Auto Generated CVE annotations [Mon Feb 20 10:02:27 UTC 2023] 🤖

2023-02-20 10:02:27 +00:00 · 2023-02-20 10:02:27 +00:00 · b86fab6f54
parent 00f2db8e5b
commit b86fab6f54
2 changed files with 5 additions and 3 deletions
--- a/cves/2022/CVE-2022-47986.yaml
+++ b/cves/2022/CVE-2022-47986.yaml
@ -9,14 +9,15 @@ info:
  reference:
    - https://blog.assetnote.io/2023/02/02/pre-auth-rce-aspera-faspex/
    - https://www.ibm.com/support/pages/node/6952319
+    - https://exchange.xforce.ibmcloud.com/vulnerabilities/243512
  remediation: This vulnerability can be remediated by either upgrading to Faspex 4.4.2 Patch Level 2 or Faspex 5.x which does not contain this vulnerability.
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    cvss-score: 9.8
    cve-id: CVE-2022-47986
  metadata:
-    verified: "true"
    shodan-query: html:"Aspera Faspex"
+    verified: "true"
  tags: cve,cve2022,ibm,aspera,faspex

 requests:
--- a/cves/2023/CVE-2023-23752.yaml
+++ b/cves/2023/CVE-2023-23752.yaml
@ -6,14 +6,15 @@ info:
  severity: high
  description: |
    An issue was discovered in Joomla! 4.0.0 through 4.2.7. An improper access check allows unauthorized access to webservice endpoints.
-  remediation: Upgrade to Joomla! version 4.2.8 or later.
  reference:
    - https://unsafe.sh/go-149780.html
    - https://twitter.com/gov_hack/status/1626471960141238272/photo/1
    - https://cve.report/CVE-2023-23752
+    - https://developer.joomla.org/security-centre/894-20230201-core-improper-access-check-in-webservice-endpoints.html
+  remediation: Upgrade to Joomla! version 4.2.8 or later.
  metadata:
-    verified: "true"
    shodan-query: html:"Joomla! - Open Source Content Management"
+    verified: "true"
  tags: cve,cve2023,joomla

 requests: