Skip to content

Commit 005ee09

Browse files
author
cvelistV5 Github Action
committed
1 changes (1 new | 0 updated):
 - 1 new CVEs: CVE-2024-56070 - 0 updated CVEs:
1 parent 7b1a1c5 commit 005ee09

File tree

3 files changed

+161
-20
lines changed

3 files changed

+161
-20
lines changed

cves/2024/56xxx/CVE-2024-56070.json

Lines changed: 140 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,140 @@
1+
{
2+
"dataType": "CVE_RECORD",
3+
"dataVersion": "5.1",
4+
"cveMetadata": {
5+
"cveId": "CVE-2024-56070",
6+
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
7+
"state": "PUBLISHED",
8+
"assignerShortName": "Patchstack",
9+
"dateReserved": "2024-12-14T19:43:18.742Z",
10+
"datePublished": "2024-12-31T13:35:46.941Z",
11+
"dateUpdated": "2024-12-31T13:35:46.941Z"
12+
},
13+
"containers": {
14+
"cna": {
15+
"affected": [
16+
{
17+
"defaultStatus": "unaffected",
18+
"product": "WP SuperBackup",
19+
"vendor": "Azzaroco",
20+
"versions": [
21+
{
22+
"changes": [
23+
{
24+
"at": "2.4",
25+
"status": "unaffected"
26+
}
27+
],
28+
"lessThanOrEqual": "2.3.3",
29+
"status": "affected",
30+
"version": "n/a",
31+
"versionType": "custom"
32+
}
33+
]
34+
}
35+
],
36+
"credits": [
37+
{
38+
"lang": "en",
39+
"type": "finder",
40+
"user": "00000000-0000-4000-9000-000000000000",
41+
"value": "Dave Jong (Patchstack)"
42+
}
43+
],
44+
"descriptions": [
45+
{
46+
"lang": "en",
47+
"supportingMedia": [
48+
{
49+
"base64": false,
50+
"type": "text/html",
51+
"value": "Missing Authorization vulnerability in Azzaroco WP SuperBackup allows Exploiting Incorrectly Configured Access Control Security Levels.<p>This issue affects WP SuperBackup: from n/a through 2.3.3.</p>"
52+
}
53+
],
54+
"value": "Missing Authorization vulnerability in Azzaroco WP SuperBackup allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP SuperBackup: from n/a through 2.3.3."
55+
}
56+
],
57+
"impacts": [
58+
{
59+
"capecId": "CAPEC-180",
60+
"descriptions": [
61+
{
62+
"lang": "en",
63+
"value": "CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels"
64+
}
65+
]
66+
}
67+
],
68+
"metrics": [
69+
{
70+
"cvssV3_1": {
71+
"attackComplexity": "LOW",
72+
"attackVector": "NETWORK",
73+
"availabilityImpact": "LOW",
74+
"baseScore": 7.4,
75+
"baseSeverity": "HIGH",
76+
"confidentialityImpact": "LOW",
77+
"integrityImpact": "LOW",
78+
"privilegesRequired": "LOW",
79+
"scope": "CHANGED",
80+
"userInteraction": "NONE",
81+
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L",
82+
"version": "3.1"
83+
},
84+
"format": "CVSS",
85+
"scenarios": [
86+
{
87+
"lang": "en",
88+
"value": "GENERAL"
89+
}
90+
]
91+
}
92+
],
93+
"problemTypes": [
94+
{
95+
"descriptions": [
96+
{
97+
"cweId": "CWE-862",
98+
"description": "CWE-862 Missing Authorization",
99+
"lang": "en",
100+
"type": "CWE"
101+
}
102+
]
103+
}
104+
],
105+
"providerMetadata": {
106+
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
107+
"shortName": "Patchstack",
108+
"dateUpdated": "2024-12-31T13:35:46.941Z"
109+
},
110+
"references": [
111+
{
112+
"tags": [
113+
"vdb-entry"
114+
],
115+
"url": "https://patchstack.com/database/wordpress/plugin/indeed-wp-superbackup/vulnerability/wordpress-wp-superbackup-plugin-2-3-3-multiple-subscriber-broken-access-control-vulnerabilities?_s_id=cve"
116+
}
117+
],
118+
"solutions": [
119+
{
120+
"lang": "en",
121+
"supportingMedia": [
122+
{
123+
"base64": false,
124+
"type": "text/html",
125+
"value": "Update the WordPress WP SuperBackup plugin to the latest available version (at least 2.4)."
126+
}
127+
],
128+
"value": "Update the WordPress WP SuperBackup plugin to the latest available version (at least 2.4)."
129+
}
130+
],
131+
"source": {
132+
"discovery": "EXTERNAL"
133+
},
134+
"title": "WordPress WP SuperBackup plugin <= 2.3.3 - Multiple Subscriber+ Broken Access Control vulnerabilities",
135+
"x_generator": {
136+
"engine": "Vulnogram 0.2.0"
137+
}
138+
}
139+
}
140+
}

cves/delta.json

Lines changed: 7 additions & 20 deletions
Original file line numberDiff line numberDiff line change
@@ -1,27 +1,14 @@
11
{
2-
"fetchTime": "2024-12-31T13:35:31.446Z",
3-
"numberOfChanges": 3,
2+
"fetchTime": "2024-12-31T13:41:31.100Z",
3+
"numberOfChanges": 1,
44
"new": [
55
{
6-
"cveId": "CVE-2024-56206",
7-
"cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2024-56206",
8-
"githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2024/56xxx/CVE-2024-56206.json",
9-
"dateUpdated": "2024-12-31T13:29:47.586Z"
10-
},
11-
{
12-
"cveId": "CVE-2024-56207",
13-
"cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2024-56207",
14-
"githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2024/56xxx/CVE-2024-56207.json",
15-
"dateUpdated": "2024-12-31T13:33:48.728Z"
16-
}
17-
],
18-
"updated": [
19-
{
20-
"cveId": "CVE-2024-56017",
21-
"cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2024-56017",
22-
"githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2024/56xxx/CVE-2024-56017.json",
23-
"dateUpdated": "2024-12-31T13:34:30.605Z"
6+
"cveId": "CVE-2024-56070",
7+
"cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2024-56070",
8+
"githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2024/56xxx/CVE-2024-56070.json",
9+
"dateUpdated": "2024-12-31T13:35:46.941Z"
2410
}
2511
],
12+
"updated": [],
2613
"error": []
2714
}

cves/deltaLog.json

Lines changed: 14 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,18 @@
11
[
2+
{
3+
"fetchTime": "2024-12-31T13:41:31.100Z",
4+
"numberOfChanges": 1,
5+
"new": [
6+
{
7+
"cveId": "CVE-2024-56070",
8+
"cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2024-56070",
9+
"githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2024/56xxx/CVE-2024-56070.json",
10+
"dateUpdated": "2024-12-31T13:35:46.941Z"
11+
}
12+
],
13+
"updated": [],
14+
"error": []
15+
},
216
{
317
"fetchTime": "2024-12-31T13:35:31.446Z",
418
"numberOfChanges": 3,

0 commit comments

Comments
 (0)