Auto Generated CVE annotations [Tue Mar 14 17:46:45 UTC 2023] 🤖

2023-03-14 17:46:45 +00:00 · 2023-03-14 17:46:45 +00:00 · 961afd9801
parent b35a560d3b
commit 961afd9801
5 changed files with 18 additions and 7 deletions
--- a/cves/2022/CVE-2022-31474.yaml
+++ b/cves/2022/CVE-2022-31474.yaml
@ -14,8 +14,8 @@ info:
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
    cvss-score: 7.5
-    cwe-id: CWE-22
    cve-id: CVE-2022-31474
+    cwe-id: CWE-22
  tags: cve,cve2022,wordpress,wp-plugin,wp,lfi,backupbuddy

 requests:
--- a/cves/2022/CVE-2022-47002.yaml
+++ b/cves/2022/CVE-2022-47002.yaml
@ -9,11 +9,16 @@ info:
  reference:
    - https://hoyahaxa.blogspot.com/2023/03/authentication-bypass-mura-masa.html
    - https://nvd.nist.gov/vuln/detail/CVE-2022-47002
+    - https://github.com/MasaCMS/MasaCMS/releases/tag/7.3.10
+    - https://hoyahaxa.blogspot.com/2023/01/preliminary-security-advisory.html
  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
    cve-id: CVE-2022-47002
+    cwe-id: CWE-863
  metadata:
+    shodan-query: 'Generator: Masa CMS'
    verified: "true"
-    shodan-query: "Generator: Masa CMS"
  tags: cve,cve2022,auth-bypass,cms,masa

 requests:
--- a/cves/2022/CVE-2022-47003.yaml
+++ b/cves/2022/CVE-2022-47003.yaml
@ -9,11 +9,16 @@ info:
  reference:
    - https://hoyahaxa.blogspot.com/2023/03/authentication-bypass-mura-masa.html
    - https://nvd.nist.gov/vuln/detail/CVE-2022-47003
+    - http://mura.com
+    - https://www.murasoftware.com/mura-cms/
  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
    cve-id: CVE-2022-47003
+    cwe-id: CWE-863
  metadata:
+    shodan-query: 'Generator: Musa CMS'
    verified: "true"
-    shodan-query: "Generator: Musa CMS"
  tags: cve,cve2022,auth-bypass,cms,mura

 requests:
--- a/vulnerabilities/cisco/cisco-cloudcenter-suite-rce.yaml
+++ b/vulnerabilities/cisco/cisco-cloudcenter-suite-rce.yaml
@ -9,15 +9,16 @@ info:
  reference:
    - https://logging.apache.org/log4j/2.x/security.html
    - https://nvd.nist.gov/vuln/detail/CVE-2021-44228
+    - http://www.openwall.com/lists/oss-security/2021/12/10/1
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
    cvss-score: 10
    cve-id: CVE-2021-44228
    cwe-id: CWE-77
  metadata:
-    shodan-query: title:"CloudCenter Suite"
    fofa-query: title="CloudCenter Suite"
-  tags: cve,cve2021,jndi,log4j,rce,oast,cloudcenter,cisco
+    shodan-query: title:"CloudCenter Suite"
+  tags: cve,cve2021,jndi,log4j,rce,oast,cloudcenter,cisco,kev

 requests:
  - raw:
--- a/vulnerabilities/skywalking/skywalking-log4j-rce.yaml
+++ b/vulnerabilities/skywalking/skywalking-log4j-rce.yaml
@ -16,10 +16,10 @@ info:
    cve-id: CVE-2021-44228
    cwe-id: CWE-77
  metadata:
-    verified: "true"
    fofa-query: title="SkyWalking"
    shodan-query: http.favicon.hash:1929532064
-  tags: cve,cve2021,jndi,log4j,rce,oast,skywalking
+    verified: "true"
+  tags: cve,cve2021,jndi,log4j,rce,oast,skywalking,kev

 requests:
  - raw: