Search criteria
9 vulnerabilities by vasyltech
CVE-2019-25213 (GCVE-0-2019-25213)
Vulnerability from cvelistv5 – Published: 2024-10-16 06:43 – Updated: 2024-10-16 18:05
VLAI?
Summary
The Advanced Access Manager plugin for WordPress is vulnerable to Unauthenticated Arbitrary File Read in versions up to, and including, 5.9.8.1 due to insufficient validation on the aam-media parameter. This allows unauthenticated attackers to read any file on the server, including sensitive files such as wp-config.php
Severity ?
9.8 (Critical)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| vasyltech | Advanced Access Manager – Restricted Content, Users & Roles, Enhanced Security and More |
Affected:
* , < 5.9.9
(semver)
|
Credits
Ov3rfly
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:advanced_access_manager_project:advanced_access_manager:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "advanced_access_manager",
"vendor": "advanced_access_manager_project",
"versions": [
{
"lessThan": "5.9.9",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-25213",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-16T15:35:07.214423Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-16T18:05:50.381Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Advanced Access Manager \u2013 Restricted Content, Users \u0026 Roles, Enhanced Security and More",
"vendor": "vasyltech",
"versions": [
{
"lessThan": "5.9.9",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Ov3rfly"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Advanced Access Manager plugin for WordPress is vulnerable to Unauthenticated Arbitrary File Read in versions up to, and including, 5.9.8.1 due to insufficient validation on the aam-media parameter. This allows unauthenticated attackers to read any file on the server, including sensitive files such as wp-config.php"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-16T06:43:32.214Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/55e0f0df-7be2-4e18-988c-2cc558768eff?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/2098838/advanced-access-manager/trunk/application/Core/Media.php?old=2151316\u0026old_path=advanced-access-manager%2Ftrunk%2Fapplication%2FCore%2FMedia.php"
}
],
"timeline": [
{
"lang": "en",
"time": "2019-09-09T00:00:00.000+00:00",
"value": "Disclosed"
}
],
"title": "Advanced Access Manager \u003c= 5.9.8.1 - Unauthenticated Arbitrary File Read"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2019-25213",
"datePublished": "2024-10-16T06:43:32.214Z",
"dateReserved": "2024-10-15T17:42:48.469Z",
"dateUpdated": "2024-10-16T18:05:50.381Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-29127 (GCVE-0-2024-29127)
Vulnerability from cvelistv5 – Published: 2024-03-19 14:06 – Updated: 2024-08-02 01:03
VLAI?
Summary
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AAM Advanced Access Manager allows Reflected XSS.This issue affects Advanced Access Manager: from n/a through 6.9.20.
Severity ?
7.1 (High)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| AAM | Advanced Access Manager |
Affected:
n/a , ≤ 6.9.20
(custom)
|
Credits
Rafie Muhammad (Patchstack)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-29127",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-19T14:59:37.790867Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:57:53.168Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:03:51.877Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://patchstack.com/database/vulnerability/advanced-access-manager/wordpress-advanced-access-manager-plugin-6-9-20-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "advanced-access-manager",
"product": "Advanced Access Manager",
"vendor": "AAM",
"versions": [
{
"changes": [
{
"at": "6.9.21",
"status": "unaffected"
}
],
"lessThanOrEqual": "6.9.20",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Rafie Muhammad (Patchstack)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in AAM Advanced Access Manager allows Reflected XSS.\u003cp\u003eThis issue affects Advanced Access Manager: from n/a through 6.9.20.\u003c/p\u003e"
}
],
"value": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in AAM Advanced Access Manager allows Reflected XSS.This issue affects Advanced Access Manager: from n/a through 6.9.20.\n\n"
}
],
"impacts": [
{
"capecId": "CAPEC-591",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-591 Reflected XSS"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-19T14:06:06.575Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/vulnerability/advanced-access-manager/wordpress-advanced-access-manager-plugin-6-9-20-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to 6.9.21 or a higher version."
