117.html", - "source": "psirt@adobe.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2021-42734", - "sourceIdentifier": "psirt@adobe.com", - "published": "2023-09-07T13:15:07.883", - "lastModified": "2023-11-07T03:39:14.113", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Adobe Photoshop version 22.5.1  and earlier versions   are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file." - }, - { - "lang": "es", - "value": "Adobe Photoshop versión 22.5.1 y versiones anteriores (previsiblemente) están afectados por una vulnerabilidad de lectura fuera de los límites que podría provocar la divulgación de memoria sensible. Un atacante podría aprovechar esta vulnerabilidad para omitir mitigaciones como ASLR. La explotación de este problema requiere la interacción del usuario, en el sentido de que una víctima debe abrir un archivo malicioso." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 5.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.8, - "impactScore": 3.6 - }, - { - "source": "psirt@adobe.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 5.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.8, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "psirt@adobe.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-125" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", - "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:photoshop:*:*:*:*:*:*:*:*", - "versionEndIncluding": "22.5.1", - "matchCriteriaId": "EB5EE5D2-7CC5-4D1E-A18F-A37265904105" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/helpx.adobe.com\/security\/products\/photoshop\/apsb21-109.html", - "source": "psirt@adobe.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2021-43018", - "sourceIdentifier": "psirt@adobe.com", - "published": "2023-09-07T13:15:07.973", - "lastModified": "2023-09-12T14:15:24.477", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Adobe Photoshop versions 23.0.2 and 22.5.4 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious JPG file." - }, - { - "lang": "es", - "value": "Las versiones 23.0.2 y 22.5.4 (y anteriores) de Adobe Photoshop están afectadas por una vulnerabilidad de escritura fuera de los límites que podría provocar la ejecución de código arbitrario en el contexto del usuario actual. La explotación de este problema requiere la interacción del usuario, en el sentido de que una víctima debe abrir un archivo JPG malicioso." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "psirt@adobe.com", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "psirt@adobe.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-787" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:photoshop:*:*:*:*:*:*:*:*", - "versionStartIncluding": "22.0", - "versionEndExcluding": "22.5.4", - "matchCriteriaId": "12091466-A5F1-49E9-8D3F-E19D64FE3AE2" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:photoshop:*:*:*:*:*:*:*:*", - "versionStartIncluding": "23.0.0", - "versionEndExcluding": "23.0.2", - "matchCriteriaId": "24B3FCD4-4504-4DA9-936E-197D45BCA1CC" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", - "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/helpx.adobe.com\/security\/products\/photoshop\/apsb21-113.html", - "source": "psirt@adobe.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2021-43027", - "sourceIdentifier": "psirt@adobe.com", - "published": "2023-09-07T13:15:08.057", - "lastModified": "2023-09-14T13:15:08.027", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Adobe After Effects versions 22.0 (and earlier) and 18.4.2 (and earlier) are affected by an out-of-bounds read vulnerability which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." - }, - { - "lang": "es", - "value": "Las versiones 22.0 (y anteriores) y 18.4.2 (y anteriores) de Adobe After Effects están afectadas por una vulnerabilidad de lectura fuera de los límites que podría provocar una lectura más allá del final de una estructura de memoria asignada. Un atacante podría aprovechar esta vulnerabilidad para ejecutar código en el contexto del usuario actual. La explotación de este problema requiere la interacción del usuario en el sentido de que una víctima debe abrir un archivo malicioso." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "psirt@adobe.com", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - }, - { - "source": "nvd@nist.gov", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "psirt@adobe.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-125" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:after_effects:*:*:*:*:*:*:*:*", - "versionEndIncluding": "18.4.2", - "matchCriteriaId": "72865AD1-349D-4960-B0C5-DC622BF08C9C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:after_effects:*:*:*:*:*:*:*:*", - "versionStartIncluding": "22.0", - "versionEndExcluding": "22.1.1", - "matchCriteriaId": "21A4435A-A7A4-4092-8968-AA5518898EB2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", - "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/helpx.adobe.com\/security\/products\/after_effects\/apsb21-115.html", - "source": "psirt@adobe.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2021-43751", - "sourceIdentifier": "psirt@adobe.com", - "published": "2023-09-07T13:15:08.140", - "lastModified": "2023-09-11T14:29:25.530", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Adobe Premiere Pro versions 22.0 (and earlier) and 15.4.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file." - }, - { - "lang": "es", - "value": "Las versiones 22.0 (y anteriores) y 15.4.2 (y anteriores) de Adobe Premiere Pro se ven afectadas por una vulnerabilidad de lectura fuera de los límites que podría provocar la divulgación de memoria sensible. Un atacante podría aprovechar esta vulnerabilidad para evitar mitigaciones como ASLR. La explotación de este problema requiere la interacción del usuario, ya que la víctima debe abrir un archivo malicioso.\n" - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:L\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 3.3, - "baseSeverity": "LOW" - }, - "exploitabilityScore": 1.8, - "impactScore": 1.4 - }, - { - "source": "psirt@adobe.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:L\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 3.3, - "baseSeverity": "LOW" - }, - "exploitabilityScore": 1.8, - "impactScore": 1.4 - } - ] - }, - "weaknesses": [ - { - "source": "psirt@adobe.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-125" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:premiere_pro:*:*:*:*:*:*:*:*", - "versionEndExcluding": "15.4.3", - "matchCriteriaId": "BBB0B918-2D63-45CD-B1F2-9660207DCD9F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:premiere_pro:*:*:*:*:*:*:*:*", - "versionStartIncluding": "22.0", - "versionEndExcluding": "22.1.1", - "matchCriteriaId": "08C35A95-8F50-4A12-9809-8FE50F1AB75B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", - "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/helpx.adobe.com\/security\/products\/premiere_pro\/apsb21-117.html", - "source": "psirt@adobe.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2021-43753", - "sourceIdentifier": "psirt@adobe.com", - "published": "2023-09-07T13:15:08.230", - "lastModified": "2023-09-14T15:57:16.997", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Adobe Lightroom versions 4.4 (and earlier) are affected by a use-after-free vulnerability in the processing of parsing TIF files that could result in privilege escalation. Exploitation of this issue requires user interaction in that a victim must open a malicious file." - }, - { - "lang": "es", - "value": "Las versiones 4.4 (y anteriores) de Adobe Lightroom están afectadas por una vulnerabilidad de Use-After-Free en el procesamiento de archivos TIF que podría provocar una escalada de privilegios. La explotación de este problema requiere la interacción del usuario en el sentido de que una víctima debe abrir un archivo malicioso." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "psirt@adobe.com", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - }, - { - "source": "nvd@nist.gov", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "psirt@adobe.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-416" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:lightroom:*:*:*:*:*:*:*:*", - "versionEndExcluding": "5.1", - "matchCriteriaId": "8E2E74BF-FEE5-4540-8D1B-F6CBD6C3EE5E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/helpx.adobe.com\/security\/products\/lightroom\/apsb21-119.html", - "source": "psirt@adobe.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2021-44188", - "sourceIdentifier": "psirt@adobe.com", - "published": "2023-09-07T13:15:08.317", - "lastModified": "2023-09-11T14:28:55.657", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Adobe After Effects versions 22.0 (and earlier) and 18.4.2 (and earlier) are affected by an out-of-bounds read vulnerability which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." - }, - { - "lang": "es", - "value": "Las versiones 22.0 (y anteriores) y 18.4.2 (y anteriores) de Adobe After Effects se ven afectadas por una vulnerabilidad de lectura fuera de los límites que podría provocar una lectura más allá del final de una estructura de memoria asignada. Un atacante podría aprovechar esta vulnerabilidad para ejecutar código en el contexto del usuario actual. La explotación de este problema requiere la interacción del usuario, ya que la víctima debe abrir un archivo malicioso.\n" - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - }, - { - "source": "psirt@adobe.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "psirt@adobe.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-125" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", - "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:after_effects:*:*:*:*:*:*:*:*", - "versionEndIncluding": "18.4.2", - "matchCriteriaId": "72865AD1-349D-4960-B0C5-DC622BF08C9C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:after_effects:*:*:*:*:*:*:*:*", - "versionStartIncluding": "22.0", - "versionEndExcluding": "22.1.1", - "matchCriteriaId": "21A4435A-A7A4-4092-8968-AA5518898EB2" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/helpx.adobe.com\/security\/products\/after_effects\/apsb21-115.html", - "source": "psirt@adobe.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-36635", - "sourceIdentifier": "psirt@fortinet.com", - "published": "2023-09-07T13:15:08.433", - "lastModified": "2023-11-07T04:16:39.410", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "An improper access control in Fortinet FortiSwitchManager version 7.2.0 through 7.2.2\r\n7.0.0 through 7.0.1 may allow a remote authenticated read-only user to modify the interface settings via the API." - }, - { - "lang": "es", - "value": "Un control de acceso incorrecto en Fortinet FortiSwitchManager, versiones 7.2.0 a 7.2.2 y versiones 7.0.0 a 7.0.1, puede permitir que un usuario remoto autenticado con permisos de solo lectura modifique la configuración de la interfaz a través de la API." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:N\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 4.3, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 1.4 - }, - { - "source": "psirt@fortinet.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:N\/I:L\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "LOW", - "availabilityImpact": "HIGH", - "baseScore": 7.1, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.8, - "impactScore": 4.2 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "NVD-CWE-Other" - } - ] - }, - { - "source": "psirt@fortinet.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-284" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:fortinet:fortiswitchmanager:7.0.0:*:*:*:*:*:*:*", - "matchCriteriaId": "5B4A6B0D-1614-443B-8EBA-A8FBC2E1A832" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:fortinet:fortiswitchmanager:7.0.1:*:*:*:*:*:*:*", - "matchCriteriaId": "331A1766-4EBA-4519-A8ED-E0DD68A187E9" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:fortinet:fortiswitchmanager:7.2.0:*:*:*:*:*:*:*", - "matchCriteriaId": "2B73D78B-2270-45B7-854E-F985B8D88F3B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:fortinet:fortiswitchmanager:7.2.1:*:*:*:*:*:*:*", - "matchCriteriaId": "469E9E1C-154C-41CB-AC83-FBE5E6FA83EB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:fortinet:fortiswitchmanager:7.2.2:*:*:*:*:*:*:*", - "matchCriteriaId": "959248C7-DC92-4968-87F9-2A2CDF84F7BE" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/fortiguard.com\/psirt\/FG-IR-22-174", - "source": "psirt@fortinet.com", - "tags": [ - "Not Applicable", - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-39420", - "sourceIdentifier": "cve-requests@bitdefender.com", - "published": "2023-09-07T13:15:08.517", - "lastModified": "2023-09-12T14:11:24.750", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "The RDPCore.dll component as used in the IRM Next Generation booking engine, allows a remote user to connect to customers with an \"admin\" account and a corresponding password computed daily by a routine inside the DLL file. Once reverse-engineered, this routine can help an attacker generate the daily password and connect to application customers. Given that this is an administrative account, anyone logging into a customer deployment has full, unrestricted access to the application." - }, - { - "lang": "es", - "value": "El componente RDPCore.dll tal como se usa en el motor de booking de IRM Next Generation, permite a un usuario remoto conectarse a los clientes con una cuenta \"admin\" y una contraseña correspondiente calculada diariamente por una rutina dentro del archivo DLL. Una vez realizada la ingeniería inversa, esta rutina puede ayudar a un atacante a generar la contraseña diaria y conectarse con los clientes de la aplicación. Dado que se trata de una cuenta administrativa, cualquier persona que inicie sesión en un deploy de cliente tiene acceso completo y sin restricciones a la aplicación." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.8, - "impactScore": 5.9 - }, - { - "source": "cve-requests@bitdefender.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:C\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "CHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 9.9, - "baseSeverity": "CRITICAL" - }, - "exploitabilityScore": 3.1, - "impactScore": 6.0 - } - ] - }, - "weaknesses": [ - { - "source": "cve-requests@bitdefender.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-798" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:resortdata:internet_reservation_module_next_generation:5.3.2.15:*:*:*:*:*:*:*", - "matchCriteriaId": "D9D4E8D4-6E26-4EEE-BFB6-FA4BB522808C" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/bitdefender.com\/blog\/labs\/check-out-with-extra-charges-vulnerabilities-in-hotel-booking-engine-explained\/", - "source": "cve-requests@bitdefender.com", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-39421", - "sourceIdentifier": "cve-requests@bitdefender.com", - "published": "2023-09-07T13:15:08.617", - "lastModified": "2023-09-12T00:08:23.007", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "The RDPWin.dll component as used in the IRM Next Generation booking engine includes a set of hardcoded API keys for third-party services such as Twilio and Vonage. These keys allow unrestricted interaction with these services." - }, - { - "lang": "es", - "value": "El componente RDPWin.dll tal como se usa en el motor de reservas de IRM Next Generation incluye un conjunto de claves de API codificadas de forma rígida para servicios de terceros como Twilio y Vonage. Estas claves permiten una interacción sin restricciones con estos servicios.\n" - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:C\/C:H\/I:N\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "CHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 7.7, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 3.1, - "impactScore": 4.0 - }, - { - "source": "cve-requests@bitdefender.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:C\/C:H\/I:N\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "CHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 7.7, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 3.1, - "impactScore": 4.0 - } - ] - }, - "weaknesses": [ - { - "source": "cve-requests@bitdefender.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-798" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:resortdata:internet_reservation_module_next_generation:5.4.1.23:*:*:*:*:*:*:*", - "matchCriteriaId": "579767F6-293C-43C0-8ECF-CE14E7BE16A9" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/bitdefender.com\/blog\/labs\/check-out-with-extra-charges-vulnerabilities-in-hotel-booking-engine-explained", - "source": "cve-requests@bitdefender.com", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-39422", - "sourceIdentifier": "cve-requests@bitdefender.com", - "published": "2023-09-07T13:15:08.710", - "lastModified": "2023-09-12T00:08:38.390", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "The \/irmdata\/api\/ endpoints exposed by the IRM Next Generation booking engine authenticates requests using HMAC tokens. These tokens are however exposed in a JavaScript file loaded on the client side, thus rendering this extra safety mechanism useless." - }, - { - "lang": "es", - "value": "Los extremos \/irmdata\/api\/ endpoints expuestos por el motor de reservas de IRM Next Generation autentican las solicitudes mediante tokens HMAC. Sin embargo, estos tokens se exponen en un archivo JavaScript cargado en el lado del cliente, lo que hace que este mecanismo de seguridad adicional sea inútil. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL" - }, - "exploitabilityScore": 3.9, - "impactScore": 5.9 - }, - { - "source": "cve-requests@bitdefender.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 6.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 3.9, - "impactScore": 2.5 - } - ] - }, - "weaknesses": [ - { - "source": "cve-requests@bitdefender.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-798" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:resortdata:internet_reservation_module_next_generation:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6BCCB65A-86A1-4C73-A33B-DE4E5B03F21F" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/bitdefender.com\/blog\/labs\/check-out-with-extra-charges-vulnerabilities-in-hotel-booking-engine-explained", - "source": "cve-requests@bitdefender.com", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-39423", - "sourceIdentifier": "cve-requests@bitdefender.com", - "published": "2023-09-07T13:15:08.837", - "lastModified": "2023-09-12T00:08:52.437", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "The RDPData.dll file exposes the \/irmdata\/api\/common endpoint that handles session IDs,  among other features. By using a UNION SQL operator, an attacker can leak the sessions table, obtain the currently valid sessions and impersonate a currently logged-in user.\n" - }, - { - "lang": "es", - "value": "El archivo RDPData.dll expone el extremo \/irmdata\/api\/common endpoint que controla los identificadores de sesión, entre otras características. Mediante el uso de un operador UNION SQL, un atacante puede filtrar la tabla de sesiones, obtener las sesiones actualmente válidas y suplantar a un usuario que ha iniciado sesión actualmente. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "NONE", - "baseScore": 9.1, - "baseSeverity": "CRITICAL" - }, - "exploitabilityScore": 3.9, - "impactScore": 5.2 - }, - { - "source": "cve-requests@bitdefender.