[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Dec 12 16:04:22 GMT 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c8ce34c4 by Salvatore Bonaccorso at 2023-12-12T17:04:07+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,7 +1,7 @@
 CVE-2023-6727 (Mattermost fails to perform correct authorization checks when creating ...)
 	- mattermost-server <itp> (bug #823556)
 CVE-2023-6593 (Client side permission bypass in Devolutions Remote Desktop Manager 20 ...)
-	TODO: check
+	NOT-FOR-US: Devolutions
 CVE-2023-6547 (Mattermost fails to validate team membership when a user attempts to a ...)
 	- mattermost-server <itp> (bug #823556)
 CVE-2023-6193 (quiche v. 0.15.0 through 0.19.0 was discovered to be vulnerable to unb ...)
@@ -40,53 +40,53 @@ CVE-2023-49874 (Mattermost fails to check whether a user is a guest when updatin
 CVE-2023-49809 (Mattermost fails to handle a null request body in the /add endpoint, a ...)
 	- mattermost-server <itp> (bug #823556)
 CVE-2023-49713 (Denial-of-service (DoS) vulnerability exists in NetBIOS service of HMI ...)
-	TODO: check
+	NOT-FOR-US: NetBIOS service of HMI GC-A2 series
 CVE-2023-49695 (OS command injection vulnerability in WRC-X3000GSN v1.0.2, WRC-X3000GS ...)
-	TODO: check
+	NOT-FOR-US: Elecom
 CVE-2023-49692 (A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (Al ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2023-49691 (A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (Al ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2023-49607 (Mattermost fails to validate the type of the "reminder" body request p ...)
 	- mattermost-server <itp> (bug #823556)
 CVE-2023-49563 (Cross Site Scripting (XSS) in Voltronic Power SNMP Web Pro v.1.1 allow ...)
-	TODO: check
+	NOT-FOR-US: Voltronic Power SNMP Web Pro
 CVE-2023-49143 (Denial-of-service (DoS) vulnerability exists in rfe service of HMI GC- ...)
 	TODO: check
 CVE-2023-49140 (Denial-of-service (DoS) vulnerability exists in commplex-link service  ...)
 	TODO: check
 CVE-2023-48677 (Local privilege escalation due to DLL hijacking vulnerability. The fol ...)
-	TODO: check
+	NOT-FOR-US: Acronis
 CVE-2023-48431 (A vulnerability has been identified in SINEC INS (All versions < V1.0  ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2023-48430 (A vulnerability has been identified in SINEC INS (All versions < V1.0  ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2023-48429 (A vulnerability has been identified in SINEC INS (All versions < V1.0  ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2023-48428 (A vulnerability has been identified in SINEC INS (All versions < V1.0  ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2023-48427 (A vulnerability has been identified in SINEC INS (All versions < V1.0  ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2023-46701 (Mattermost fails to perform authorization checks in the  /plugins/play ...)
 	- mattermost-server <itp> (bug #823556)
 CVE-2023-46456 (In GL.iNET GL-AR300M routers with firmware 3.216 it is possible to inj ...)
-	TODO: check
+	NOT-FOR-US: GL.iNET GL-AR300M routers
 CVE-2023-46455 (In GL.iNET GL-AR300M routers with firmware v4.3.7 it is possible to wr ...)
-	TODO: check
+	NOT-FOR-US: GL.iNET GL-AR300M routers
 CVE-2023-46454 (In GL.iNET GL-AR300M routers with firmware v4.3.7, it is possible to i ...)
-	TODO: check
+	NOT-FOR-US: GL.iNET GL-AR300M routers
 CVE-2023-46285 (A vulnerability has been identified in Opcenter Quality (All versions) ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2023-46284 (A vulnerability has been identified in Opcenter Quality (All versions) ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2023-46283 (A vulnerability has been identified in Opcenter Quality (All versions) ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2023-46282 (A vulnerability has been identified in Opcenter Quality (All versions) ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2023-46281 (A vulnerability has been identified in Opcenter Quality (All versions) ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2023-46156 (Affected devices improperly handle specially crafted packets sent to p ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2023-45847 (Mattermost fails to to check the length when setting the title in a ru ...)
 	- mattermost-server <itp> (bug #823556)
 CVE-2023-45316 (Mattermost fails to validate if a relative path is passed in /plugins/ ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c8ce34c47c650b6d7a690bbb8dc897d917be7773

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c8ce34c47c650b6d7a690bbb8dc897d917be7773
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231212/6d53dab1/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list