[Git][security-tracker-team/security-tracker][master] Process some NFUs

Tue Feb 14 08:16:29 GMT 2023


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
bbfdff00 by Salvatore Bonaccorso at 2023-02-14T09:15:38+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -77,7 +77,7 @@ CVE-2023-0816
 CVE-2023-0815
 	RESERVED
 CVE-2023-0814 (The Profile Builder – User Profile & User Registration Forms ...)
-	TODO: check
+	NOT-FOR-US: Profile Builder – User Profile & User Registration Forms plugin for WordPress
 CVE-2023-0813
 	RESERVED
 CVE-2023-0812
@@ -475,7 +475,7 @@ CVE-2023-25616
 CVE-2023-25615
 	RESERVED
 CVE-2023-25614 (SAP NetWeaver AS ABAP (BSP Framework) application - versions 700, 701, ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2023-25613
 	RESERVED
 CVE-2023-0767
@@ -3398,25 +3398,25 @@ CVE-2020-36657 (uptimed before 0.4.6-r1 on Gentoo allows local users (with acces
 CVE-2018-25078 (man-db before 2.8.5 on Gentoo allows local users (with access to the m ...)
 	TODO: check
 CVE-2023-24530 (SAP BusinessObjects Business Intelligence Platform (CMC) - versions 42 ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2023-24529 (Due to lack of proper input validation, BSP application (CRM_BSP_FRAME ...)
 	TODO: check
 CVE-2023-24528 (SAP Fiori apps for Travel Management in SAP ERP (My Travel Requests) - ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2023-24527
 	RESERVED
 CVE-2023-24526
 	RESERVED
 CVE-2023-24525 (SAP CRM WebClient UI - versions WEBCUIF 748, 800, 801, S4FND 102, 103, ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2023-24524 (SAP S/4 HANA Map Treasury Correspondence Format Data does not perform  ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2023-24523 (An attacker authenticated as a non-admin user with local access to a s ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2023-24522 (Due to insufficient input sanitization, SAP NetWeaver AS ABAP (Busines ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2023-24521 (Due to insufficient input sanitization, SAP NetWeaver AS ABAP (BSP Fra ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2023-24520
 	RESERVED
 CVE-2023-24519
@@ -5075,25 +5075,25 @@ CVE-2023-0399
 CVE-2023-0398 (Cross-Site Request Forgery (CSRF) in GitHub repository modoboa/modoboa ...)
 	NOT-FOR-US: Modoboa
 CVE-2023-23860 (SAP NetWeaver AS for ABAP and ABAP Platform - versions 740, 750, 751,  ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2023-23859 (SAP NetWeaver AS for ABAP and ABAP Platform - versions 740, 750, 751,  ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2023-23858 (Due to insufficient input validation, SAP NetWeaver AS for ABAP and AB ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2023-23857
 	RESERVED
 CVE-2023-23856 (In SAP BusinessObjects Business Intelligence (Web Intelligence user in ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2023-23855 (SAP Solution Manager - version 720, allows an authenticated attacker t ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2023-23854 (SAP NetWeaver Application Server for ABAP and ABAP Platform - versions ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2023-23853 (An unauthenticated attacker in AP NetWeaver Application Server for ABA ...)
 	TODO: check
 CVE-2023-23852 (SAP Solution Manager (System Monitoring) - version 720, does not suffi ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2023-23851 (SAP Business Planning and Consolidation - versions 200, 300, allows an ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2023-23850
 	RESERVED
 CVE-2023-23849 (Versions of Coverity Connect prior to 2022.12.0 are vulnerable to an u ...)
@@ -10990,9 +10990,9 @@ CVE-2022-43444
 CVE-2022-42702
 	RESERVED
 CVE-2023-0025 (SAP Solution Manager (BSP Application) - version 720, allows an authen ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2023-0024 (SAP Solution Manager (BSP Application) - version 720, allows an authen ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2023-0023 (In SAP Bank Account Management (Manage Banks) application, when a user ...)
 	NOT-FOR-US: SAP
 CVE-2023-0022 (SAP BusinessObjects Business Intelligence Analysis edition for OLAP al ...)
@@ -11213,9 +11213,9 @@ CVE-2023-22334 (Use of password hash instead of password for authentication vuln
 CVE-2023-22331 (Use of default credentials vulnerability in CONPROSYS HMI System (CHS) ...)
 	NOT-FOR-US: CONPROSYS
 CVE-2023-0020 (SAP BusinessObjects Business Intelligence platform - versions 420, 430 ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2023-0019 (In SAP GRC (Process Control) - versions GRCFND_A V1200, GRCFND_A V8100 ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2023-0018 (Due to improper input sanitization of user-controlled input in SAP Bus ...)
 	NOT-FOR-US: SAP
 CVE-2023-0017 (An unauthenticated attacker in SAP NetWeaver AS for Java - version 7.5 ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bbfdff0093edb75e2074d313a542c3e7f8cd12d4

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bbfdff0093edb75e2074d313a542c3e7f8cd12d4
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230214/4b00696d/attachment.htm>