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:C\/C:H\/I:N\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "CHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 8.6, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 3.9, - "impactScore": 4.0 - } - ] - }, - "weaknesses": [ - { - "source": "cve-requests@bitdefender.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-89" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:resortdata:internet_reservation_module_next_generation:5.3.2.15:*:*:*:*:*:*:*", - "matchCriteriaId": "D9D4E8D4-6E26-4EEE-BFB6-FA4BB522808C" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/bitdefender.com\/blog\/labs\/check-out-with-extra-charges-vulnerabilities-in-hotel-booking-engine-explained", - "source": "cve-requests@bitdefender.com", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-39424", - "sourceIdentifier": "cve-requests@bitdefender.com", - "published": "2023-09-07T13:15:08.933", - "lastModified": "2023-09-12T00:09:32.553", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "A vulnerability in RDPngFileUpload.dll, as used in the IRM Next Generation booking system, allows a remote attacker to upload arbitrary content (such as a web shell component) to the SQL database and execute it with SYSTEM privileges. This vulnerability requires authentication to be exploited but can be paired with another vulnerability in the platform (CVE-2023-39420, which grants access to hardcoded credentials) to carry the attack without having assigned credentials. " - }, - { - "lang": "es", - "value": "Una vulnerabilidad en RDPngFileUpload.dll, como se usa en el sistema de reservas IRM Next Generation, permite a un atacante remoto cargar contenido arbitrario (como un componente de web shel) en la base de datos SQL y ejecutarlo con privilegios SYSTEM. Esta vulnerabilidad requiere que se aproveche la autenticación, pero puede combinarse con otra vulnerabilidad en la plataforma (CVE-2023-39420, que otorga acceso a credenciales codificadas) para llevar a cabo el ataque sin tener credenciales asignadas. \n" - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.8, - "impactScore": 5.9 - }, - { - "source": "cve-requests@bitdefender.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:C\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "CHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 9.9, - "baseSeverity": "CRITICAL" - }, - "exploitabilityScore": 3.1, - "impactScore": 6.0 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-434" - } - ] - }, - { - "source": "cve-requests@bitdefender.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-74" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:resortdata:internet_reservation_module_next_generation:5.3.2.15:*:*:*:*:*:*:*", - "matchCriteriaId": "D9D4E8D4-6E26-4EEE-BFB6-FA4BB522808C" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/bitdefender.com\/blog\/labs\/check-out-with-extra-charges-vulnerabilities-in-hotel-booking-engine-explained", - "source": "cve-requests@bitdefender.com", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-3747", - "sourceIdentifier": "cna@cloudflare.com", - "published": "2023-09-07T13:15:09.030", - "lastModified": "2023-09-13T19:29:34.330", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Zero Trust Administrators have the ability to disallow end users from disabling WARP on their devices. Override codes can also be created by the Administrators to allow a device to temporarily be disconnected from WARP, however, due to lack of server side validation, an attacker with local access to the device, could extend the maximum allowed disconnected time of WARP client granted by an override code by changing the date & time on the local device where WARP is running.\n\n" - }, - { - "lang": "es", - "value": "Los Administradores de Zero Trust tienen la capacidad de impedir que los usuarios finales deshabiliten WARP en sus dispositivos. Los administradores también pueden crear códigos de anulación para permitir que un dispositivo se desconecte temporalmente de WARP, sin embargo, debido a la falta de validación del lado del servidor, un atacante con acceso local al dispositivo podría extender el tiempo máximo permitido de desconexión del cliente WARP otorgado por un código de anulación cambiando la fecha y hora en el dispositivo local donde se ejecuta warp." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:N\/I:N\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "availabilityImpact": "HIGH", - "baseScore": 5.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.8, - "impactScore": 3.6 - }, - { - "source": "cna@cloudflare.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:N\/I:N\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "availabilityImpact": "HIGH", - "baseScore": 5.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.8, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-565" - } - ] - }, - { - "source": "cna@cloudflare.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-602" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cloudflare:warp:6.29:*:*:*:*:android:*:*", - "matchCriteriaId": "15EC36C6-3608-4105-A54E-1255B3BF8015" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/developers.cloudflare.com\/cloudflare-one\/connections\/connect-devices\/warp\/configure-warp\/warp-settings\/#retrieve-the-override-code", - "source": "cna@cloudflare.com", - "tags": [ - "Technical Description" - ] - }, - { - "url": "https:\/\/play.google.com\/store\/apps\/details?id=com.cloudflare.onedotonedotonedotone", - "source": "cna@cloudflare.com", - "tags": [ - "Product" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2021-44189", - "sourceIdentifier": "psirt@adobe.com", - "published": "2023-09-07T14:15:07.843", - "lastModified": "2023-09-11T14:28:46.247", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Adobe After Effects versions 22.0 (and earlier) and 18.4.2 (and earlier) are affected by an Use-After-Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file." - }, - { - "lang": "es", - "value": "Las versiones 22.0 (y anteriores) y 18.4.2 (y anteriores) de Adobe After Effects se ven afectadas por una vulnerabilidad de lectura fuera de los límites que podría provocar la divulgación de memoria sensible. Un atacante podría aprovechar esta vulnerabilidad para evitar mitigaciones como ASLR. La explotación de este problema requiere la interacción del usuario, ya que la víctima debe abrir un archivo malicioso.\n" - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:L\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 3.3, - "baseSeverity": "LOW" - }, - "exploitabilityScore": 1.8, - "impactScore": 1.4 - }, - { - "source": "psirt@adobe.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:L\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 3.3, - "baseSeverity": "LOW" - }, - "exploitabilityScore": 1.8, - "impactScore": 1.4 - } - ] - }, - "weaknesses": [ - { - "source": "psirt@adobe.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-416" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:after_effects:*:*:*:*:*:*:*:*", - "versionEndIncluding": "18.4.2", - "matchCriteriaId": "72865AD1-349D-4960-B0C5-DC622BF08C9C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:after_effects:*:*:*:*:*:*:*:*", - "versionStartIncluding": "22.0", - "versionEndExcluding": "22.1.1", - "matchCriteriaId": "21A4435A-A7A4-4092-8968-AA5518898EB2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", - "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/helpx.adobe.com\/security\/products\/after_effects\/apsb21-115.html", - "source": "psirt@adobe.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2021-44190", - "sourceIdentifier": "psirt@adobe.com", - "published": "2023-09-07T14:15:08.187", - "lastModified": "2023-09-11T14:28:38.023", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Adobe After Effects versions 22.0 (and earlier) and 18.4.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file." - }, - { - "lang": "es", - "value": "Las versiones 22.0 (y anteriores) y 18.4.2 (y anteriores) de Adobe After Effects se ven afectadas por una vulnerabilidad de lectura fuera de los límites que podría provocar la divulgación de memoria sensible. Un atacante podría aprovechar esta vulnerabilidad para evitar mitigaciones como ASLR. La explotación de este problema requiere la interacción del usuario, ya que la víctima debe abrir un archivo malicioso.\n" - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:L\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 3.3, - "baseSeverity": "LOW" - }, - "exploitabilityScore": 1.8, - "impactScore": 1.4 - }, - { - "source": "psirt@adobe.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:L\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 3.3, - "baseSeverity": "LOW" - }, - "exploitabilityScore": 1.8, - "impactScore": 1.4 - } - ] - }, - "weaknesses": [ - { - "source": "psirt@adobe.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-125" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:after_effects:*:*:*:*:*:*:*:*", - "versionEndIncluding": "18.4.2", - "matchCriteriaId": "72865AD1-349D-4960-B0C5-DC622BF08C9C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:after_effects:*:*:*:*:*:*:*:*", - "versionStartIncluding": "22.0", - "versionEndExcluding": "22.1.1", - "matchCriteriaId": "21A4435A-A7A4-4092-8968-AA5518898EB2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", - "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/helpx.adobe.com\/security\/products\/after_effects\/apsb21-115.html", - "source": "psirt@adobe.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2021-44191", - "sourceIdentifier": "psirt@adobe.com", - "published": "2023-09-07T14:15:08.383", - "lastModified": "2023-09-11T14:28:31.323", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Adobe After Effects versions 22.0 (and earlier) and 18.4.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file." - }, - { - "lang": "es", - "value": "Las versiones 22.0 (y anteriores) y 18.4.2 (y anteriores) de Adobe After Effects se ven afectadas por una vulnerabilidad de lectura fuera de los límites que podría provocar la divulgación de memoria sensible. Un atacante podría aprovechar esta vulnerabilidad para evitar mitigaciones como ASLR. La explotación de este problema requiere la interacción del usuario, ya que la víctima debe abrir un archivo malicioso.\n" - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:L\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 3.3, - "baseSeverity": "LOW" - }, - "exploitabilityScore": 1.8, - "impactScore": 1.4 - }, - { - "source": "psirt@adobe.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:L\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 3.3, - "baseSeverity": "LOW" - }, - "exploitabilityScore": 1.8, - "impactScore": 1.4 - } - ] - }, - "weaknesses": [ - { - "source": "psirt@adobe.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-125" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:after_effects:*:*:*:*:*:*:*:*", - "versionEndIncluding": "18.4.2", - "matchCriteriaId": "72865AD1-349D-4960-B0C5-DC622BF08C9C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:after_effects:*:*:*:*:*:*:*:*", - "versionStartIncluding": "22.0", - "versionEndExcluding": "22.1.1", - "matchCriteriaId": "21A4435A-A7A4-4092-8968-AA5518898EB2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", - "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/helpx.adobe.com\/security\/products\/after_effects\/apsb21-115.html", - "source": "psirt@adobe.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2021-44192", - "sourceIdentifier": "psirt@adobe.com", - "published": "2023-09-07T14:15:08.573", - "lastModified": "2023-09-11T14:28:19.747", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Adobe After Effects versions 22.0 (and earlier) and 18.4.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file." - }, - { - "lang": "es", - "value": "Las versiones 22.0 (y anteriores) y 18.4.2 (y anteriores) de Adobe After Effects se ven afectadas por una vulnerabilidad de lectura fuera de los límites que podría provocar la divulgación de memoria sensible. Un atacante podría aprovechar esta vulnerabilidad para evitar mitigaciones como ASLR. La explotación de este problema requiere la interacción del usuario, ya que la víctima debe abrir un archivo malicioso.\n" - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:L\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 3.3, - "baseSeverity": "LOW" - }, - "exploitabilityScore": 1.8, - "impactScore": 1.4 - }, - { - "source": "psirt@adobe.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:L\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 3.3, - "baseSeverity": "LOW" - }, - "exploitabilityScore": 1.8, - "impactScore": 1.4 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-125" - } - ] - }, - { - "source": "psirt@adobe.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-125" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:after_effects:*:*:*:*:*:*:*:*", - "versionEndIncluding": "18.4.2", - "matchCriteriaId": "72865AD1-349D-4960-B0C5-DC622BF08C9C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:after_effects:*:*:*:*:*:*:*:*", - "versionStartIncluding": "22.0", - "versionEndExcluding": "22.1.1", - "matchCriteriaId": "21A4435A-A7A4-4092-8968-AA5518898EB2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", - "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/helpx.adobe.com\/security\/products\/after_effects\/apsb21-115.html", - "source": "psirt@adobe.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2021-44193", - "sourceIdentifier": "psirt@adobe.com", - "published": "2023-09-07T14:15:08.750", - "lastModified": "2023-09-11T14:31:15.820", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Adobe After Effects versions 22.0 (and earlier) and 18.4.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file." - }, - { - "lang": "es", - "value": "Las versiones 22.0 (y anteriores) y 18.4.2 (y anteriores) de Adobe After Effects se ven afectadas por una vulnerabilidad de lectura fuera de los límites que podría provocar la divulgación de memoria sensible. Un atacante podría aprovechar esta vulnerabilidad para evitar mitigaciones como ASLR. La explotación de este problema requiere la interacción del usuario, ya que la víctima debe abrir un archivo malicioso.\n" - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:L\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 3.3, - "baseSeverity": "LOW" - }, - "exploitabilityScore": 1.8, - "impactScore": 1.4 - }, - { - "source": "psirt@adobe.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:L\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 3.3, - "baseSeverity": "LOW" - }, - "exploitabilityScore": 1.8, - "impactScore": 1.4 - } - ] - }, - "weaknesses": [ - { - "source": "psirt@adobe.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-125" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:after_effects:*:*:*:*:*:*:*:*", - "versionEndIncluding": "18.4.2", - "matchCriteriaId": "72865AD1-349D-4960-B0C5-DC622BF08C9C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:after_effects:*:*:*:*:*:*:*:*", - "versionStartIncluding": "22.0", - "versionEndExcluding": "22.1.1", - "matchCriteriaId": "21A4435A-A7A4-4092-8968-AA5518898EB2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", - "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/helpx.adobe.com\/security\/products\/after_effects\/apsb21-115.html", - "source": "psirt@adobe.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2021-44194", - "sourceIdentifier": "psirt@adobe.com", - "published": "2023-09-07T14:15:08.943", - "lastModified": "2023-09-11T14:30:57.757", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Adobe After Effects versions 22.0 (and earlier) and 18.4.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file." - }, - { - "lang": "es", - "value": "Las versiones 22.0 (y anteriores) y 18.4.2 (y anteriores) de Adobe After Effects se ven afectadas por una vulnerabilidad de lectura fuera de los límites que podría provocar la divulgación de memoria sensible. Un atacante podría aprovechar esta vulnerabilidad para evitar mitigaciones como ASLR. La explotación de este problema requiere la interacción del usuario, ya que la víctima debe abrir un archivo malicioso.\n" - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:L\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 3.3, - "baseSeverity": "LOW" - }, - "exploitabilityScore": 1.8, - "impactScore": 1.4 - }, - { - "source": "psirt@adobe.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:L\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 3.3, - "baseSeverity": "LOW" - }, - "exploitabilityScore": 1.8, - "impactScore": 1.4 - } - ] - }, - "weaknesses": [ - { - "source": "psirt@adobe.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-125" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:after_effects:*:*:*:*:*:*:*:*", - "versionEndIncluding": "18.4.2", - "matchCriteriaId": "72865AD1-349D-4960-B0C5-DC622BF08C9C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:after_effects:*:*:*:*:*:*:*:*", - "versionStartIncluding": "22.0", - "versionEndExcluding": "22.1.1", - "matchCriteriaId": "21A4435A-A7A4-4092-8968-AA5518898EB2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", - "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/helpx.adobe.com\/security\/products\/after_effects\/apsb21-115.html", - "source": "psirt@adobe.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2021-44195", - "sourceIdentifier": "psirt@adobe.com", - "published": "2023-09-07T14:15:09.147", - "lastModified": "2023-09-11T14:30:39.200", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Adobe After Effects versions 22.0 (and earlier) and 18.4.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file." - }, - { - "lang": "es", - "value": "Las versiones 22.0 (y anteriores) y 18.4.2 (y anteriores) de Adobe After Effects se ven afectadas por una vulnerabilidad de lectura fuera de los límites que podría provocar la divulgación de memoria sensible. Un atacante podría aprovechar esta vulnerabilidad para evitar mitigaciones como ASLR. La explotación de este problema requiere la interacción del usuario, ya que la víctima debe abrir un archivo malicioso.\n" - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:L\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 3.3, - "baseSeverity": "LOW" - }, - "exploitabilityScore": 1.8, - "impactScore": 1.4 - }, - { - "source": "psirt@adobe.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:L\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 3.3, - "baseSeverity": "LOW" - }, - "exploitabilityScore": 1.8, - "impactScore": 1.4 - } - ] - }, - "weaknesses": [ - { - "source": "psirt@adobe.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-125" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:after_effects:*:*:*:*:*:*:*:*", - "versionEndIncluding": "18.4.2", - "matchCriteriaId": "72865AD1-349D-4960-B0C5-DC622BF08C9C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:after_effects:*:*:*:*:*:*:*:*", - "versionStartIncluding": "22.0", - "versionEndExcluding": "22.1.1", - "matchCriteriaId": "21A4435A-A7A4-4092-8968-AA5518898EB2" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", - "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/helpx.adobe.com\/security\/products\/after_effects\/apsb21-115.html", - "source": "psirt@adobe.