}
],
"value": "Update to 6.9.21 or a higher version."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress Advanced Access Manager plugin \u003c= 6.9.20 - Reflected Cross Site Scripting (XSS) vulnerability",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2024-29127",
"datePublished": "2024-03-19T14:06:06.575Z",
"dateReserved": "2024-03-16T01:24:15.389Z",
"dateUpdated": "2024-08-02T01:03:51.877Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-51674 (GCVE-0-2023-51674)
Vulnerability from cvelistv5 – Published: 2024-02-01 10:22 – Updated: 2024-08-02 22:40
VLAI?
Summary
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AAM Advanced Access Manager – Restricted Content, Users & Roles, Enhanced Security and More allows Stored XSS.This issue affects Advanced Access Manager – Restricted Content, Users & Roles, Enhanced Security and More: from n/a through 6.9.18.
Severity ?
6.5 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| AAM | Advanced Access Manager – Restricted Content, Users & Roles, Enhanced Security and More |
Affected:
n/a , ≤ 6.9.18
(custom)
|
Credits
LVT-tholv2k (Patchstack Alliance)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-51674",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-01T14:16:14.866205Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-27T19:36:55.293Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:40:34.219Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://patchstack.com/database/vulnerability/advanced-access-manager/wordpress-advanced-access-manager-plugin-6-9-18-cross-site-scripting-xss-vulnerability?_s_id=cve"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "advanced-access-manager",
"product": "Advanced Access Manager \u2013 Restricted Content, Users \u0026 Roles, Enhanced Security and More",
"vendor": "AAM",
"versions": [
{
"changes": [
{
"at": "6.9.19",
"status": "unaffected"
}
],
"lessThanOrEqual": "6.9.18",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "LVT-tholv2k (Patchstack Alliance)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in AAM Advanced Access Manager \u2013 Restricted Content, Users \u0026amp; Roles, Enhanced Security and More allows Stored XSS.\u003cp\u003eThis issue affects Advanced Access Manager \u2013 Restricted Content, Users \u0026amp; Roles, Enhanced Security and More: from n/a through 6.9.18.\u003c/p\u003e"
}
],
"value": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in AAM Advanced Access Manager \u2013 Restricted Content, Users \u0026 Roles, Enhanced Security and More allows Stored XSS.This issue affects Advanced Access Manager \u2013 Restricted Content, Users \u0026 Roles, Enhanced Security and More: from n/a through 6.9.18.\n\n"
}
],
"impacts": [
{
"capecId": "CAPEC-592",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-592 Stored XSS"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-01T10:22:55.887Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/vulnerability/advanced-access-manager/wordpress-advanced-access-manager-plugin-6-9-18-cross-site-scripting-xss-vulnerability?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to\u0026nbsp;6.9.19 or a higher version."
}
],
"value": "Update to\u00a06.9.19 or a higher version."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress Advanced Access Manager Plugin \u003c= 6.9.18 is vulnerable to Cross Site Scripting (XSS)",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2023-51674",
"datePublished": "2024-02-01T10:22:55.887Z",
"dateReserved": "2023-12-21T14:51:15.760Z",
"dateUpdated": "2024-08-02T22:40:34.219Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-51675 (GCVE-0-2023-51675)
Vulnerability from cvelistv5 – Published: 2023-12-29 13:57 – Updated: 2024-09-09 17:27
VLAI?
Summary
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in AAM Advanced Access Manager – Restricted Content, Users & Roles, Enhanced Security and More.This issue affects Advanced Access Manager – Restricted Content, Users & Roles, Enhanced Security and More: from n/a through 6.9.18.
Severity ?
