Auto-Update: 2024-12-14T15:00:19.548327+00:00

fkie-cad · Dec 14, 2024 · 21245dd · 21245dd
1 parent 3e3f58e
commit 21245dd
Show file tree

Hide file tree

Showing 4 changed files with 121 additions and 7 deletions.
diff --git a/CVE-2024/CVE-2024-318xx/CVE-2024-31891.json b/CVE-2024/CVE-2024-318xx/CVE-2024-31891.json
@@ -0,0 +1,56 @@
+{
+  "id": "CVE-2024-31891",
+  "sourceIdentifier": "[email protected]",
+  "published": "2024-12-14T13:15:17.630",
+  "lastModified": "2024-12-14T13:15:17.630",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "IBM Storage Scale GUI 5.1.9.0 through 5.1.9.6 and 5.2.0.0 through 5.2.1.1 \n\ncontains a local privilege escalation vulnerability. A malicious actor with command line access to the 'scalemgmt' user can elevate privileges to gain root access to the host operating system."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "[email protected]",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
+          "baseScore": 7.8,
+          "baseSeverity": "HIGH",
+          "attackVector": "LOCAL",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH"
+        },
+        "exploitabilityScore": 1.8,
+        "impactScore": 5.9
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "[email protected]",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-250"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://www.ibm.com/support/pages/node/7178098",
+      "source": "[email protected]"
+    }
+  ]
+}
diff --git a/CVE-2024/CVE-2024-318xx/CVE-2024-31892.json b/CVE-2024/CVE-2024-318xx/CVE-2024-31892.json
@@ -0,0 +1,56 @@
+{
+  "id": "CVE-2024-31892",
+  "sourceIdentifier": "[email protected]",
+  "published": "2024-12-14T13:15:18.877",
+  "lastModified": "2024-12-14T13:15:18.877",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "IBM Storage Scale GUI 5.1.9.0 through 5.1.9.6 and 5.2.0.0 through 5.2.1.1 could allow a user to perform unauthorized actions after intercepting and modifying a csv file due to improper neutralization of formula elements."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "[email protected]",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
+          "baseScore": 7.5,
+          "baseSeverity": "HIGH",
+          "attackVector": "NETWORK",
+          "attackComplexity": "HIGH",
+          "privilegesRequired": "NONE",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH"
+        },
+        "exploitabilityScore": 1.6,
+        "impactScore": 5.9
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "[email protected]",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-89"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://www.ibm.com/support/pages/node/7178098",
+      "source": "[email protected]"
+    }
+  ]
+}
diff --git a/README.md b/README.md
@@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 
 ```plain
-2024-12-14T11:00:19.866792+00:00
+2024-12-14T15:00:19.548327+00:00
 ```
 
 ### Most recent CVE Modification Timestamp synchronized with NVD
 
 ```plain
-2024-12-14T09:15:06.383000+00:00
+2024-12-14T13:15:18.877000+00:00
 ```
 
 ### Last Data Feed Release
@@ -33,15 +33,15 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs
 
 ```plain
-273876
+273878
 ```
 
 ### CVEs added in the last Commit
 
 Recently added CVEs: `2`
 
-- [CVE-2024-11720](CVE-2024/CVE-2024-117xx/CVE-2024-11720.json) (`2024-12-14T09:15:05.083`)
-- [CVE-2024-11721](CVE-2024/CVE-2024-117xx/CVE-2024-11721.json) (`2024-12-14T09:15:06.383`)
+- [CVE-2024-31891](CVE-2024/CVE-2024-318xx/CVE-2024-31891.json) (`2024-12-14T13:15:17.630`)
+- [CVE-2024-31892](CVE-2024/CVE-2024-318xx/CVE-2024-31892.json) (`2024-12-14T13:15:18.877`)
 
 
 ### CVEs modified in the last Commit

diff --git a/_state.csv b/_state.csv
@@ -244370,8 +244370,8 @@ CVE-2024-11713,0,0,924f08b1e66ea9ada6d3704a63a72351a5730b7360d590fd87dcc24c6bdcf
 CVE-2024-11714,0,0,712d476e2fb41db968d06ff22739dbd43c34408b01df3c5f3203d9771f4e118a,2024-12-14T07:15:06.713000
 CVE-2024-11715,0,0,c20e59ad84e8801565e48794c692d8184a1df1411032566df29c1cc577ebcc4f,2024-12-14T07:15:06.880000
 CVE-2024-1172,0,0,ab430c7827e21b365e63647ecdb13f518977ed8324330c869795f6d2a42c238e,2024-11-21T08:49:57.517000
-CVE-2024-11720,1,1,7b26e95b9a7820fa30a018d9c5a605ec44f18f5e18d78151d6ded3428e73f997,2024-12-14T09:15:05.083000
-CVE-2024-11721,1,1,b659aa34ebc06b4e71eaaed476f56e403ca847c59d174e16a16c3817a010f8d8,2024-12-14T09:15:06.383000
+CVE-2024-11720,0,0,7b26e95b9a7820fa30a018d9c5a605ec44f18f5e18d78151d6ded3428e73f997,2024-12-14T09:15:05.083000
+CVE-2024-11721,0,0,b659aa34ebc06b4e71eaaed476f56e403ca847c59d174e16a16c3817a010f8d8,2024-12-14T09:15:06.383000
 CVE-2024-11723,0,0,3a4b22b6f5bf23610381fe8aa4c57fda56e31fb4c7ae1e57460e9bfb6b1246ba,2024-12-12T05:15:09.247000
 CVE-2024-11724,0,0,9e0ed441e3412ffd4b21acc007377cf00fd5825d64cbabc21a993f4c4fd43aff,2024-12-12T07:15:08.600000
 CVE-2024-11727,0,0,31c084556af2144dc477e02470c4388ea6e06ff7d826233a0c2b3bfd1c94eaec,2024-12-12T07:15:09.107000
@@ -254441,6 +254441,8 @@ CVE-2024-31887,0,0,7595a9bf13d2e1c15ce814c8cb36a9167cf49ef9a4ff4ef12b17d1fa0af3b
 CVE-2024-31889,0,0,1a3411dda0f43cf509067df1f606915f47bd53cf736d164dfc28d6e14607135d,2024-11-21T09:14:05.393000
 CVE-2024-3189,0,0,cf3c2d45c5c1f6cc61b6d398c2f0b2f840ed23d80ea9e7c4c6d89950994902a5,2024-11-21T09:29:06.663000
 CVE-2024-31890,0,0,651fa0b1e1cfc65d537ba9b852527cb69af9fe2a04587dff5261b833582033b6,2024-11-21T09:14:05.540000
+CVE-2024-31891,1,1,3ad2b03c19f2da721481db2230f5717b00e56e95e9a9dd445375b742166df3a6,2024-12-14T13:15:17.630000
+CVE-2024-31892,1,1,ae6eefe18d6b87a64713c6fd050e3991add0ac48e81f83d2d8ec27189d715ad2,2024-12-14T13:15:18.877000
 CVE-2024-31893,0,0,1ee5de64a507073e1576552d494f92a47974a8768c38ce20796f66762af14f93,2024-11-21T09:14:05.667000
 CVE-2024-31894,0,0,07db0489096a710a1181f86402d3a99764c6888ab4e60622f37ae6ec81631794,2024-11-21T09:14:05.810000
 CVE-2024-31895,0,0,bb7c808cedfab935c4b791381449fa00e1393d5ea1cf070e6cc5e4a4ab36ed78,2024-11-21T09:14:05.943000