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2022-30637", - "sourceIdentifier": "psirt@adobe.com", - "published": "2023-09-07T14:15:09.323", - "lastModified": "2023-09-09T03:42:43.520", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." - }, - { - "lang": "es", - "value": "Adobe Illustrator versiones 26.0.2 (y anteriores) y 25.4.5 (y anteriores), están afectadas por una vulnerabilidad de escritura fuera de límites que podría resultar en una ejecución de código arbitrario en el contexto del usuario actual. Una explotación de este problema requiere la interacción del usuario, ya que la víctima debe abrir un archivo malicioso" - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "psirt@adobe.com", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "psirt@adobe.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-787" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", - "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:illustrator:*:*:*:*:*:*:*:*", - "versionEndIncluding": "25.4.5", - "matchCriteriaId": "25E27770-27F5-4E91-94BD-C2091B3610F4" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:illustrator:*:*:*:*:*:*:*:*", - "versionStartIncluding": "26.0", - "versionEndIncluding": "26.0.2", - "matchCriteriaId": "77D1A8DD-C35A-440E-9403-9C8B93B4BDCA" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/helpx.adobe.com\/security\/products\/illustrator\/apsb22-26.html", - "source": "psirt@adobe.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2022-30638", - "sourceIdentifier": "psirt@adobe.com", - "published": "2023-09-07T14:15:09.487", - "lastModified": "2023-09-09T03:42:36.757", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." - }, - { - "lang": "es", - "value": "Las versiones 26.0.2 (y anteriores) y 25.4.5 (y anteriores) de Adobe Illustrator están afectadas por una vulnerabilidad de escritura fuera de los límites que podría dar lugar a la ejecución de código arbitrario en el contexto del usuario actual. La explotación de este problema requiere la interacción del usuario, ya que la víctima debe abrir un archivo malicioso. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "psirt@adobe.com", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "psirt@adobe.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-787" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:illustrator:*:*:*:*:*:*:*:*", - "versionEndIncluding": "25.4.5", - "matchCriteriaId": "25E27770-27F5-4E91-94BD-C2091B3610F4" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:illustrator:*:*:*:*:*:*:*:*", - "versionStartIncluding": "26.0", - "versionEndIncluding": "26.0.2", - "matchCriteriaId": "77D1A8DD-C35A-440E-9403-9C8B93B4BDCA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", - "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/helpx.adobe.com\/security\/products\/illustrator\/apsb22-26.html", - "source": "psirt@adobe.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2022-30639", - "sourceIdentifier": "psirt@adobe.com", - "published": "2023-09-07T14:15:09.690", - "lastModified": "2023-09-09T03:42:18.143", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." - }, - { - "lang": "es", - "value": "Adobe Illustrator versiones 26.0.2 (y anteriores) y 25.4.5 (y anteriores), están afectadas por una vulnerabilidad de escritura fuera de límites que podría resultar en una ejecución de código arbitrario en el contexto del usuario actual. Una explotación de este problema requiere la interacción del usuario, ya que la víctima debe abrir un archivo malicioso" - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "psirt@adobe.com", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "psirt@adobe.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-787" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:illustrator:*:*:*:*:*:*:*:*", - "versionEndIncluding": "25.4.5", - "matchCriteriaId": "25E27770-27F5-4E91-94BD-C2091B3610F4" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:illustrator:*:*:*:*:*:*:*:*", - "versionStartIncluding": "26.0", - "versionEndIncluding": "26.0.2", - "matchCriteriaId": "77D1A8DD-C35A-440E-9403-9C8B93B4BDCA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", - "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/helpx.adobe.com\/security\/products\/illustrator\/apsb22-26.html", - "source": "psirt@adobe.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2022-30640", - "sourceIdentifier": "psirt@adobe.com", - "published": "2023-09-07T14:15:09.930", - "lastModified": "2023-09-09T03:42:12.063", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." - }, - { - "lang": "es", - "value": "Las versiones 26.0.2 (y anteriores) y 25.4.5 (y anteriores) de Adobe Illustrator están afectadas por una vulnerabilidad de escritura fuera de los límites que podría dar lugar a la ejecución de código arbitrario en el contexto del usuario actual. La explotación de este problema requiere la interacción del usuario, ya que la víctima debe abrir un archivo malicioso. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "psirt@adobe.com", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "psirt@adobe.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-787" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:illustrator:*:*:*:*:*:*:*:*", - "versionEndIncluding": "25.4.5", - "matchCriteriaId": "25E27770-27F5-4E91-94BD-C2091B3610F4" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:illustrator:*:*:*:*:*:*:*:*", - "versionStartIncluding": "26.0", - "versionEndIncluding": "26.0.2", - "matchCriteriaId": "77D1A8DD-C35A-440E-9403-9C8B93B4BDCA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", - "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/helpx.adobe.com\/security\/products\/illustrator\/apsb22-26.html", - "source": "psirt@adobe.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2022-30641", - "sourceIdentifier": "psirt@adobe.com", - "published": "2023-09-07T14:15:10.057", - "lastModified": "2023-09-09T03:41:57.330", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." - }, - { - "lang": "es", - "value": "Las versiones 26.0.2 (y anteriores) y 25.4.5 (y anteriores) de Adobe Illustrator están afectadas por una vulnerabilidad de escritura fuera de los límites que podría dar lugar a la ejecución de código arbitrario en el contexto del usuario actual. La explotación de este problema requiere la interacción del usuario, ya que la víctima debe abrir un archivo malicioso." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "psirt@adobe.com", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-787" - } - ] - }, - { - "source": "psirt@adobe.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-787" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", - "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:illustrator:*:*:*:*:*:*:*:*", - "versionEndIncluding": "25.4.5", - "matchCriteriaId": "25E27770-27F5-4E91-94BD-C2091B3610F4" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:illustrator:*:*:*:*:*:*:*:*", - "versionStartIncluding": "26.0", - "versionEndIncluding": "26.0.2", - "matchCriteriaId": "77D1A8DD-C35A-440E-9403-9C8B93B4BDCA" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/helpx.adobe.com\/security\/products\/illustrator\/apsb22-26.html", - "source": "psirt@adobe.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2022-30642", - "sourceIdentifier": "psirt@adobe.com", - "published": "2023-09-07T14:15:10.253", - "lastModified": "2023-09-09T03:41:38.137", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." - }, - { - "lang": "es", - "value": "Las versiones 26.0.2 y (y anteriores) y 25.4.5 (y anteriores) de Adobe Illustrator están afectadas por una vulnerabilidad de escritura fuera de los límites que podría dar lugar a la ejecución de código arbitrario en el contexto del usuario actual. La explotación de este problema requiere la interacción del usuario, ya que la víctima debe abrir un archivo malicioso. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "psirt@adobe.com", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "psirt@adobe.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-787" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:illustrator:*:*:*:*:*:*:*:*", - "versionEndIncluding": "25.4.5", - "matchCriteriaId": "25E27770-27F5-4E91-94BD-C2091B3610F4" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:illustrator:*:*:*:*:*:*:*:*", - "versionStartIncluding": "26.0", - "versionEndIncluding": "26.0.2", - "matchCriteriaId": "77D1A8DD-C35A-440E-9403-9C8B93B4BDCA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", - "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/helpx.adobe.com\/security\/products\/illustrator\/apsb22-26.html", - "source": "psirt@adobe.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2022-30643", - "sourceIdentifier": "psirt@adobe.com", - "published": "2023-09-07T14:15:10.430", - "lastModified": "2023-09-09T03:41:29.023", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." - }, - { - "lang": "es", - "value": "Las versiones 26.0.2 (y anteriores) y 25.4.5 (y anteriores) de Adobe Illustrator están afectadas por una vulnerabilidad de escritura fuera de los límites que podría dar lugar a la ejecución de código arbitrario en el contexto del usuario actual. La explotación de este problema requiere la interacción del usuario, ya que la víctima debe abrir un archivo malicioso. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - }, - { - "source": "psirt@adobe.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "psirt@adobe.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-787" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:illustrator:*:*:*:*:*:*:*:*", - "versionEndIncluding": "25.4.5", - "matchCriteriaId": "25E27770-27F5-4E91-94BD-C2091B3610F4" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:illustrator:*:*:*:*:*:*:*:*", - "versionStartIncluding": "26.0", - "versionEndIncluding": "26.0.2", - "matchCriteriaId": "77D1A8DD-C35A-440E-9403-9C8B93B4BDCA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", - "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/helpx.adobe.com\/security\/products\/illustrator\/apsb22-26.html", - "source": "psirt@adobe.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2022-30644", - "sourceIdentifier": "psirt@adobe.com", - "published": "2023-09-07T14:15:10.707", - "lastModified": "2023-09-09T03:41:10.573", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlier) are affected by a Use-After-Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." - }, - { - "lang": "es", - "value": "Adobe Illustrator versiones 26.0.2 (y anteriores) y 25.4.5 (y anteriores), están afectadas por una vulnerabilidad de use-after-free que podría provocar la ejecución de código arbitrario en el contexto del usuario actual. La explotación de este problema requiere la interacción del usuario, ya que la víctima debe abrir un archivo malicioso." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "psirt@adobe.com", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "psirt@adobe.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-416" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:illustrator:*:*:*:*:*:*:*:*", - "versionEndIncluding": "25.4.5", - "matchCriteriaId": "25E27770-27F5-4E91-94BD-C2091B3610F4" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:illustrator:*:*:*:*:*:*:*:*", - "versionStartIncluding": "26.0", - "versionEndIncluding": "26.0.2", - "matchCriteriaId": "77D1A8DD-C35A-440E-9403-9C8B93B4BDCA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", - "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/helpx.adobe.com\/security\/products\/illustrator\/apsb22-26.html", - "source": "psirt@adobe.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2022-30645", - "sourceIdentifier": "psirt@adobe.com", - "published": "2023-09-07T14:15:10.910", - "lastModified": "2023-09-09T03:40:59.990", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." - }, - { - "lang": "es", - "value": "Las versiones 26.0.2 (y anteriores) y 25.4.5 (y anteriores) de Adobe Illustrator están afectadas por una vulnerabilidad de escritura fuera de los límites que podría dar lugar a la ejecución de código arbitrario en el contexto del usuario actual. La explotación de este problema requiere la interacción del usuario, ya que la víctima debe abrir un archivo malicioso. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "psirt@adobe.com", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "psirt@adobe.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-787" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:illustrator:*:*:*:*:*:*:*:*", - "versionEndIncluding": "25.4.5", - "matchCriteriaId": "25E27770-27F5-4E91-94BD-C2091B3610F4" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:illustrator:*:*:*:*:*:*:*:*", - "versionStartIncluding": "26.0", - "versionEndIncluding": "26.0.2", - "matchCriteriaId": "77D1A8DD-C35A-440E-9403-9C8B93B4BDCA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", - "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/helpx.adobe.com\/security\/products\/illustrator\/apsb22-26.html", - "source": "psirt@adobe.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2022-30646", - "sourceIdentifier": "psirt@adobe.com", - "published": "2023-09-07T14:15:11.183", - "lastModified": "2023-09-09T03:40:40.403", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." - }, - { - "lang": "es", - "value": "Las versiones 26.0.2 (y anteriores) y 25.4.5 (y anteriores) de Adobe Illustrator están afectadas por una vulnerabilidad de escritura fuera de los límites que podría dar lugar a la ejecución de código arbitrario en el contexto del usuario actual. La explotación de este problema requiere la interacción del usuario, ya que la víctima debe abrir un archivo malicioso. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "psirt@adobe.com", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "psirt@adobe.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-787" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", - "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:illustrator:*:*:*:*:*:*:*:*", - "versionEndIncluding": "25.4.5", - "matchCriteriaId": "25E27770-27F5-4E91-94BD-C2091B3610F4" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:adobe:illustrator:*:*:*:*:*:*:*:*", - "versionStartIncluding": "26.0", - "versionEndIncluding": "26.0.2", - "matchCriteriaId": "77D1A8DD-C35A-440E-9403-9C8B93B4BDCA" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/helpx.adobe.com\/security\/products\/illustrator\/apsb22-26.html", - "source": "psirt@adobe.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-39711", - "sourceIdentifier": "cve@mitre.org", - "published": "2023-09-07T15:15:07.697", - "lastModified": "2023-09-12T00:09:43.303", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Multiple cross-site scripting (XSS) vulnerabilities in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Subtotal and Paidbill parameters under the Add New Put section." - }, - { - "lang": "es", - "value": "Múltiples vulnerabilidades de Cross-Site Scripting (XSS) en Free and Open Source Inventory Management System v1.0 permiten a los atacantes ejecutar scripts web arbitrarios o HTML mediante la inyección de un payload manipulado en los parámetros Subtotal y Paidbill en la sección Agregar nueva." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 6.1, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 2.7 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-79" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:free_and_open_source_inventory_management_system_project:free_and_open_source_inventory_management_system:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "ED4E30A0-0847-427A-9B08-FB699FCC7958" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/gist.github.com\/Arajawat007\/1683f9640c0d62337e0bbe23569d1ea5#file-cve-2023-39711", - "source": "cve@mitre.org", - "tags": [ - "Exploit", - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/www.sourcecodester.com\/", - "source": "cve@mitre.org", - "tags": [ - "Product" - ] - }, - { - "url": "https:\/\/www.sourcecodester.com\/php\/16741\/free-and-open-source-inventory-management-system-php-source-code.html", - "source": "cve@mitre.org", - "tags": [ - "Product" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-40942", - "sourceIdentifier": "cve@mitre.org", - "published": "2023-09-07T15:15:07.767", - "lastModified": "2023-09-12T19:55:13.077", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Tenda AC9 V3.0BR_V15.03.06.42_multi_TD01 was discovered stack overflow via parameter 'firewall_value' at url \/goform\/SetFirewallCfg." - }, - { - "lang": "es", - "value": "Tenda AC9 V3.0BR_V15.03.06.42_multi_TD01 se descubrió un desbordamiento de pila a través del parámetro 'firewall_value' en url \/goform\/SetFirewallCfg." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL" - }, - "exploitabilityScore": 3.9, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-787" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:tendacn:ac9:3.0:*:*:*:*:*:*:*", - "matchCriteriaId": "CA49FEFD-41B5-4038-883D-989AB85D6CF5" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:tendacn:ac9_firmware:15.03.06.42_multi_td0:*:*:*:*:*:*:*", - "matchCriteriaId": "07B8F0DC-1319-4DA8-BAA9-2C6467607E4F" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/github.com\/GleamingEyes\/vul\/blob\/main\/tenda_ac9\/SetFirewallCfg.md", - "source": "cve@mitre.org", - "tags": [ - "Exploit", - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-30800", - "sourceIdentifier": "disclosure@vulncheck.com", - "published": "2023-09-07T16:15:07.670", - "lastModified": "2023-09-12T14:18:05.673", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "The web server used by MikroTik RouterOS version 6 is affected by a heap memory corruption issue. A remote and unauthenticated attacker can corrupt the server's heap memory by sending a crafted HTTP request. As a result, the web interface crashes and is immediately restarted. The issue was fixed in RouterOS 6.49.10 stable. RouterOS version 7 is not affected.\n" - }, - { - "lang": "es", - "value": "El servidor web utilizado por MikroTik RouterOS versión 6 se ve afectado por un problema de corrupción de memoria. Un atacante remoto y no autenticado puede dañar la memoria de almacenamiento dinámico del servidor mediante el envío de una solicitud HTTP manipulada. Como resultado, la interfaz web se bloquea y se reinicia inmediatamente. El problema se solucionó en RouterOS 6.49.10 stable. RouterOS versión 7 no se ve afectado." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:N\/I:N\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "availabilityImpact": "HIGH", - "baseScore": 7.5, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - }, - { - "source": "disclosure@vulncheck.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:N\/I:N\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "availabilityImpact": "HIGH", - "baseScore": 7.5, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-787" - } - ] - }, - { - "source": "disclosure@vulncheck.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-787" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:mikrotik:routeros:*:*:*:*:-:*:*:*", - "versionStartIncluding": "6.0", - "versionEndExcluding": "6.49.10", - "matchCriteriaId": "3C171D42-9A4F-43E0-BF7C-13A7FEC2F049" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/vulncheck.com\/advisories\/mikrotik-jsproxy-dos", - "source": "disclosure@vulncheck.com", - "tags": [ - "Exploit", - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-40060", - "sourceIdentifier": "psirt@solarwinds.com", - "published": "2023-09-07T16:15:08.227", - "lastModified": "2023-09-14T20:15:10.697", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "A vulnerability has been identified within Serv-U 15.4 and 15.4 Hotfix 1 that, if exploited, allows an actor to bypass multi-factor\/two-factor authentication. The actor must have administrator-level access to Serv-U to perform this action. \n15.4.  