4.7 (Medium)
CWE
- CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| AAM | Advanced Access Manager – Restricted Content, Users & Roles, Enhanced Security and More |
Affected:
n/a , ≤ 6.9.18
(custom)
|
Credits
LVT-tholv2k (Patchstack Alliance)
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:40:34.219Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://patchstack.com/database/vulnerability/advanced-access-manager/wordpress-advanced-access-manager-plugin-6-9-18-open-redirection-vulnerability?_s_id=cve"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-51675",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-05T16:45:36.875401Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-09T17:27:49.263Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "advanced-access-manager",
"product": "Advanced Access Manager \u2013 Restricted Content, Users \u0026 Roles, Enhanced Security and More",
"vendor": "AAM",
"versions": [
{
"changes": [
{
"at": "6.9.19",
"status": "unaffected"
}
],
"lessThanOrEqual": "6.9.18",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "LVT-tholv2k (Patchstack Alliance)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027) vulnerability in AAM Advanced Access Manager \u2013 Restricted Content, Users \u0026amp; Roles, Enhanced Security and More.\u003cp\u003eThis issue affects Advanced Access Manager \u2013 Restricted Content, Users \u0026amp; Roles, Enhanced Security and More: from n/a through 6.9.18.\u003c/p\u003e"
}
],
"value": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027) vulnerability in AAM Advanced Access Manager \u2013 Restricted Content, Users \u0026 Roles, Enhanced Security and More.This issue affects Advanced Access Manager \u2013 Restricted Content, Users \u0026 Roles, Enhanced Security and More: from n/a through 6.9.18.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-601",
"description": "CWE-601 URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-29T13:57:17.047Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/vulnerability/advanced-access-manager/wordpress-advanced-access-manager-plugin-6-9-18-open-redirection-vulnerability?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to\u0026nbsp;6.9.19 or a higher version."
}
],
"value": "Update to\u00a06.9.19 or a higher version."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress Advanced Access Manager Plugin \u003c= 6.9.18 is vulnerable to Open Redirection",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2023-51675",
"datePublished": "2023-12-29T13:57:17.047Z",
"dateReserved": "2023-12-21T14:51:15.760Z",
"dateUpdated": "2024-09-09T17:27:49.263Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-50881 (GCVE-0-2023-50881)
Vulnerability from cvelistv5 – Published: 2023-12-29 11:26 – Updated: 2024-11-20 19:13
VLAI?
Summary
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AAM Advanced Access Manager – Restricted Content, Users & Roles, Enhanced Security and More allows Stored XSS.This issue affects Advanced Access Manager – Restricted Content, Users & Roles, Enhanced Security and More: from n/a through 6.9.15.
Severity ?
6.5 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| AAM | Advanced Access Manager – Restricted Content, Users & Roles, Enhanced Security and More |
Affected:
n/a , ≤ 6.9.15
(custom)
|
Credits
NGÔ THIÊN AN / ancorn_ from VNPT-VCI (Patchstack Alliance)
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:23:43.800Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://patchstack.com/database/vulnerability/advanced-access-manager/wordpress-advanced-access-manager-plugin-6-9-15-cross-site-scripting-xss-vulnerability?_s_id=cve"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-50881",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-12T20:04:10.901243Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-20T19:13:07.282Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "advanced-access-manager",
"product": "Advanced Access Manager \u2013 Restricted Content, Users \u0026 Roles, Enhanced Security and More",
"vendor": "AAM",
"versions": [
{
"changes": [
{
"at": "6.9.16",
"status": "unaffected"
}
],
"lessThanOrEqual": "6.9.15",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "NG\u00d4 THI\u00caN AN / ancorn_ from VNPT-VCI (Patchstack Alliance)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in AAM Advanced Access Manager \u2013 Restricted Content, Users \u0026amp; Roles, Enhanced Security and More allows Stored XSS.\u003cp\u003eThis issue affects Advanced Access Manager \u2013 Restricted Content, Users \u0026amp; Roles, Enhanced Security and More: from n/a through 6.9.15.\u003c/p\u003e"
}
],
"value": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in AAM Advanced Access Manager \u2013 Restricted Content, Users \u0026 Roles, Enhanced Security and More allows Stored XSS.This issue affects Advanced Access Manager \u2013 Restricted Content, Users \u0026 Roles, Enhanced Security and More: from n/a through 6.9.15.\n\n"
}
],
"impacts": [
{
"capecId": "CAPEC-592",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-592 Stored XSS"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-29T11:26:11.706Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/vulnerability/advanced-access-manager/wordpress-advanced-access-manager-plugin-6-9-15-cross-site-scripting-xss-vulnerability?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to\u0026nbsp;6.9.16 or a higher version."
}
],
"value": "Update to\u00a06.9.16 or a higher version."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress Advanced Access Manager Plugin \u003c= 6.9.15 is vulnerable to Cross Site Scripting (XSS)",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2023-50881",
"datePublished": "2023-12-29T11:26:11.706Z",
"dateReserved": "2023-12-15T14:42:48.489Z",
"dateUpdated": "2024-11-20T19:13:07.282Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-24830 (GCVE-0-2021-24830)
Vulnerability from cvelistv5 – Published: 2021-11-23 19:16 – Updated: 2024-08-03 19:42
VLAI?
Summary
The Advanced Access Manager WordPress plugin before 6.8.0 does not escape some of its settings when outputting them, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed
Severity ?
No CVSS data available.
CWE
- CWE-79 - Cross-site Scripting (XSS)
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unknown | Advanced Access Manager |
Affected:
6.8.0 , < 6.8.0
(custom)
|
Credits
Huy Nguyen
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:42:17.343Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/1c46373b-d43d-4d18-b0ae-3711fb0be0f9"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/changeset/2616161/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Advanced Access Manager",
"vendor": "Unknown",
"versions": [
{
"lessThan": "6.8.0",
"status": "affected",
"version": "6.8.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Huy Nguyen"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Advanced Access Manager WordPress plugin before 6.8.0 does not escape some of its settings when outputting them, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Cross-site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-23T19:16:13",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wpscan.com/vulnerability/1c46373b-d43d-4d18-b0ae-3711fb0be0f9"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://plugins.trac.wordpress.org/changeset/2616161/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Advanced Access Manager \u003c 6.8.0 - Admin+ Stored Cross-Site Scripting",
"x_generator": "WPScan CVE Generator",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "contact@wpscan.com",
"ID": "CVE-2021-24830",
"STATE": "PUBLIC",
"TITLE": "Advanced Access Manager \u003c 6.8.0 - Admin+ Stored Cross-Site Scripting"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Advanced Access Manager",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "6.8.0",
"version_value": "6.8.0"
}
]
}
}
]
},
"vendor_name": "Unknown"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Huy Nguyen"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Advanced Access Manager WordPress plugin before 6.8.0 does not escape some of its settings when outputting them, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed"
}
]
},
"generator": "WPScan CVE Generator",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-site Scripting (XSS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wpscan.com/vulnerability/1c46373b-d43d-4d18-b0ae-3711fb0be0f9",
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/1c46373b-d43d-4d18-b0ae-3711fb0be0f9"
},
{
"name": "https://plugins.trac.wordpress.org/changeset/2616161/",
"refsource": "CONFIRM",
"url": "https://plugins.trac.wordpress.org/changeset/2616161/"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2021-24830",
"datePublished": "2021-11-23T19:16:13",
"dateReserved": "2021-01-14T00:00:00",
"dateUpdated": "2024-08-03T19:42:17.343Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-35935 (GCVE-0-2020-35935)
Vulnerability from cvelistv5 – Published: 2021-01-01 01:25 – Updated: 2024-08-04 17:16
VLAI?
Summary
The Advanced Access Manager plugin before 6.6.2 for WordPress allows privilege escalation on profile updates via the aam_user_roles POST parameter if Multiple Role support is enabled. (The mechanism for deciding whether a user was entitled to add a role did not work in various custom-role scenarios.)
Severity ?
7.5 (High)
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:16:13.422Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.wordfence.com/blog/2020/08/high-severity-vulnerability-patched-in-advanced-access-manager/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Advanced Access Manager plugin before 6.6.2 for WordPress allows privilege escalation on profile updates via the aam_user_roles POST parameter if Multiple Role support is enabled. (The mechanism for deciding whether a user was entitled to add a role did not work in various custom-role scenarios.)"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AC:H/AV:N/A:H/C:H/I:H/PR:L/S:U/UI:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-01T01:25:14",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.wordfence.com/blog/2020/08/high-severity-vulnerability-patched-in-advanced-access-manager/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-35935",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Advanced Access Manager plugin before 6.6.2 for WordPress allows privilege escalation on profile updates via the aam_user_roles POST parameter if Multiple Role support is enabled. (The mechanism for deciding whether a user was entitled to add a role did not work in various custom-role scenarios.)"
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AC:H/AV:N/A:H/C:H/I:H/PR:L/S:U/UI:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.wordfence.com/blog/2020/08/high-severity-vulnerability-patched-in-advanced-access-manager/",
"refsource": "MISC",
"url": "https://www.wordfence.com/blog/2020/08/high-severity-vulnerability-patched-in-advanced-access-manager/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-35935",
"datePublished": "2021-01-01T01:25:14",
"dateReserved": "2021-01-01T00:00:00",
"dateUpdated": "2024-08-04T17:16:13.422Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-35934 (GCVE-0-2020-35934)
Vulnerability from cvelistv5 – Published: 2021-01-01 01:25 – Updated: 2024-08-04 17:16
VLAI?
Summary
The Advanced Access Manager plugin before 6.6.2 for WordPress displays the unfiltered user object (including all metadata) upon login via the REST API (aam/v1/authenticate or aam/v2/authenticate). This is a security problem if this object stores information that the user is not supposed to have (e.g., custom metadata added by a different plugin).
Severity ?
4.3 (Medium)
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:16:13.475Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.wordfence.com/blog/2020/08/high-severity-vulnerability-patched-in-advanced-access-manager/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Advanced Access Manager plugin before 6.6.2 for WordPress displays the unfiltered user object (including all metadata) upon login via the REST API (aam/v1/authenticate or aam/v2/authenticate). This is a security problem if this object stores information that the user is not supposed to have (e.g., custom metadata added by a different plugin)."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AC:L/AV:N/A:N/C:L/I:N/PR:L/S:U/UI:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-01T01:25:05",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.wordfence.com/blog/2020/08/high-severity-vulnerability-patched-in-advanced-access-manager/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-35934",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Advanced Access Manager plugin before 6.6.2 for WordPress displays the unfiltered user object (including all metadata) upon login via the REST API (aam/v1/authenticate or aam/v2/authenticate). This is a security problem if this object stores information that the user is not supposed to have (e.g., custom metadata added by a different plugin)."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AC:L/AV:N/A:N/C:L/I:N/PR:L/S:U/UI:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.wordfence.com/blog/2020/08/high-severity-vulnerability-patched-in-advanced-access-manager/",
"refsource": "MISC",
"url": "https://www.wordfence.com/blog/2020/08/high-severity-vulnerability-patched-in-advanced-access-manager/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-35934",
"datePublished": "2021-01-01T01:25:05",
"dateReserved": "2021-01-01T00:00:00",
"dateUpdated": "2024-08-04T17:16:13.475Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-6059 (GCVE-0-2014-6059)
Vulnerability from cvelistv5 – Published: 2020-01-13 12:22 – Updated: 2024-08-06 12:03
VLAI?
Summary
WordPress Advanced Access Manager Plugin before 2.8.2 has an Arbitrary File Overwrite Vulnerability
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T12:03:02.324Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/128137/WordPress-Advanced-Access-Manager-2.8.2-File-Write-Code-Execution.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/69549"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95694"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "WordPress Advanced Access Manager Plugin before 2.8.2 has an Arbitrary File Overwrite Vulnerability"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-13T12:22:23",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/128137/WordPress-Advanced-Access-Manager-2.8.2-File-Write-Code-Execution.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securityfocus.com/bid/69549"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95694"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-6059",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "WordPress Advanced Access Manager Plugin before 2.8.2 has an Arbitrary File Overwrite Vulnerability"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/128137/WordPress-Advanced-Access-Manager-2.8.2-File-Write-Code-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/128137/WordPress-Advanced-Access-Manager-2.8.2-File-Write-Code-Execution.html"
},
{
"name": "http://www.securityfocus.com/bid/69549",
"refsource": "MISC",
"url": "http://www.securityfocus.com/bid/69549"
},
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95694",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95694"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-6059",
"datePublished": "2020-01-13T12:22:23",
"dateReserved": "2014-09-01T00:00:00",
"dateUpdated": "2024-08-06T12:03:02.324Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}