SolarWinds found that the issue was not completely fixed in 15.4 Hotfix 1. " - }, - { - "lang": "es", - "value": "Se ha identificado una vulnerabilidad dentro de Serv-U 15.4 y 15.4 Hotfix 1 que, si se explota, permite a un actor eludir la autenticación multifactor\/de dos factores. El actor debe tener acceso de nivel de administrador a Serv-U para realizar esta acción. 15.4.  SolarWinds descubrió que el problema no se solucionó por completo en 15.4 Hotfix 1. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "psirt@solarwinds.com", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.2, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.2, - "impactScore": 5.9 - }, - { - "source": "nvd@nist.gov", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.2, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.2, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "psirt@solarwinds.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-284" - } - ] - }, - { - "source": "nvd@nist.gov", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "NVD-CWE-noinfo" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:solarwinds:serv-u:15.4.0:-:*:*:*:*:*:*", - "matchCriteriaId": "E5D87E13-3438-4299-80B2-A7C0746DBF51" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:solarwinds:serv-u:15.4.0:hotfix1:*:*:*:*:*:*", - "matchCriteriaId": "258C9475-8149-4889-BC71-69A6D6AAD23F" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/support.solarwinds.com\/SuccessCenter\/s\/article\/Serv-U-15-4-0-Hotfix-2?language=en_US", - "source": "psirt@solarwinds.com", - "tags": [ - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/www.solarwinds.com\/trust-center\/security-advisories\/CVE-2023-40060", - "source": "psirt@solarwinds.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-41061", - "sourceIdentifier": "product-security@apple.com", - "published": "2023-09-07T18:15:07.617", - "lastModified": "2023-09-12T13:10:46.907", - "vulnStatus": "Analyzed", - "cveTags": [], - "cisaExploitAdd": "2023-09-11", - "cisaActionDue": "2023-10-02", - "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", - "cisaVulnerabilityName": "Apple iOS, iPadOS, and watchOS Wallet Code Execution Vulnerability", - "descriptions": [ - { - "lang": "en", - "value": "A validation issue was addressed with improved logic. This issue is fixed in watchOS 9.6.2, iOS 16.6.1 and iPadOS 16.6.1. A maliciously crafted attachment may result in arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited." - }, - { - "lang": "es", - "value": "Se solucionó el problema de validación con una lógica mejorada. Este problema se solucionó en watchOS 9.6.2, iOS 16.6.1 y iPadOS 16.6.1. Un archivo adjunto creado con fines maliciosos puede provocar la ejecución de código arbitrario. Apple está al tanto de un informe de que este problema puede haber sido explotado activamente." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "NVD-CWE-noinfo" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*", - "versionEndExcluding": "16.6.1", - "matchCriteriaId": "D3489F6B-7E72-4E95-93EC-C61FA0597180" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", - "versionEndExcluding": "16.6.1", - "matchCriteriaId": "FF388164-D0B0-4777-B449-9D7A5817E37E" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", - "versionEndExcluding": "9.6.2", - "matchCriteriaId": "8A7FC4C6-9666-4838-93FF-9FF427BD6CFE" - } - ] - } - ] - } - ], - "references": [ - { - "url": "http:\/\/seclists.org\/fulldisclosure\/2023\/Sep\/4", - "source": "product-security@apple.com", - "tags": [ - "Mailing List", - "Third Party Advisory" - ] - }, - { - "url": "http:\/\/seclists.org\/fulldisclosure\/2023\/Sep\/5", - "source": "product-security@apple.com", - "tags": [ - "Mailing List", - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/support.apple.com\/en-us\/HT213905", - "source": "product-security@apple.com", - "tags": [ - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/support.apple.com\/en-us\/HT213907", - "source": "product-security@apple.com", - "tags": [ - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/support.apple.com\/kb\/HT213905", - "source": "product-security@apple.com", - "tags": [ - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/support.apple.com\/kb\/HT213907", - "source": "product-security@apple.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-41064", - "sourceIdentifier": "product-security@apple.com", - "published": "2023-09-07T18:15:07.727", - "lastModified": "2024-06-21T16:14:51.620", - "vulnStatus": "Analyzed", - "cveTags": [], - "cisaExploitAdd": "2023-09-11", - "cisaActionDue": "2023-10-02", - "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", - "cisaVulnerabilityName": "Apple iOS, iPadOS, and macOS ImageIO Buffer Overflow Vulnerability", - "descriptions": [ - { - "lang": "en", - "value": "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 16.6.1 and iPadOS 16.6.1, macOS Monterey 12.6.9, macOS Ventura 13.5.2, iOS 15.7.9 and iPadOS 15.7.9, macOS Big Sur 11.7.10. Processing a maliciously crafted image may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited." - }, - { - "lang": "es", - "value": "Se solucionó un problema de Desbordamiento de Búfer de manejo de la memoria mejorada. Este problema se solucionó en macOS Monterey 12.6.9, macOS Big Sur 11.7.10, macOS Ventura 13.5.2, iOS 16.6.1 y iPadOS 16.6.1, iOS 15.7.9 y iPadOS 15.7.9. El procesamiento de una imagen creada con fines maliciosos puede provocar la ejecución de código arbitrario. Apple está al tanto de un informe de que este problema puede haber sido explotado activamente." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-120" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*", - "versionEndExcluding": "15.7.9", - "matchCriteriaId": "705D9EAA-AD66-4C0A-A80B-1506EF3F7BBC" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*", - "versionStartIncluding": "16.0", - "versionEndExcluding": "16.6.1", - "matchCriteriaId": "73B55022-11DB-46AC-892A-8518C59CCCBD" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", - "versionEndExcluding": "15.7.9", - "matchCriteriaId": "2CFC9457-0304-466D-9FCB-B4B4210C890E" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", - "versionStartIncluding": "16.0", - "versionEndExcluding": "16.6.1", - "matchCriteriaId": "E8656DD3-C01A-404D-97B1-B2BB0361963F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", - "versionEndExcluding": "12.6.9", - "matchCriteriaId": "7EE27A3F-4069-4044-9825-2C842EA1F60D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", - "versionStartIncluding": "11.0", - "versionEndExcluding": "11.7.10", - "matchCriteriaId": "6D3C7EAA-5A53-49CB-A013-A407497A7A5B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", - "versionStartIncluding": "13.0", - "versionEndExcluding": "13.5.2", - "matchCriteriaId": "5D9227AB-A342-45FA-8969-0A84C6DDD11E" - } - ] - } - ] - } - ], - "references": [ - { - "url": "http:\/\/www.openwall.com\/lists\/oss-security\/2023\/09\/21\/4", - "source": "product-security@apple.com", - "tags": [ - "Mailing List" - ] - }, - { - "url": "https:\/\/support.apple.com\/en-us\/HT213905", - "source": "product-security@apple.com", - "tags": [ - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/support.apple.com\/en-us\/HT213906", - "source": "product-security@apple.com", - "tags": [ - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/support.apple.com\/en-us\/HT213913", - "source": "product-security@apple.com", - "tags": [ - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/support.apple.com\/en-us\/HT213914", - "source": "product-security@apple.com", - "tags": [ - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/support.apple.com\/en-us\/HT213915", - "source": "product-security@apple.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-4528", - "sourceIdentifier": "cve@rapid7.com", - "published": "2023-09-07T18:15:07.797", - "lastModified": "2023-09-13T01:02:46.907", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Unsafe deserialization in JSCAPE MFT Server versions prior to 2023.1.9 (Windows, Linux, and MacOS) permits an attacker to run arbitrary Java code (including OS commands) via its management interface\n" - }, - { - "lang": "es", - "value": "La deserialización insegura en versiones del servidor JSCAPE MFT anteriores a 2023.1.9 (Windows, Linux y MacOS) permite a un atacante ejecutar código Java arbitrario (incluidos comandos del Sistema Operativo) a través de su interfaz de administración." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.2, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.2, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-502" - } - ] - }, - { - "source": "cve@rapid7.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-502" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:redwood:jscape_mft:*:*:*:*:*:*:*:*", - "versionEndExcluding": "2023.1.9", - "matchCriteriaId": "7D2D80C9-825B-4938-86DD-EE7CA8B7B8A8" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.jscape.com\/blog\/binary-management-service-patch-cve-2023-4528", - "source": "cve@rapid7.com", - "tags": [ - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/www.rapid7.com\/blog\/post\/2023\/09\/07\/cve-2023-4528-java-deserialization-vulnerability-in-jscape-mft-fixed\/", - "source": "cve@rapid7.com", - "tags": [ - "Mitigation", - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-4685", - "sourceIdentifier": "ics-cert@hq.dhs.gov", - "published": "2023-09-07T18:15:07.883", - "lastModified": "2023-11-07T04:22:50.080", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Delta Electronics' CNCSoft-B version 1.0.0.4 and DOPSoft versions 4.0.0.82 and prior are vulnerable to stack-based buffer overflow, which could allow an attacker to execute arbitrary code." - }, - { - "lang": "es", - "value": "CNCSoft-B versión 1.0.0.4 de Delta Electronics y DOPSoft versiones 4.0.0.82 y anteriores son vulnerables al desbordamiento del búfer de memoria, lo que podría permitir a un atacante ejecutar código arbitrario." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - }, - { - "source": "ics-cert@hq.dhs.gov", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-787" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:deltaww:cncsoft-b:*:*:*:*:*:*:*:*", - "versionEndIncluding": "1.0.0.2", - "matchCriteriaId": "ABBC3DB3-CF6E-4655-9592-9E272AEBCC27" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:deltaww:dopsoft:*:*:*:*:*:*:*:*", - "versionEndIncluding": "4.0.0.82", - "matchCriteriaId": "6CB5A83A-FE40-4CEA-9601-0040A6903759" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.cisa.gov\/news-events\/ics-advisories\/icsa-23-157-01", - "source": "ics-cert@hq.dhs.gov", - "tags": [ - "Third Party Advisory", - "US Government Resource" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-37798", - "sourceIdentifier": "cve@mitre.org", - "published": "2023-09-07T19:15:47.510", - "lastModified": "2023-09-12T13:02:44.157", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "A stored cross-site scripting (XSS) vulnerability in the new REDCap project creation function of Vanderbilt REDCap 13.1.35 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the project title parameter." - }, - { - "lang": "es", - "value": "Una vulnerabilidad de Cross-Site Scripting (XSS) Almacenado en la nueva función de creación de proyectos REDCap de Vanderbilt REDCap 13.1.35 permite a los atacantes ejecutar scripts web arbitrarios o HTML mediante la inyección de un payload manipulado en el parámetro \"project title\"." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:R\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 5.4, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.3, - "impactScore": 2.7 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-79" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:vanderbilt:redcap:*:*:*:*:*:*:*:*", - "versionEndIncluding": "13.1.35", - "matchCriteriaId": "40893ACC-652C-4691-8BEB-D3AFBBDE63FD" - } - ] - } - ] - } - ], - "references": [ - { - "url": "http:\/\/redcap.com", - "source": "cve@mitre.org", - "tags": [ - "Product" - ] - }, - { - "url": "http:\/\/vanderbilt.com", - "source": "cve@mitre.org", - "tags": [ - "Product" - ] - }, - { - "url": "https:\/\/www.cyderes.com\/blog\/cve-2023-37798-stored-cross-site-scripting-in-vanderbilt-redcap\/", - "source": "cve@mitre.org", - "tags": [ - "Exploit", - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-20193", - "sourceIdentifier": "ykramarz@cisco.com", - "published": "2023-09-07T20:15:07.473", - "lastModified": "2024-01-25T17:15:34.210", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "A vulnerability in the Embedded Service Router (ESR) of Cisco ISE could allow an authenticated, local attacker to read, write, or delete arbitrary files on the underlying operating system and escalate their privileges to root. To exploit this vulnerability, an attacker must have valid Administrator-level privileges on the affected device. This vulnerability is due to improper privilege management in the ESR console. An attacker could exploit this vulnerability by sending a crafted request to an affected device. A successful exploit could allow the attacker to elevate their privileges to root and read, write, or delete arbitrary files from the underlying operating system of the affected device. Note: The ESR is not enabled by default and must be licensed. To verify the status of the ESR in the Admin GUI, choose Administration > Settings > Protocols > IPSec." - }, - { - "lang": "es", - "value": "Una vulnerabilidad en el router de servicio integrado (ESR) de Cisco ISE podría permitir a un atacante local autenticado leer, escribir o eliminar archivos arbitrarios en el sistema operativo subyacente y escalar sus privilegios a root. Para explotar esta vulnerabilidad, un atacante debe tener privilegios válidos a nivel de administrador en el dispositivo afectado. Esta vulnerabilidad se debe a una gestión inadecuada de privilegios en la consola ESR. Un atacante podría aprovechar esta vulnerabilidad enviando una solicitud manipulada a un dispositivo afectado. Un ataque exitoso podría permitir al atacante elevar sus privilegios a root y leer, escribir o borrar archivos arbitrarios del sistema operativo subyacente del dispositivo afectado. Nota: El ESR no está habilitado por defecto y debe tener licencia. Para comprobar el estado de la ESR en la GUI de administración, seleccione Administración > Configuración > Protocolos > IPSec." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:H\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 6.7, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 0.8, - "impactScore": 5.9 - }, - { - "source": "ykramarz@cisco.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:H\/UI:N\/S:U\/C:H\/I:H\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "NONE", - "baseScore": 6.0, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 0.8, - "impactScore": 5.2 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-269" - } - ] - }, - { - "source": "ykramarz@cisco.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-78" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:identity_services_engine:*:*:*:*:*:*:*:*", - "versionEndIncluding": "2.7", - "matchCriteriaId": "DDE2869D-6E9E-4717-A8D4-9E3204889F14" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:identity_services_engine:*:*:*:*:*:*:*:*", - "versionStartIncluding": "3.0", - "versionEndIncluding": "3.3", - "matchCriteriaId": "84794EC3-65B5-43C0-9A74-A6226756CFA6" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/sec.cloudapps.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-ise-priv-esc-KJLp2Aw", - "source": "ykramarz@cisco.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-20194", - "sourceIdentifier": "ykramarz@cisco.com", - "published": "2023-09-07T20:15:07.593", - "lastModified": "2024-01-25T17:15:34.337", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "A vulnerability in the ERS API of Cisco ISE could allow an authenticated, remote attacker to read arbitrary files on the underlying operating system of an affected device. To exploit this vulnerability, an attacker must have valid Administrator-level privileges on the affected device. This vulnerability is due to improper privilege management in the ERS API. An attacker could exploit this vulnerability by sending a crafted request to an affected device. A successful exploit could allow the attacker to elevate their privileges beyond the sphere of their intended access level, which would allow them to obtain sensitive information from the underlying operating system. Note: The ERS is not enabled by default. To verify the status of the ERS API in the Admin GUI, choose Administration > Settings > API Settings > API Service Settings." - }, - { - "lang": "es", - "value": "Una vulnerabilidad en la API ERS de Cisco ISE podría permitir a un atacante remoto autenticado leer archivos arbitrarios en el sistema operativo subyacente de un dispositivo afectado. Para explotar esta vulnerabilidad, un atacante debe tener privilegios válidos a nivel de administrador en el dispositivo afectado. Esta vulnerabilidad se debe a una gestión inadecuada de privilegios en la API ERS. Un atacante podría aprovechar esta vulnerabilidad enviando una solicitud manipulada a un dispositivo afectado. Un exploit exitoso podría permitir al atacante elevar sus privilegios más allá de la esfera de su nivel de acceso previsto, lo que le permitiría obtener información sensible del sistema operativo subyacente. Nota: El ERS no está habilitado por defecto. Para verificar el estado de la API ERS en la GUI Admin, seleccione Administración - Configuración - Configuración de API - Configuración del servicio de la API." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:N\/S:U\/C:H\/I:N\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 4.9, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.2, - "impactScore": 3.6 - }, - { - "source": "ykramarz@cisco.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:N\/S:U\/C:H\/I:N\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 4.9, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.2, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-269" - } - ] - }, - { - "source": "ykramarz@cisco.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-268" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:identity_services_engine:*:*:*:*:*:*:*:*", - "versionEndIncluding": "2.7", - "matchCriteriaId": "DDE2869D-6E9E-4717-A8D4-9E3204889F14" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:identity_services_engine:3.0.0:-:*:*:*:*:*:*", - "matchCriteriaId": "A1063044-BCD7-487F-9880-141C30547E36" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch1:*:*:*:*:*:*", - "matchCriteriaId": "DA42E65A-7207-48B8-BE1B-0B352201BC09" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch2:*:*:*:*:*:*", - "matchCriteriaId": "75DDAF38-4D5F-4EE4-A428-68D28FC0DA96" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch3:*:*:*:*:*:*", - "matchCriteriaId": "C5FB6AA6-F8C9-48A6-BDDA-1D25C43564EB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch4:*:*:*:*:*:*", - "matchCriteriaId": "2B3A267A-5FEA-426D-903E-BD3F4F94A1A4" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch5:*:*:*:*:*:*", - "matchCriteriaId": "B1B3207B-1B9C-41AA-8EF6-8478458462E7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch6:*:*:*:*:*:*", - "matchCriteriaId": "C5B9E7F3-B0F2-4A6A-B939-A62E9B12CCEB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch7:*:*:*:*:*:*", - "matchCriteriaId": "EF4C5A58-D0AE-48D6-9757-18C1D5BE5070" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:identity_services_engine:3.1:-:*:*:*:*:*:*", - "matchCriteriaId": "C4DB9726-532F-45CE-81FD-45F2F6C7CE51" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:identity_services_engine:3.1:patch1:*:*:*:*:*:*", - "matchCriteriaId": "2E8F0066-0EC0-41FD-80BE-55C4ED5F6B0E" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:identity_services_engine:3.1:patch3:*:*:*:*:*:*", - "matchCriteriaId": "5D1765DB-1BEF-4CE9-8B86-B91F709600EB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:identity_services_engine:3.1:patch4:*:*:*:*:*:*", - "matchCriteriaId": "3D1E80EF-C3FD-4F7A-B63D-0EAA5C878B11" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:identity_services_engine:3.1:patch5:*:*:*:*:*:*", - "matchCriteriaId": "095F27EC-5713-4D4F-AD06-57D3DF068B90" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:identity_services_engine:3.1:patch6:*:*:*:*:*:*", - "matchCriteriaId": "FEA5210C-E674-4C4B-9EB3-C681C70005B6" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:identity_services_engine:3.1:patch7:*:*:*:*:*:*", - "matchCriteriaId": "C95F2367-A1A0-46B5-AFC0-9929FC899EE2" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:identity_services_engine:3.2:-:*:*:*:*:*:*", - "matchCriteriaId": "36722B6C-64A5-4D00-94E1-442878C37A35" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:identity_services_engine:3.2:patch1:*:*:*:*:*:*", - "matchCriteriaId": "7EEEA06A-AD58-48D3-8975-B21A961985B3" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cisco:identity_services_engine:3.2:patch2:*:*:*:*:*:*", - "matchCriteriaId": "ED937BCD-60F7-4555-99D8-B6229214FA73" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/sec.cloudapps.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-ise-priv-esc-KJLp2Aw", - "source": "ykramarz@cisco.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-41316", - "sourceIdentifier": "security-advisories@github.com", - "published": "2023-09-07T20:15:07.677", - "lastModified": "2023-09-13T14:36:54.837", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Tolgee is an open-source localization platform. Due to lack of validation field - Org Name, bad actor can send emails with HTML injected code to the victims. Registered users can inject HTML into unsanitized emails from the Tolgee instance to other users. This unsanitized HTML ends up in invitation emails which appear as legitimate org invitations. Bad actors may direct users to malicious website or execute javascript in the context of the users browser. This vulnerability has been addressed in version 3.29.2. Users are advised to upgrade. There are no known workarounds for this vulnerability." - }, - { - "lang": "es", - "value": "Tolgee es una plataforma de localización de código abierto. Debido a la falta del campo de validación - Nombre de la Organización, el actor malicioso puede enviar correos electrónicos con código HTML inyectado a las víctimas. Los usuarios registrados pueden inyectar HTML en correos electrónicos no sanitizados desde la instancia de Tolgee a otros usuarios. Este HTML no sanitizado termina en correos electrónicos de invitación que aparecen como invitaciones de organizaciones legítimas. Los actores maliciosos pueden dirigir a los usuarios a sitios web maliciosos o ejecutar JavaScript en el contexto del navegador del usuario. Esta vulnerabilidad se ha solucionado en la versión 3.29.2. Se recomienda a los usuarios que actualicen. No se conocen workarounds para esta vulnerabilidad." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:R\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 5.4, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.3, - "impactScore": 2.7 - }, - { - "source": "security-advisories@github.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:R\/S:U\/C:L\/I:L\/A:L", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "LOW", - "baseScore": 5.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.1, - "impactScore": 3.4 - } - ] - }, - "weaknesses": [ - { - "source": "security-advisories@github.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-20" - }, - { - "lang": "en", - "value": "CWE-79" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:tolgee:tolgee:*:*:*:*:*:*:*:*", - "versionEndExcluding": "3.29.2", - "matchCriteriaId": "BCE2D82E-9E18-41BE-B995-A87D5BCF9356" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/github.com\/tolgee\/tolgee-platform\/commit\/bab718b1c9b3e90327bfb10d27b9799996e5c35b", - "source": "security-advisories@github.com", - "tags": [ - "Patch" - ] - }, - { - "url": "https:\/\/github.com\/tolgee\/tolgee-platform\/security\/advisories\/GHSA-gx3w-rwh5-w5cg", - "source": "security-advisories@github.com", - "tags": [ - "Exploit", - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-30908", - "sourceIdentifier": "security-alert@hpe.com", - "published": "2023-09-07T22:15:07.500", - "lastModified": "2023-09-13T15:15:07.517", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "A remote authentication bypass issue exists in a OneView API.\n\n" - }, - { - "lang": "es", - "value": "Existe un problema de omisión de autenticación remota en una API de OneView." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL" - }, - "exploitabilityScore": 3.9, - "impactScore": 5.9 - }, - { - "source": "security-alert@hpe.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL" - }, - "exploitabilityScore": 3.9, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "NVD-CWE-noinfo" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:hp:oneview:*:*:*:*:*:*:*:*", - "versionEndExcluding": "6.60.05", - "matchCriteriaId": "951E6F0C-7E2A-4B71-810C-130B79FFC3E3" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:hp:oneview:*:*:*:*:*:*:*:*", - "versionStartIncluding": "7.0", - "versionEndExcluding": "8.5", - "matchCriteriaId": "73DAA8E6-8BA9-4EB3-BD06-1E2F8DF5D9DF" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/support.hpe.com\/hpesc\/public\/docDisplay?docLocale=en_US&docId=hpesbgn04530en_us", - "source": "security-alert@hpe.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-41161", - "sourceIdentifier": "cve@mitre.org", - "published": "2023-09-07T22:15:07.793", - "lastModified": "2023-09-19T01:20:50.880", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Multiple stored cross-site scripting (XSS) vulnerabilities in Usermin 2.000 allow remote attackers to inject arbitrary web script or HTML via the key comment to different pages such as public key details, Export key, sign key, send to key server page, and fetch from key server page tab." - }, - { - "lang": "es", - "value": "Múltiples vulnerabilidades de Cross-Site Scripting (XSS) almacenadas en Usermin 2.000 permite a atacantes remotos inyectar script web o HTML arbitrarios mediante a través del comentario de la clave a diferentes páginas, como detalles de la clave pública, Exportar clave, Firmar clave, Enviar a la página del servidor de claves y Obtener de la pestaña de la página del servidor de claves." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:R\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 5.4, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.3, - "impactScore": 2.7 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-79" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:webmin:usermin:2.000:*:*:*:*:*:*:*", - "matchCriteriaId": "ED13897E-B6FB-4976-9037-2136FDFE1A50" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/github.com\/shindeanik\/Usermin-2.000\/blob\/main\/CVE-2023-41161", - "source": "cve@mitre.org", - "tags": [ - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/webmin.com\/tags\/webmin-changelog\/", - "source": "cve@mitre.org", - "tags": [ - "Release Notes" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-41646", - "sourceIdentifier": "cve@mitre.org", - "published": "2023-09-07T22:15:07.857", - "lastModified": "2023-09-12T20:02:24.610", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Buttercup v2.20.3 allows attackers to obtain the hash of the master password for the password manager via accessing the file \/vaults.json\/" - }, - { - "lang": "es", - "value": "Buttercup v2.20.3 permite a los atacantes obtener el hash de la contraseña maestra para el gestor de contraseñas mediante el acceso al archivo \"\/vaults.json\/\". " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:L\/I:N\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 5.3, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 3.9, - "impactScore": 1.4 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-916" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:perrymitchell:buttercup:2.20.3:*:*:*:*:*:*:*", - "matchCriteriaId": "F9A458D4-031D-4B46-8C1C-F2D1EFE8D449" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/buttercup.pw\/", - "source": "cve@mitre.org", - "tags": [ - "Product" - ] - }, - { - "url": "https:\/\/github.com\/tristao-marinho\/CVE-2023-41646\/", - "source": "cve@mitre.org", - "tags": [ - "Exploit", - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-40029", - "sourceIdentifier": "security-advisories@github.com", - "published": "2023-09-07T23:15:09.763", - "lastModified": "2023-10-27T14:31:09.933", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Argo CD is a declarative continuous deployment for Kubernetes. Argo CD Cluster secrets might be managed declaratively using Argo CD \/ kubectl apply. As a result, the full secret body is stored in`kubectl.kubernetes.io\/last-applied-configuration` annotation. pull request #7139 introduced the ability to manage cluster labels and annotations. Since clusters are stored as secrets it also exposes the `kubectl.kubernetes.io\/last-applied-configuration` annotation which includes full secret body. In order to view the cluster annotations via the Argo CD API, the user must have `clusters, get` RBAC access. **Note:** In many cases, cluster secrets do not contain any actually-secret information. But sometimes, as in bearer-token auth, the contents might be very sensitive. The bug has been patched in versions 2.8.3, 2.7.14, and 2.6.15. Users are advised to upgrade. Users unable to upgrade should update\/deploy cluster secret with `server-side-apply` flag which does not use or rely on `kubectl.kubernetes.io\/last-applied-configuration` annotation. Note: annotation for existing secrets will require manual removal.\n\n" - }, - { - "lang": "es", - "value": "Argo CD es una implementación continua declarativa para Kubernetes. Los secretos de Argo CD Cluster se pueden administrar de forma declarativa utilizando Argo CD \/ kubectl apply. Como resultado, el secret body completo se almacena en la anotación `kubectl.kubernetes.io\/last-applied-configuration`. La solicitud de extracción #7139 introdujo la capacidad de administrar etiquetas y anotaciones del clúster. Dado que los clústeres se almacenan como secretos, también expone la anotación `kubectl.kubernetes.io\/last-applied-configuration` que incluye el secret body completo. Para ver las anotaciones del clúster a través de la API de Argo CD, el usuario debe tener acceso RBAC \"clusters, get\". **Nota:** En muchos casos, los secretos del clúster no contienen ninguna información realmente secreta. Pero a veces, como en la autenticación de token de portador, el contenido puede ser muy sensible. El error se corrigió en las versiones 2.8.3, 2.7.14 y 2.6.15. Se recomienda a los usuarios que actualicen. Los usuarios que no puedan actualizar deben actualizar\/implementar el secreto del clúster con el indicador `server-side-apply` que no utiliza ni depende de la anotación `kubectl.kubernetes.io\/last-applied-configuration`. Nota: la anotación de secretos existentes requerirá eliminación manual." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:C\/C:H\/I:H\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "CHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "NONE", - "baseScore": 9.6, - "baseSeverity": "CRITICAL" - }, - "exploitabilityScore": 3.1, - "impactScore": 5.8 - }, - { - "source": "security-advisories@github.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:C\/C:H\/I:H\/A:L", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "CHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "LOW", - "baseScore": 9.9, - "baseSeverity": "CRITICAL" - }, - "exploitabilityScore": 3.1, - "impactScore": 6.0 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-532" - } - ] - }, - { - "source": "security-advisories@github.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-200" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:linuxfoundation:argo_continuous_delivery:*:*:*:*:*:kubernetes:*:*", - "versionStartIncluding": "2.2.0", - "versionEndExcluding": "2.6.15", - "matchCriteriaId": "58CD5BCA-BEB8-4FD1-A0A7-79C77BB9D3FB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:linuxfoundation:argo_continuous_delivery:*:*:*:*:*:kubernetes:*:*", - "versionStartIncluding": "2.7.0", - "versionEndExcluding": "2.7.14", - "matchCriteriaId": "C6C6D955-4989-4E0A-A8FF-96B580EB0328" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:linuxfoundation:argo_continuous_delivery:*:*:*:*:*:kubernetes:*:*", - "versionStartIncluding": "2.8.0", - "versionEndExcluding": "2.8.3", - "matchCriteriaId": "DDAB88E7-A10B-4437-9FAE-8BBA6AB1689C" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/github.com\/argoproj\/argo-cd\/commit\/4b2e5b06bff2ffd8ed1970654ddd8e55fc4a41c4", - "source": "security-advisories@github.com", - "tags": [ - "Patch" - ] - }, - { - "url": "https:\/\/github.com\/argoproj\/argo-cd\/pull\/7139", - "source": "security-advisories@github.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/github.com\/argoproj\/argo-cd\/security\/advisories\/GHSA-fwr2-64vr-xv9m", - "source": "security-advisories@github.com", - "tags": [ - "Exploit", - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-40584", - "sourceIdentifier": "security-advisories@github.com", - "published": "2023-09-07T23:15:10.240", - "lastModified": "2023-09-13T14:47:24.317", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Argo CD is a declarative continuous deployment for Kubernetes. All versions of ArgoCD starting from v2.4 have a bug where the ArgoCD repo-server component is vulnerable to a Denial-of-Service attack vector. Specifically, the said component extracts a user-controlled tar.gz file without validating the size of its inner files. As a result, a malicious, low-privileged user can send a malicious tar.gz file that exploits this vulnerability to the repo-server, thereby harming the system's functionality and availability. Additionally, the repo-server is susceptible to another vulnerability due to the fact that it does not check the extracted file permissions before attempting to delete them. Consequently, an attacker can craft a malicious tar.gz archive in a way that prevents the deletion of its inner files when the manifest generation process is completed. A patch for this vulnerability has been released in versions 2.6.15, 2.7.14, and 2.8.3. Users are advised to upgrade. The only way to completely resolve the issue is to upgrade, however users unable to upgrade should configure RBAC (Role-Based Access Control) and provide access for configuring applications only to a limited number of administrators. These administrators should utilize trusted and verified Helm charts." - }, - { - "lang": "es", - "value": "Argo CD es una implementación continua declarativa para Kubernetes. Todas las versiones de ArgoCD a partir de la v2.4 tienen un error por el cual el componente del servidor de repositorio de ArgoCD es vulnerable a un vector de ataque de denegación de servicio. Específicamente, dicho componente extrae un archivo tar.gz controlado por el usuario sin validar el tamaño de sus archivos internos. Como resultado, un usuario malicioso y con pocos privilegios puede enviar un archivo tar.gz malicioso que aproveche esta vulnerabilidad al servidor de repositorio, dañando así la funcionalidad y disponibilidad del sistema. Además, el servidor del repositorio es susceptible a otra vulnerabilidad debido a que no verifica los permisos de los archivos extraídos antes de intentar eliminarlos. En consecuencia, un atacante puede crear un archivo tar.gz malicioso de manera que impida la eliminación de sus archivos internos cuando se completa el proceso de generación del manifiesto. Se lanzó un parche para esta vulnerabilidad en las versiones 2.6.15, 2.7.14 y 2.8.3. Se recomienda a los usuarios que actualicen. La única forma de resolver completamente el problema es actualizar; sin embargo, los usuarios que no puedan actualizar deben configurar RBAC (Control de Acceso Basado en Roles) y brindar acceso para configurar aplicaciones solo a un número limitado de administradores. Estos administradores deben utilizar gráficos Helm confiables y verificados." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:N\/I:N\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "availabilityImpact": "HIGH", - "baseScore": 6.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 3.6 - }, - { - "source": "security-advisories@github.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:N\/I:N\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "availabilityImpact": "HIGH", - "baseScore": 6.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "security-advisories@github.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-400" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:linuxfoundation:argo_continuous_delivery:*:*:*:*:*:kubernetes:*:*", - "versionStartIncluding": "2.4.0", - "versionEndExcluding": "2.6.15", - "matchCriteriaId": "E532345C-5361-4BCE-8821-D9A8FC144D17" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:linuxfoundation:argo_continuous_delivery:*:*:*:*:*:kubernetes:*:*", - "versionStartIncluding": "2.7.0", - "versionEndExcluding": "2.7.14", - "matchCriteriaId": "C6C6D955-4989-4E0A-A8FF-96B580EB0328" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:linuxfoundation:argo_continuous_delivery:*:*:*:*:*:kubernetes:*:*", - "versionStartIncluding": "2.8.0", - "versionEndExcluding": "2.8.3", - "matchCriteriaId": "DDAB88E7-A10B-4437-9FAE-8BBA6AB1689C" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/github.com\/argoproj\/argo-cd\/commit\/b8f92c4ff226346624f43de3f25d81dac6386674", - "source": "security-advisories@github.com", - "tags": [ - "Patch" - ] - }, - { - "url": "https:\/\/github.com\/argoproj\/argo-cd\/security\/advisories\/GHSA-g687-f2gx-6wm8", - "source": "security-advisories@github.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2021-33834", - "sourceIdentifier": "cve@mitre.org", - "published": "2023-09-08T02:15:07.503", - "lastModified": "2023-09-13T02:12:12.100", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "An issue was discovered in iscflashx64.sys 3.9.3.0 in Insyde H2OFFT 6.20.00. When handling IOCTL 0x22229a, the input used to allocate a buffer and copy memory is mishandled. This could cause memory corruption or a system crash." - }, - { - "lang": "es", - "value": "Se descubrió un problema en iscflashx64.sys 3.9.3.0 en Insyde H2OFFT 6.20.00. Cuando se gestiona IOCTL 0x22229a, la entrada utilizada para asignar el búfer y copiar memoria se maneja incorrectamente. Esto podría causar daños en la memoria o un bloqueo del sistema." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:N\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "HIGH", - "baseScore": 7.1, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.2 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-787" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:insyde:h2offt:6.20.00:*:*:*:*:*:*:*", - "matchCriteriaId": "F6D12E08-642C-4101-AEE5-08891977CE27" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:insyde:iscflashx64.sys:3.9.3.0:*:*:*:*:*:*:*", - "matchCriteriaId": "043174B7-0F25-47D3-807F-21D76356B83D" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.insyde.com\/security-pledge", - "source": "cve@mitre.org", - "tags": [ - "Not Applicable" - ] - }, - { - "url": "https:\/\/www.insyde.com\/security-pledge\/SA-2021004", - "source": "cve@mitre.org", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2021-45811", - "sourceIdentifier": "cve@mitre.org", - "published": "2023-09-08T02:15:07.877", - "lastModified": "2023-09-18T18:55:34.450", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "A SQL injection vulnerability in the \"Search\" functionality of \"tickets.php\" page in osTicket 1.15.x allows authenticated attackers to execute arbitrary SQL commands via the \"keywords\" and \"topic_id\" URL parameters combination." - }, - { - "lang": "es", - "value": "Una vulnerabilidad de inyección SQL en la funcionalidad \"Search\" de la página \"tickets.php\" en osTicket v1.15.x permite a atacantes autenticados ejecutar comandos SQL arbitrarios a través de la combinación de parámetros URL \"keywords\" y \"topic_id\". " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:N\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 6.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-89" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:enhancesoft:osticket:*:*:*:*:*:*:*:*", - "versionStartIncluding": "1.15", - "versionEndIncluding": "1.15.8", - "matchCriteriaId": "763E683C-D2EC-4E03-9362-23CA5F34E9C6" - } - ] - } - ] - } - ], - "references": [ - { - "url": "http:\/\/enhancesoft.com", - "source": "cve@mitre.org", - "tags": [ - "Product" - ] - }, - { - "url": "http:\/\/osticket.com", - "source": "cve@mitre.org", - "tags": [ - "Product" - ] - }, - { - "url": "https:\/\/members.backbox.org\/osticket-sql-injection\/", - "source": "cve@mitre.org", - "tags": [ - "Exploit", - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2022-27599", - "sourceIdentifier": "security@qnapsecurity.com.tw", - "published": "2023-09-08T02:15:07.940", - "lastModified": "2023-09-13T00:50:41.980", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "An insertion of sensitive information into Log file vulnerability has been reported to affect product. If exploited, the vulnerability possibly provides local authenticated administrators with an additional, less-protected path to acquiring the information via unspecified vectors.\n\nWe have already fixed the vulnerability in the following version:\nWindows 10 SP1, Windows 11, Mac OS, and Mac M1: QVR Pro Client 2.3.0.0420 and later\n" - }, - { - "lang": "es", - "value": "Se ha informado que una inserción de información confidencial en la vulnerabilidad del archivo de Log afecta al producto. Si se explota, la vulnerabilidad posiblemente proporcione a los administradores locales autenticados una ruta adicional menos protegida para adquirir la información a través de vectores no especificados. Ya se ha corregido la vulnerabilidad en las siguientes versiones: Windows 10 SP1, Windows 11, Mac OS y Mac M1: QVR Pro Client 2.3.0.0420 y posteriores" - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:H\/UI:N\/S:U\/C:H\/I:N\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 4.4, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 0.8, - "impactScore": 3.6 - }, - { - "source": "security@qnapsecurity.com.tw", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:H\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 6.7, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 0.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-532" - } - ] - }, - { - "source": "security@qnapsecurity.com.tw", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-532" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:qnap:qvr_pro_client:*:*:*:*:*:*:*:*", - "versionEndExcluding": "2.3.0.0420", - "matchCriteriaId": "19A4AB6D-6D5B-48B7-B9C1-E05873616197" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.qnap.com\/en\/security-advisory\/qsa-23-08", - "source": "security@qnapsecurity.com.tw", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-36184", - "sourceIdentifier": "cve@mitre.org", - "published": "2023-09-08T02:15:08.080", - "lastModified": "2023-11-07T04:16:24.190", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "CMysten Labs Sui blockchain v1.2.0 was discovered to contain a stack overflow via the component \/spec\/openrpc.json." - }, - { - "lang": "es", - "value": "Se descubrió que CMysten Labs Sui blockchain v1.2.0 contiene un desbordamiento de pila a través del componente \"\/spec\/openrpc.json\"." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:N\/I:N\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "availabilityImpact": "HIGH", - "baseScore": 7.5, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-787" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:aptosfoundation:aptos:*:*:*:*:*:*:*:*", - "versionEndExcluding": "1.4.3", - "matchCriteriaId": "23231A97-68C3-43D6-AC2C-C2B45D157B44" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:move_project:move:-:*:*:*:*:*:*:*", - "matchCriteriaId": "907819DB-84CC-4F4B-9504-E98983DADE0E" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:mystenlabs:sui:*:*:*:*:*:*:*:*", - "versionEndExcluding": "1.2.1", - "matchCriteriaId": "8DE411CA-D1E1-4C94-808E-C37F3BF4ECEB" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/github.com\/MystenLabs\/sui\/commit\/8b681515c0cf435df2a54198a28ab4ef574d202b", - "source": "cve@mitre.org", - "tags": [ - "Patch" - ] - }, - { - "url": "https:\/\/github.com\/aptos-labs\/aptos-core\/commit\/47a0391c612407fe0b1051ef658a29e35d986963", - "source": "cve@mitre.org", - "tags": [ - "Patch" - ] - }, - { - "url": "https:\/\/github.com\/move-language\/move\/issues\/1059", - "source": "cve@mitre.org", - "tags": [ - "Issue Tracking", - "Patch" - ] - }, - { - "url": "https:\/\/medium.com\/%40Beosin_com\/critical-vulnerability-in-move-vm-can-cause-total-network-shutdown-and-potential-hard-fork-in-sui-49d0d942801c", - "source": "cve@mitre.org" - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-40271", - "sourceIdentifier": "cve@mitre.org", - "published": "2023-09-08T02:15:08.133", - "lastModified": "2023-09-13T02:27:16.427", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "In Trusted Firmware-M through TF-Mv1.8.0, for platforms that integrate the CryptoCell accelerator, when the CryptoCell PSA Driver software Interface is selected, and the Authenticated Encryption with Associated Data Chacha20-Poly1305 algorithm is used, with the single-part verification function (defined during the build-time configuration phase) implemented with a dedicated function (i.e., not relying on usage of multipart functions), the buffer comparison during the verification of the authentication tag does not happen on the full 16 bytes but just on the first 4 bytes, thus leading to the possibility that unauthenticated payloads might be identified as authentic. This affects TF-Mv1.6.0, TF-Mv1.6.1, TF-Mv1.7.0, and TF-Mv1.8." - }, - { - "lang": "es", - "value": "En Trusted Firmware-M hasta TF-Mv1.8.0, para plataformas que integran el acelerador CryptoCell, cuando se selecciona la Interfaz del software CryptoCell PSA Driver y se utiliza el algoritmo Cifrado Autenticado con Datos Asociados Chacha20-Poly1305, con la verificación de una función single-part (definida durante la fase de configuración en tiempo de compilación) implementada con una función dedicada (es decir, que no depende del uso de funciones multipart), la comparación del búfer de meoria durante la verificación de la etiqueta de autenticación no ocurre en los 16 bytes completos sino solo en los primeros 4 bytes, lo que genera la posibilidad de que los payloads no autenticados puedan identificarse como auténticas. Esto afecta a TF-Mv1.6.0, TF-Mv1.6.1, TF-Mv1.7.0 y TF-Mv1.8." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:N\/I:H\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "HIGH", - "availabilityImpact": "NONE", - "baseScore": 7.5, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-697" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:arm:trusted_firmware-m:1.6.0:*:*:*:*:*:*:*", - "matchCriteriaId": "9F60A1CE-5C19-4996-BA41-E56EA2C1916C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:arm:trusted_firmware-m:1.6.1:*:*:*:*:*:*:*", - "matchCriteriaId": "CD608A87-1120-4D73-9449-36510BB33A6B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:arm:trusted_firmware-m:1.7.0:*:*:*:*:*:*:*", - "matchCriteriaId": "A3BAE3BF-5B14-4348-A91A-1556067425E7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:arm:trusted_firmware-m:1.8.0:*:*:*:*:*:*:*", - "matchCriteriaId": "947E609C-2B59-4114-ACBE-ED3ECEC61D34" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/git.trustedfirmware.org\/TF-M\/trusted-firmware-m.git\/tree\/docs\/security\/security_advisories\/cc3xx_partial_tag_compare_on_chacha20_poly1305.rst", - "source": "cve@mitre.org", - "tags": [ - "Exploit", - "Mitigation", - "Technical Description", - "Vendor Advisory" - ] - }, - { - "url": "https:\/\/tf-m-user-guide.trustedfirmware.org\/releases\/index.html", - "source": "cve@mitre.org", - "tags": [ - "Release Notes" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2014-5329", - "sourceIdentifier": "vultures@jpcert.or.jp", - "published": "2023-09-08T03:15:07.387", - "lastModified": "2023-09-14T16:12:01.977", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "GIGAPOD file servers (Appliance model and Software model) provide two web interfaces, 80\/tcp and 443\/tcp for user operation, and 8001\/tcp for administrative operation.\r\n8001\/tcp is served by a version of Apache HTTP server containing a flaw in handling HTTP requests (CVE-2011-3192), which may lead to a denial-of-service (DoS) condition." - }, - { - "lang": "es", - "value": "Los servidores de archivos GIGAPOD (modelo de Dispositivo y modelo de Software) proporcionan dos interfaces web, 80\/tcp y 443\/tcp para la operación del usuario, y 8001\/tcp para la operación administrativa. 8001\/tcp es servido por una versión del servidor Apache HTTP que contiene un error en el manejo de solicitudes HTTP (CVE-2011-3192), que puede conducir a una condición de Denegación de Servicio (DoS)." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:N\/I:N\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "availabilityImpact": "HIGH", - "baseScore": 7.5, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "NVD-CWE-noinfo" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:tripodworks:gigapod_officehard_firmware:*:*:*:*:*:*:*:*", - "versionEndIncluding": "3.04.03", - "matchCriteriaId": "AB7A1124-19E8-41C7-AC57-2DBCC5D16D86" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:tripodworks:gigapod_officehard:-:*:*:*:*:*:*:*", - "matchCriteriaId": "7AC5BBBD-0779-43CC-A0F6-9BA62B331691" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:tripodworks:gigapod_2010_firmware:*:*:*:*:*:*:*:*", - "versionEndIncluding": "3.01.02", - "matchCriteriaId": "49F0663C-C397-4788-836E-0EB810270EA9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:tripodworks:gigapod_2010:-:*:*:*:*:*:*:*", - "matchCriteriaId": "03E7B57D-B3FB-4E60-9B0A-C6D6FDE4BC54" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:tripodworks:gigapod_3_firmware:*:*:*:*:*:*:*:*", - "versionEndIncluding": "3.01.02", - "matchCriteriaId": "DFA2BF10-37C5-4B86-8572-ABB87AF6018B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:tripodworks:gigapod_3:-:*:*:*:*:*:*:*", - "matchCriteriaId": "2BD9132E-0CB0-4F39-A156-35FE958A6129" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/jvn.jp\/en\/jp\/JVN23809730\/", - "source": "vultures@jpcert.or.jp", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2021-27715", - "sourceIdentifier": "cve@mitre.org", - "published": "2023-09-08T03:15:07.823", - "lastModified": "2023-09-12T20:19:26.247", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "An issue was discovered in MoFi Network MOFI4500-4GXeLTE-V2 3.5.6-xnet-5052 allows attackers to bypass the authentication and execute arbitrary code via crafted HTTP request." - }, - { - "lang": "es", - "value": "Se descubrió un problema en MoFi Network MOFI4500-4GXeLTE-V2 3.5.6-xnet-5052, que permite a los atacantes omitir la autenticación y ejecutar código arbitrario a través de una petición HTTP manipulada." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL" - }, - "exploitabilityScore": 3.9, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-287" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:mofinetwork:mofi4500-4gxelte-v2:-:*:*:*:*:*:*:*", - "matchCriteriaId": "FD1B5A49-821C-4192-84B3-46201EEED36D" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:mofinetwork:mofi4500-4gxelte-v2_firmware:3.5.6-xnet-5052:*:*:*:*:*:*:*", - "matchCriteriaId": "07AEC844-FE9B-49CF-A748-07B67AF837BC" - } - ] - } - ] - } - ], - "references": [ - { - "url": "http:\/\/mofi.com", - "source": "cve@mitre.org", - "tags": [ - "Not Applicable" - ] - }, - { - "url": "https:\/\/www.nagarro.com\/services\/security\/mofi-cve-security-advisory", - "source": "cve@mitre.org", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-37367", - "sourceIdentifier": "cve@mitre.org", - "published": "2023-09-08T03:15:08.330", - "lastModified": "2023-09-13T02:31:36.017", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor, and Modem (Exynos 9820, Exynos 980, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123. In the NAS Task, an improperly implemented security check for standard can disallow desired services for a while via consecutive NAS messages." - }, - { - "lang": "es", - "value": "Se descubrió un problema en el Procesador Móvil Samsung Exynos, el Procesador Automotive y el Módem (Exynos 9820, Exynos 980, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos Modem 5123, Exynos Modem 5300 y Exynos Auto T5123. En la tarea NAS, una comprobación de seguridad implementada incorrectamente para el estándar puede no permitir los servicios deseados durante un tiempo a través de mensajes NAS consecutivos." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:N\/I:N\/A:L", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "availabilityImpact": "LOW", - "baseScore": 5.3, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 3.9, - "impactScore": 1.4 - }, - { - "source": "cve@mitre.org", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:N\/I:N\/A:L", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "availabilityImpact": "LOW", - "baseScore": 5.3, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 3.9, - "impactScore": 1.4 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-863" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:exynos_9820_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1E582F31-BCC1-4276-BC34-A38EDCC4BB01" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:samsung:exynos_9820:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1B8C35DE-1C58-4C6E-BB15-0E3C2FECB8DA" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:exynos_980_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5F18F62E-2012-442E-BE60-6E76325D1824" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:samsung:exynos_980:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0D8701B6-6989-44D1-873A-A1823BFD7CCC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:exynos_850_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1928760C-4FC4-45B0-84FF-C1105CD1DD2A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:samsung:exynos_850:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BB410A6D-642B-49AE-8B1C-EADA953A84DA" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:exynos_1080_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "43DE4D6F-D662-46F2-93BC-9AE950320BDE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:samsung:exynos_1080:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EE06CD56-8BFD-4208-843A-179E3E6F5C10" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:exynos_2100_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "89B88BFE-3C82-498C-8EC1-5784836DB1A1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:samsung:exynos_2100:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9385885D-654A-496E-8029-7C6D9B077193" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:exynos_2200_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "63C0D9AC-BD23-48C9-83E7-301DEC06E583" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:samsung:exynos_2200:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A72ADEBB-ED72-4A5B-BB27-95EDE43F8116" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:exynos_1280_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BD1A7B09-9031-4E54-A24F-3237C054166B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:samsung:exynos_1280:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DFC68046-2F08-40D1-B158-89D8D9263541" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:exynos_1380_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D381478B-C638-4663-BD71-144BE4B02E46" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:samsung:exynos_1380:-:*:*:*:*:*:*:*", - "matchCriteriaId": "61E72146-72FE-4B54-AB79-3C665E7F016C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:exynos_1330_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C2635646-DD6A-4735-8E01-F45445584832" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:samsung:exynos_1330:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA0F8A58-71B7-4503-A03A-6FB4282D75BD" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:exynos_modem_5123_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "06B60F97-1320-44F5-970C-BBA29F375524" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:samsung:exynos_modem_5123:-:*:*:*:*:*:*:*", - "matchCriteriaId": "72419735-076A-4E72-869F-0C7D801371C1" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:exynos_modem_5300_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4F66A096-7BA3-47D6-98F4-879C3A4C1FFC" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:samsung:exynos_modem_5300:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CE202894-D48A-4B9E-B3BD-28529967A0B3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:exynos_auto_t5123_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D4F27BAE-A171-42BF-BAC5-90922780525A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:samsung:exynos_auto_t5123:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5A1895B4-8B31-492E-B4D8-4DC5130C536A" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/semiconductor.samsung.com\/support\/quality-support\/product-security-updates\/", - "source": "cve@mitre.org", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-37368", - "sourceIdentifier": "cve@mitre.org", - "published": "2023-09-08T03:15:08.560", - "lastModified": "2023-09-13T02:37:21.490", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor, and Modem (Exynos Mobile Processor, Automotive Processor, and Modem - Exynos 9810, Exynos 9610, Exynos 9820, Exynos 980, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 9110, Exynos W920, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123). In the Shannon MM Task, Missing validation of a NULL pointer can cause abnormal termination via a malformed NR MM packet." - }, - { - "lang": "es", - "value": "Se descubrió un problema en el Procesador Móvil, el Procesador Automotive y el Módem Exynos de Samsung (Exynos Mobile Processor, Automotive Processor, and Modem - Exynos 9810, Exynos 9610, Exynos 9820, Exynos 980, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 9110, Exynos W920, Exynos Modem 5123, Exynos Modem 5300, y Exynos Auto T5123). En la tarea MM de Shannon, la falta de validación de un puntero NULL puede provocar una terminación anormal a través de un paquete NR MM con formato malformado." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:N\/I:N\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "availabilityImpact": "HIGH", - "baseScore": 7.5, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - }, - { - "source": "cve@mitre.org", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:H\/PR:N\/UI:N\/S:U\/C:N\/I:N\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "HIGH", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "availabilityImpact": "HIGH", - "baseScore": 5.9, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.2, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-476" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:exynos_9810_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "882ECA60-4A46-4854-AB09-5977C9C18E3A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:samsung:exynos_9810:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D3F23066-4258-4E9D-964F-C76386DF7DF1" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:exynos_9610_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "6BBEBE1A-D584-434A-B6B5-1CFF3A405A75" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:samsung:exynos_9610:-:*:*:*:*:*:*:*", - "matchCriteriaId": "26056D36-E735-4D10-A337-C7DCEAC15245" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:exynos_9820_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1E582F31-BCC1-4276-BC34-A38EDCC4BB01" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:samsung:exynos_9820:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1B8C35DE-1C58-4C6E-BB15-0E3C2FECB8DA" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:exynos_980_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5F18F62E-2012-442E-BE60-6E76325D1824" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:samsung:exynos_980:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0D8701B6-6989-44D1-873A-A1823BFD7CCC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:exynos_850_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1928760C-4FC4-45B0-84FF-C1105CD1DD2A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:samsung:exynos_850:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BB410A6D-642B-49AE-8B1C-EADA953A84DA" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:exynos_1080_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "43DE4D6F-D662-46F2-93BC-9AE950320BDE" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:samsung:exynos_1080:-:*:*:*:*:*:*:*", - "matchCriteriaId": "EE06CD56-8BFD-4208-843A-179E3E6F5C10" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:exynos_2100_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "89B88BFE-3C82-498C-8EC1-5784836DB1A1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:samsung:exynos_2100:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9385885D-654A-496E-8029-7C6D9B077193" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:exynos_2200_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "63C0D9AC-BD23-48C9-83E7-301DEC06E583" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:samsung:exynos_2200:-:*:*:*:*:*:*:*", - "matchCriteriaId": "A72ADEBB-ED72-4A5B-BB27-95EDE43F8116" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:exynos_1280_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BD1A7B09-9031-4E54-A24F-3237C054166B" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:samsung:exynos_1280:-:*:*:*:*:*:*:*", - "matchCriteriaId": "DFC68046-2F08-40D1-B158-89D8D9263541" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:exynos_1380_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D381478B-C638-4663-BD71-144BE4B02E46" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:samsung:exynos_1380:-:*:*:*:*:*:*:*", - "matchCriteriaId": "61E72146-72FE-4B54-AB79-3C665E7F016C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:exynos_1330_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "C2635646-DD6A-4735-8E01-F45445584832" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:samsung:exynos_1330:-:*:*:*:*:*:*:*", - "matchCriteriaId": "AA0F8A58-71B7-4503-A03A-6FB4282D75BD" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:exynos_9110_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "F1896BFF-D709-481B-AD4F-37D1A8B30C06" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:samsung:exynos_9110:-:*:*:*:*:*:*:*", - "matchCriteriaId": "E6748EF2-3C63-41CD-B3D1-4B3FEC614B40" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:exynos_w920_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B6ADED27-EDAF-4FB3-8CB2-AE5F59B93641" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:samsung:exynos_w920:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4BF79654-E5C6-4DFF-B33A-A78571CD300C" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:exynos_modem_5123_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "06B60F97-1320-44F5-970C-BBA29F375524" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:samsung:exynos_modem_5123:-:*:*:*:*:*:*:*", - "matchCriteriaId": "72419735-076A-4E72-869F-0C7D801371C1" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:exynos_modem_5300_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4F66A096-7BA3-47D6-98F4-879C3A4C1FFC" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:samsung:exynos_modem_5300:-:*:*:*:*:*:*:*", - "matchCriteriaId": "CE202894-D48A-4B9E-B3BD-28529967A0B3" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:exynos_auto_t5123_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D4F27BAE-A171-42BF-BAC5-90922780525A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:samsung:exynos_auto_t5123:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5A1895B4-8B31-492E-B4D8-4DC5130C536A" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/semiconductor.samsung.com\/support\/quality-support\/product-security-updates\/", - "source": "cve@mitre.org", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-37377", - "sourceIdentifier": "cve@mitre.org", - "published": "2023-09-08T03:15:08.643", - "lastModified": "2023-09-13T02:34:55.590", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "An issue was discovered in Samsung Exynos Mobile Processor and Wearable Processor (Exynos 980, Exynos 850, Exynos 2100, and Exynos W920). Improper handling of length parameter inconsistency can cause incorrect packet filtering." - }, - { - "lang": "es", - "value": "Se descubrió un problema en el Procesador Móvil Samsung Exynos y el Procesador Portátil (Exynos 980, Exynos 850, Exynos 2100 y Exynos W920). El manejo incorrecto de la incoherencia de los parámetros de longitud puede provocar un filtrado incorrecto de paquetes." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:N\/I:N\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "availabilityImpact": "HIGH", - "baseScore": 7.5, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - }, - { - "source": "cve@mitre.org", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:H\/UI:R\/S:U\/C:N\/I:N\/A:L", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "availabilityImpact": "LOW", - "baseScore": 2.0, - "baseSeverity": "LOW" - }, - "exploitabilityScore": 0.6, - "impactScore": 1.4 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-125" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:exynos_980_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5F18F62E-2012-442E-BE60-6E76325D1824" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:samsung:exynos_980:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0D8701B6-6989-44D1-873A-A1823BFD7CCC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:exynos_850_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1928760C-4FC4-45B0-84FF-C1105CD1DD2A" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:samsung:exynos_850:-:*:*:*:*:*:*:*", - "matchCriteriaId": "BB410A6D-642B-49AE-8B1C-EADA953A84DA" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:exynos_2100_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "89B88BFE-3C82-498C-8EC1-5784836DB1A1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:samsung:exynos_2100:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9385885D-654A-496E-8029-7C6D9B077193" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:exynos_w920_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B6ADED27-EDAF-4FB3-8CB2-AE5F59B93641" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:samsung:exynos_w920:-:*:*:*:*:*:*:*", - "matchCriteriaId": "4BF79654-E5C6-4DFF-B33A-A78571CD300C" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/semiconductor.samsung.com\/support\/quality-support\/product-security-updates\/", - "source": "cve@mitre.org", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-37759", - "sourceIdentifier": "cve@mitre.org", - "published": "2023-09-08T03:15:08.727", - "lastModified": "2023-09-12T00:10:11.453", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Incorrect access control in the User Registration page of Crypto Currency Tracker (CCT) before v9.5 allows unauthenticated attackers to register as an Admin account via a crafted POST request." - }, - { - "lang": "es", - "value": "El control de acceso incorrecto en la página de registro de usuario de Crypto Currency Tracker (CCT) antes de v9.5 permite a los atacantes no autenticados registrarse como una cuenta de administrador a través de una solicitud POST manipulada." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL" - }, - "exploitabilityScore": 3.9, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "NVD-CWE-Other" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:trendylogics:crypto_currency_tracker:*:*:*:*:*:*:*:*", - "versionEndIncluding": "9.5", - "matchCriteriaId": "A2A218B3-9272-4504-921D-CC7F212D9A94" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/codecanyon.net\/item\/crypto-currency-tracker-prices-charts-news-icos-info-and-more\/21588008", - "source": "cve@mitre.org", - "tags": [ - "Product" - ] - }, - { - "url": "https:\/\/packetstormsecurity.com\/files\/174240\/Crypto-Currency-Tracker-CCT-9.5-Add-Administrator.html", - "source": "cve@mitre.org", - "tags": [ - "Exploit", - "Third Party Advisory", - "VDB Entry" - ] - }, - { - "url": "https:\/\/tregix.com\/", - "source": "cve@mitre.org", - "tags": [ - "Not Applicable" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-39620", - "sourceIdentifier": "cve@mitre.org", - "published": "2023-09-08T03:15:08.787", - "lastModified": "2023-09-12T00:10:23.430", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "An Issue in Buffalo America, Inc. TeraStation NAS TS5410R v.5.00 thru v.0.07 allows a remote attacker to obtain sensitive information via the guest account function." - }, - { - "lang": "es", - "value": "Un problema en Buffalo America, Inc. TeraStation NAS TS5410R v.5.00 a v.0.07 permite a un atacante remoto obtener información confidencial a través de la función de cuenta de invitado." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:N\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 7.5, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "NVD-CWE-noinfo" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:buffalo:terastation_nas_5410r_firmware:5.00-0.07:*:*:*:*:*:*:*", - "matchCriteriaId": "4914C3B5-4521-4137-9CE8-7A4ED638AED9" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:buffalo:terastation_nas_5410r:-:*:*:*:*:*:*:*", - "matchCriteriaId": "B1A7CFA6-84AC-4CFD-9DF1-5E83B0E931D1" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/github.com\/bcross520\/bcross520.github.io\/wiki\/Buffalo-Terastation-NAS-Disabled-guest-built%E2%80%90in-account-allows-for-SMB%5CRPC-device-enumeration", - "source": "nvd@nist.gov", - "tags": [ - "Exploit" - ] - }, - { - "url": "https:\/\/github.com\/bcross520\/bcross520.github.io\/wiki\/Buffalo-Terastation-NAS-Disabled-guest-built%E2%80%90in-account-allows-for-SMB%5CRPC-device-enumeration.", - "source": "cve@mitre.org", - "tags": [ - "Broken Link" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-40353", - "sourceIdentifier": "cve@mitre.org", - "published": "2023-09-08T03:15:08.853", - "lastModified": "2023-09-12T00:10:41.327", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "An issue was discovered in Exynos Mobile Processor 980 and 2100. An integer overflow at a buffer index can prevent the execution of requested services via a crafted application." - }, - { - "lang": "es", - "value": "Se ha detectado un problema en Exynos Mobile Processor 980 y 2100. Un desbordamiento de enteros en un índice de búfer puede impedir la ejecución de los servicios solicitados a través de una aplicación manipulada." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:N\/I:N\/A:L", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "availabilityImpact": "LOW", - "baseScore": 3.3, - "baseSeverity": "LOW" - }, - "exploitabilityScore": 1.8, - "impactScore": 1.4 - }, - { - "source": "cve@mitre.org", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:H\/UI:R\/S:U\/C:N\/I:N\/A:L", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "HIGH", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "availabilityImpact": "LOW", - "baseScore": 2.0, - "baseSeverity": "LOW" - }, - "exploitabilityScore": 0.6, - "impactScore": 1.4 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-190" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:exynos_980_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "5F18F62E-2012-442E-BE60-6E76325D1824" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:samsung:exynos_980:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0D8701B6-6989-44D1-873A-A1823BFD7CCC" - } - ] - } - ] - }, - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:samsung:exynos_2100_firmware:-:*:*:*:*:*:*:*", - "matchCriteriaId": "89B88BFE-3C82-498C-8EC1-5784836DB1A1" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:samsung:exynos_2100:-:*:*:*:*:*:*:*", - "matchCriteriaId": "9385885D-654A-496E-8029-7C6D9B077193" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/semiconductor.samsung.com\/support\/quality-support\/product-security-updates\/", - "source": "cve@mitre.org", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-40953", - "sourceIdentifier": "cve@mitre.org", - "published": "2023-09-08T03:15:08.930", - "lastModified": "2023-09-12T00:10:48.407", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "icms 7.0.16 is vulnerable to Cross Site Request Forgery (CSRF)." - }, - { - "lang": "es", - "value": "iCMS v7.0.16 es vulnerable a Cross-Site Request Forgery (CSRF)." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 2.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-352" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:idreamsoft:icms:7.0.16:*:*:*:*:*:*:*", - "matchCriteriaId": "ADF5334A-FE6D-45F3-801F-DF6CC9FC92F0" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/gist.github.com\/ChubbyZ\/e1e5c1858c389334dcf581a19c741308", - "source": "cve@mitre.org", - "tags": [ - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/www.icmsdev.com\/", - "source": "cve@mitre.org", - "tags": [ - "Product" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-41594", - "sourceIdentifier": "cve@mitre.org", - "published": "2023-09-08T03:15:08.997", - "lastModified": "2023-10-04T17:36:00.863", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Dairy Farm Shop Management System Using PHP and MySQL v1.1 was discovered to contain multiple SQL injection vulnerabilities in the Login function via the Username and Password parameters." - }, - { - "lang": "es", - "value": "Se ha descubierto que Dairy Farm Shop Management System Using PHP and MySQL v1.1 contiene múltiples vulnerabilidades de inyección SQL en la función de inicio de sesión a través de los parámetros de nombre de usuario y contraseña. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:N\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 7.5, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-89" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:phpgurukul:dairy_farm_shop_management_system:1.1:*:*:*:*:*:*:*", - "matchCriteriaId": "A1EC8290-03A2-4AC6-922B-B469FBB0E453" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/github.com\/MATRIXDEVIL\/CVE\/blob\/main\/CVE-2023-41594", - "source": "cve@mitre.org", - "tags": [ - "Exploit" - ] - }, - { - "url": "https:\/\/portswigger.net\/web-security\/sql-injection", - "source": "cve@mitre.org", - "tags": [ - "Technical Description" - ] - }, - { - "url": "https:\/\/www.acunetix.com\/vulnerabilities\/web\/sql-injection\/", - "source": "cve@mitre.org", - "tags": [ - "Technical Description" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-41615", - "sourceIdentifier": "cve@mitre.org", - "published": "2023-09-08T03:15:09.060", - "lastModified": "2023-12-28T16:23:14.277", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Zoo Management System v1.0 was discovered to contain multiple SQL injection vulnerabilities in the Admin sign-in page via the username and password fields." - }, - { - "lang": "es", - "value": "Se ha descubierto que Zoo Management System v1.0 contiene múltiples vulnerabilidades de inyección SQL en la página de inicio de sesión del administrador a través de los campos de nombre de usuario y contraseña. " - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL" - }, - "exploitabilityScore": 3.9, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-89" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:phpgurukul:zoo_management_system:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "541460D0-FA92-4BC4-A965-28C723E93736" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/medium.com\/%40guravtushar231\/sql-injection-in-login-field-a9073780f7e8", - "source": "cve@mitre.org", - "tags": [ - "Exploit" - ] - }, - { - "url": "https:\/\/phpgurukul.com\/student-management-system-using-php-and-mysql\/", - "source": "cve@mitre.org", - "tags": [ - "Not Applicable" - ] - }, - { - "url": "https:\/\/portswigger.net\/web-security\/sql-injection", - "source": "cve@mitre.org", - "tags": [ - "Technical Description" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-32470", - "sourceIdentifier": "security_alert@emc.com", - "published": "2023-09-08T06:15:07.437", - "lastModified": "2023-09-13T14:37:24.530", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "\nDell Digital Delivery versions prior to 5.0.82.0 contain an Insecure Operation on Windows Junction \/ Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability to create arbitrary folder leading to permanent Denial of Service (DOS).\n\n" - }, - { - "lang": "es", - "value": "Las versiones de Dell Digital Delivery anteriores a 5.0.82.0 contienen una vulnerabilidad de Operación Insegura en Windows Junction \/ Mount Point. Un usuario malicioso local podría aprovechar esta vulnerabilidad para crear una carpeta arbitraria que provocaría una denegación de servicio (DOS) permanente." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:N\/I:N\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "availabilityImpact": "HIGH", - "baseScore": 5.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.8, - "impactScore": 3.6 - }, - { - "source": "security_alert@emc.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:R\/S:U\/C:N\/I:N\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "availabilityImpact": "HIGH", - "baseScore": 5.0, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.3, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "security_alert@emc.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-1386" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:dell:digital_delivery:*:*:*:*:*:*:*:*", - "versionEndExcluding": "5.0.82.0", - "matchCriteriaId": "EB547A1A-15EB-41DE-8E6E-786FD66DFEFA" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.dell.com\/support\/kbdoc\/en-us\/000216243\/dsa-2023-224", - "source": "security_alert@emc.com", - "tags": [ - "Patch", - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-34041", - "sourceIdentifier": "security@vmware.com", - "published": "2023-09-08T08:15:07.493", - "lastModified": "2023-09-14T16:12:21.513", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Cloud foundry routing release versions prior to 0.278.0 are vulnerable to abuse of HTTP Hop-by-Hop Headers. An unauthenticated attacker can use this vulnerability for headers like B3 or X-B3-SpanID to affect the identification value recorded in the logs in foundations.\n" - }, - { - "lang": "es", - "value": "Las versiones de lanzamiento de enrutamiento de Cloud Foundry anteriores a 0.278.0 son vulnerables al abuso de HTTP Hop-by-Hop Headers. Un atacante no autenticado puede usar esta vulnerabilidad para encabezados como B3 o X-B3-SpanID para afectar al valor de identificación registrado en los registros de las bases." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:N\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 5.3, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 3.9, - "impactScore": 1.4 - }, - { - "source": "security@vmware.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:N\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 5.3, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 3.9, - "impactScore": 1.4 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "NVD-CWE-noinfo" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cloudfoundry:cf-deployment:*:*:*:*:*:*:*:*", - "versionEndExcluding": "32.4.0", - "matchCriteriaId": "3FCD5A21-A021-401A-BC00-19F2B47B3B0E" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cloudfoundry:routing-release:*:*:*:*:*:*:*:*", - "versionEndExcluding": "0.278.0", - "matchCriteriaId": "C38EECC5-AEC7-4D60-8A19-B2191F4D6BE8" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.cloudfoundry.org\/blog\/abuse-of-http-hop-by-hop-headers-in-cloud-foundry-gorouter\/", - "source": "security@vmware.com", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-41775", - "sourceIdentifier": "vultures@jpcert.or.jp", - "published": "2023-09-08T08:15:07.593", - "lastModified": "2023-09-14T16:48:00.897", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Improper access control vulnerability in 'direct' Desktop App for macOS ver 2.6.0 and earlier allows a local attacker to bypass access restriction and to use camrea, microphone, etc. of the device where the product is installed without the user's consent." - }, - { - "lang": "es", - "value": "La vulnerabilidad de control de acceso incorrecto en 'direct' Desktop App para macOS versión 2.6.0 y versiones anteriores permite a un atacante local eludir la restricción de acceso y usar camrea, micrófono, etc. del dispositivo donde está instalado el producto sin el consentimiento del usuario." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:N\/I:H\/A:N", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "HIGH", - "availabilityImpact": "NONE", - "baseScore": 5.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.8, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "NVD-CWE-Other" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", - "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:l-is-b:direct:*:*:*:*:desktop:*:*:*", - "versionEndIncluding": "2.6.0", - "matchCriteriaId": "33D9E910-61BA-455A-8156-979417CD84B7" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/jvn.jp\/en\/jp\/JVN42691027\/", - "source": "vultures@jpcert.or.jp", - "tags": [ - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/status.direct4b.com\/2023\/08\/31\/2023083101\/", - "source": "vultures@jpcert.or.jp", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-4777", - "sourceIdentifier": "bugreport@qualys.com", - "published": "2023-09-08T09:15:08.697", - "lastModified": "2023-09-13T12:54:59.283", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "\nAn incorrect permission check in Qualys Container Scanning Connector Plugin 1.6.2.6 and earlier allows attackers with global Item\/Configure permission (while lacking Item\/Configure permission on any particular job) to enumerate credentials IDs of credentials stored in Jenkins and to connect to an attacker-specified URL using attacker-specified credentials IDs, capturing credentials stored in Jenkins. \n\n" - }, - { - "lang": "es", - "value": "Una comprobación de permisos incorrecta en Qualys Container Scanning Connector Plugin 1.6.2.6 y versiones anteriores permite a los atacantes con autorización global Item\/Configure (aunque carecen de autorización Item\/Configure en cualquier job en particular) enumerar los ID de credenciales de las credenciales almacenadas en Jenkins y conectarse a una URL especificada por el atacante, utilizando ID de credenciales especificadas por el atacante, capturando las credenciales almacenadas en Jenkins." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:L\/I:N\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 4.3, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 1.4 - }, - { - "source": "bugreport@qualys.com", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:H\/PR:L\/UI:N\/S:U\/C:L\/I:N\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "HIGH", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 3.1, - "baseSeverity": "LOW" - }, - "exploitabilityScore": 1.6, - "impactScore": 1.4 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-732" - } - ] - }, - { - "source": "bugreport@qualys.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-732" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:qualys:container_scanning_connector:*:*:*:*:*:*:*:*", - "versionEndExcluding": "1.6.2.7", - "matchCriteriaId": "40CC9049-544D-42FD-9494-340ACEAD4BF2" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/www.qualys.com\/security-advisories\/", - "source": "bugreport@qualys.com", - "tags": [ - "Product" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-4807", - "sourceIdentifier": "openssl-security@openssl.org", - "published": "2023-09-08T12:15:08.043", - "lastModified": "2023-09-21T17:15:24.233", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Issue summary: The POLY1305 MAC (message authentication code) implementation\ncontains a bug that might corrupt the internal state of applications on the\nWindows 64 platform when running on newer X86_64 processors supporting the\nAVX512-IFMA instructions.\n\nImpact summary: If in an application that uses the OpenSSL library an attacker\ncan influence whether the POLY1305 MAC algorithm is used, the application\nstate might be corrupted with various application dependent consequences.\n\nThe POLY1305 MAC (message authentication code) implementation in OpenSSL does\nnot save the contents of non-volatile XMM registers on Windows 64 platform\nwhen calculating the MAC of data larger than 64 bytes. Before returning to\nthe caller all the XMM registers are set to zero rather than restoring their\nprevious content. The vulnerable code is used only on newer x86_64 processors\nsupporting the AVX512-IFMA instructions.\n\nThe consequences of this kind of internal application state corruption can\nbe various - from no consequences, if the calling application does not\ndepend on the contents of non-volatile XMM registers at all, to the worst\nconsequences, where the attacker could get complete control of the application\nprocess. However given the contents of the registers are just zeroized so\nthe attacker cannot put arbitrary values inside, the most likely consequence,\nif any, would be an incorrect result of some application dependent\ncalculations or a crash leading to a denial of service.\n\nThe POLY1305 MAC algorithm is most frequently used as part of the\nCHACHA20-POLY1305 AEAD (authenticated encryption with associated data)\nalgorithm. The most common usage of this AEAD cipher is with TLS protocol\nversions 1.2 and 1.3 and a malicious client can influence whether this AEAD\ncipher is used by the server. This implies that server applications using\nOpenSSL can be potentially impacted. However we are currently not aware of\nany concrete application that would be affected by this issue therefore we\nconsider this a Low severity security issue.\n\nAs a workaround the AVX512-IFMA instructions support can be disabled at\nruntime by setting the environment variable OPENSSL_ia32cap:\n\n OPENSSL_ia32cap=:~0x200000\n\nThe FIPS provider is not affected by this issue." - }, - { - "lang": "es", - "value": "Resumen del problema: la implementación POLY1305 MAC (código de autenticación de mensajes) contiene un error que podría dañar el estado interno de las aplicaciones en la plataforma Windows 64 cuando se ejecutan en procesadores X86_64 más nuevos que admiten las instrucciones AVX512-IFMA. Resumen del impacto: si en una aplicación que usa la librería OpenSSL un atacante puede influir en si se usa el algoritmo MAC POLY1305, el estado de la aplicación podría corromperse con varias consecuencias dependientes de la aplicación. La implementación POLY1305 MAC (código de autenticación de mensajes) en OpenSSL no guarda el contenido de los registros XMM no volátiles en la plataforma Windows 64 al calcular la MAC de datos de más de 64 bytes. Antes de regresar a la persona que llama, todos los registros XMM se establecen en cero en lugar de restaurar su contenido anterior. El código vulnerable se utiliza sólo en procesadores x86_64 más nuevos que admiten las instrucciones AVX512-IFMA. Las consecuencias de este tipo de corrupción del estado de la aplicación interna pueden ser diversas: desde ninguna consecuencia, si la aplicación que llama no depende en absoluto del contenido de los registros XMM no volátiles, hasta las peores consecuencias, donde el atacante podría obtener el control total de el proceso de solicitud. Sin embargo, dado que el contenido de los registros simplemente se pone a cero para que el atacante no pueda colocar valores arbitrarios en su interior, la consecuencia más probable, si la hubiera, sería un resultado incorrecto de algunos cálculos dependientes de la aplicación o una falla que provocaría una denegación de servicio. El algoritmo POLY1305 MAC se utiliza con mayor frecuencia como parte del algoritmo CHACHA20-POLY1305 AEAD (cifrado autenticado con datos asociados). El uso más común de este cifrado AEAD es con las versiones 1.2 y 1.3 del protocolo TLS y un cliente malicioso puede influir en si el servidor utiliza este cifrado AEAD. Esto implica que las aplicaciones de servidor que utilizan OpenSSL pueden verse potencialmente afectadas. Sin embargo, actualmente no conocemos ninguna aplicación concreta que pueda verse afectada por este problema, por lo que lo consideramos un problema de seguridad de gravedad Baja. Como workaround, el soporte de instrucciones AVX512-IFMA se puede desactivar en tiempo de ejecución configurando la variable de entorno OPENSSL_ia32cap: OPENSSL_ia32cap=:~0x200000 El proveedor FIPS no se ve afectado por este problema." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "NVD-CWE-noinfo" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*", - "versionStartIncluding": "1.1.1", - "versionEndExcluding": "1.1.1w", - "matchCriteriaId": "AE28C377-98B8-48F3-9869-A5085F95D22C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*", - "versionStartIncluding": "3.0.0", - "versionEndExcluding": "3.0.11", - "matchCriteriaId": "F9CA5322-712C-46EC-85D4-82BBCD86A370" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*", - "versionStartIncluding": "3.1.0", - "versionEndExcluding": "3.1.3", - "matchCriteriaId": "8CD493DA-9CA9-4D3C-A2C0-BE0A06D7E265" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/git.openssl.org\/gitweb\/?p=openssl.git;a=commitdiff;h=4bfac4471f53c4f74c8d81020beb938f92d84ca5", - "source": "openssl-security@openssl.org", - "tags": [ - "Mailing List", - "Patch" - ] - }, - { - "url": "https:\/\/git.openssl.org\/gitweb\/?p=openssl.git;a=commitdiff;h=6754de4a121ec7f261b16723180df6592cbb4508", - "source": "openssl-security@openssl.org", - "tags": [ - "Mailing List", - "Patch" - ] - }, - { - "url": "https:\/\/git.openssl.org\/gitweb\/?p=openssl.git;a=commitdiff;h=a632d534c73eeb3e3db8c7540d811194ef7c79ff", - "source": "openssl-security@openssl.org", - "tags": [ - "Mailing List", - "Patch" - ] - }, - { - "url": "https:\/\/security.netapp.com\/advisory\/ntap-20230921-0001\/", - "source": "openssl-security@openssl.org" - }, - { - "url": "https:\/\/www.openssl.org\/news\/secadv\/20230908.txt", - "source": "openssl-security@openssl.org", - "tags": [ - "Vendor Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-39076", - "sourceIdentifier": "cve@mitre.org", - "published": "2023-09-08T13:15:07.827", - "lastModified": "2023-09-14T23:15:08.117", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Injecting random data into the USB memory area on a General Motors (GM) Chevrolet Equinox 2021 Software. 2021.03.26 (build version) vehicle causes a Denial of Service (DoS) in the in-car infotainment system." - }, - { - "lang": "es", - "value": "Inyectar datos aleatorios en el área de memoria USB en el Software de vehículos Chevrolet Equinox 2021 de General Motors (GM). 2021.03.26 (versión de compilación) provoca una Denegación de Servicio (DoS) en el sistema de infoentretenimiento del automóvil." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:P\/AC:L\/PR:N\/UI:N\/S:U\/C:N\/I:N\/A:H", - "attackVector": "PHYSICAL", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "availabilityImpact": "HIGH", - "baseScore": 4.6, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 0.9, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "NVD-CWE-noinfo" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:gm:mylink_infotainment_system:2021.3.26:*:*:*:*:*:*:*", - "matchCriteriaId": "5D92838E-E17F-429C-8E61-2D5EC8ACBACB" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:gm:chevrolet_equinox:2021:*:*:*:*:*:*:*", - "matchCriteriaId": "D14DEB54-FA5B-4DF0-BB34-35EC6CE2CB56" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/blog.dhjeong.kr\/posts\/vuln\/202307\/gm-chevrolet\/", - "source": "cve@mitre.org" - }, - { - "url": "https:\/\/blog.jhyeon.dev\/posts\/vuln\/202307\/gm-chevrolet\/", - "source": "cve@mitre.org", - "tags": [ - "Broken Link" - ] - }, - { - "url": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-39076", - "source": "cve@mitre.org" - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-39584", - "sourceIdentifier": "cve@mitre.org", - "published": "2023-09-08T13:15:07.990", - "lastModified": "2023-09-12T15:12:13.357", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "Hexo up to v7.0.0 (RC2) was discovered to contain an arbitrary file read vulnerability." - }, - { - "lang": "es", - "value": "Se descubrió que Hexo hasta v7.0.0 (RC2) contenía una vulnerabilidad de lectura de archivos arbitraria." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:N\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 7.5, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "NVD-CWE-noinfo" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:hexo:hexo:*:*:*:*:*:node.js:*:*", - "versionEndIncluding": "6.3.0", - "matchCriteriaId": "2F494D7D-4DEC-47D1-9D57-FD22F923AD68" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:hexo:hexo:7.0.0:rc1:*:*:*:node.js:*:*", - "matchCriteriaId": "14D67846-7704-484D-9159-B1BD6E064DBB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:hexo:hexo:7.0.0:rc2:*:*:*:node.js:*:*", - "matchCriteriaId": "49654147-913B-4164-BFF6-9CBC3997C234" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/github.com\/hexojs\/hexo\/blob\/a3e68e7576d279db22bd7481914286104e867834\/lib\/plugins\/tag\/include_code.js#L49", - "source": "cve@mitre.org", - "tags": [ - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/github.com\/hexojs\/hexo\/issues\/5250", - "source": "cve@mitre.org", - "tags": [ - "Issue Tracking", - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/www.gem-love.com\/2023\/07\/25\/hexo%E5%8D%9A%E5%AE%A2%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E8%AF%BB%E5%8F%96%E5%92%8C%E4%BB%A3%E7%A0%81%E6%89%A7%E8%A1%8C%E6%BC%8F%E6%B4%9E\/#undefined", - "source": "cve@mitre.org", - "tags": [ - "Third Party Advisory" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-40924", - "sourceIdentifier": "cve@mitre.org", - "published": "2023-09-08T13:15:08.127", - "lastModified": "2023-09-19T13:47:13.017", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "SolarView Compact < 6.00 is vulnerable to Directory Traversal." - }, - { - "lang": "es", - "value": "SolarView Compact < 6.00 es vulnerable a Directory Traversal." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:N\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 7.5, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-22" - } - ] - } - ], - "configurations": [ - { - "operator": "AND", - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:h:contec:solarview_compact:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1B677303-DBF0-44EF-B33C-1C0EAEF82135" - } - ] - }, - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:contec:solarview_compact_firmware:*:*:*:*:*:*:*:*", - "versionEndExcluding": "6.0", - "matchCriteriaId": "065F2764-DD49-42AC-8862-BE80DD379DCB" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/github.com\/Yobing1\/CVE-2023-40924\/blob\/main\/README.md", - "source": "cve@mitre.org", - "tags": [ - "Exploit", - "Third Party Advisory" - ] - }, - { - "url": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-33620", - "source": "cve@mitre.org", - "tags": [ - "Not Applicable" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-39676", - "sourceIdentifier": "cve@mitre.org", - "published": "2023-09-08T14:15:11.293", - "lastModified": "2023-09-12T12:59:31.113", - "vulnStatus": "Analyzed", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "FieldPopupNewsletter Prestashop Module v1.0.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the callback parameter at ajax.php." - }, - { - "lang": "es", - "value": "Se descubrió que FieldPopupNewsletter Prestashop Module v1.0.0 contenía una vulnerabilidad de Cross-Site Scripting (XSS) Reflejado a través del parámetro callback en ajax.php." - } - ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:C\/C:L\/I:L\/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "CHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 6.1, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 2.7 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-79" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:a:fieldthemes:fieldpopupnewsletter:1.0.0:*:*:*:*:prestashop:*:*", - "matchCriteriaId": "66A6AE51-43DE-4D19-ABAC-76DA3283F24D" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https:\/\/blog.sorcery.ie\/posts\/fieldpopupnewsletter_xss\/", - "source": "cve@mitre.org", - "tags": [ - "Exploit" - ] - }, - { - "url": "https:\/\/sorcery.ie", - "source": "cve@mitre.org", - "tags": [ - "Not Applicable" - ] - }, - { - "url": "https:\/\/themeforest.net\/user\/fieldthemes", - "source": "cve@mitre.org", - "tags": [ - "Product" - ] - } - ] - } - }, - { - "cve": { - "id": "CVE-2023-39318", - "sourceIdentifier": "security@golang.org", - "published": "2023-09-08T17:15:27.823", - "lastModified": "2023-11-25T11:15:17.430", - "vulnStatus": "Modified", - "cveTags": [], - "descriptions": [ - { - "lang": "en", - "value": "The html\/template package does not properly handle HTML-like \"\" comment tokens, nor hashbang \"#!\" comment tokens, in