metadata validation fixes #308 #307 #306 #302

2026-02-21 11:18:06 +00:00 · 2024-03-05 15:58:14 +00:00
parent 291692630a
commit 862c1f20e1
3 changed files with 24 additions and 24 deletions
--- a/modules/vulnerabilities/unix/local/sudo_baron/secgen_metadata.xml
+++ b/modules/vulnerabilities/unix/local/sudo_baron/secgen_metadata.xml
@@ -28,6 +28,13 @@
        <generator type="filename_generator" />
    </default_input>

+    <cve>CVE-2021-3156</cve>
+    <cvss_base_score>7</cvss_base_score>
+    <cvss_vector>AV:N/AC:L/Au:N/C:C/I:C/A:C</cvss_vector>
+    <reference>https://nvd.nist.gov/vuln/detail/CVE-2023-22809</reference>
+    <software_name>Sudo</software_name>
+    <software_license>Misc</software_license>
+
    <conflict>
        <name>.*Stretch.*</name>
    </conflict>
@@ -41,13 +48,6 @@
        <name>.*Ubuntu.*</name>
    </conflict>

-    <cve>CVE-2021-3156</cve>
-    <cvss_base_score>7</cvss_base_score>
-    <cvss_vector>AV:N/AC:L/Au:N/C:C/I:C/A:C</cvss_vector>
-    <reference>https://nvd.nist.gov/vuln/detail/CVE-2023-22809</reference>
-    <software_name>Sudo</software_name>
-    <software_license>Misc</software_license>
-
    <CyBOK KA="MAT" topic="Attacks and exploitation">
        <keyword>EXPLOITATION</keyword>
        <keyword>EXPLOITATION FRAMEWORKS</keyword>
@@ -65,4 +65,4 @@
    <CyBOK KA="MAT" topic="Malicious Activities by Malware">
        <keyword>cyber kill chain</keyword>
    </CyBOK>
-</vulnerability>
+</vulnerability>
--- a/modules/vulnerabilities/unix/local/sudobypass/secgen_metadata.xml
+++ b/modules/vulnerabilities/unix/local/sudobypass/secgen_metadata.xml
@@ -37,6 +37,13 @@
        <value>tiaspbiqe2r</value>
    </default_input>

+    <cve>CVE-2019-14287</cve>
+    <cvss_base_score>8</cvss_base_score>
+    <cvss_vector>AV:N/AC:L/Au:N/C:C/I:C/A:C</cvss_vector>
+    <reference>https://www.exploit-db.com/exploits/47502</reference>
+    <software_name>Sudo</software_name>
+    <software_license>Misc</software_license>
+
    <conflict>
        <name>.*Stretch.*</name>
    </conflict>
@@ -50,13 +57,6 @@
        <name>.*Ubuntu.*</name>
    </conflict>

-    <cve>CVE-2019-14287</cve>
-    <cvss_base_score>8</cvss_base_score>
-    <cvss_vector>AV:N/AC:L/Au:N/C:C/I:C/A:C</cvss_vector>
-    <reference>https://www.exploit-db.com/exploits/47502</reference>
-    <software_name>Sudo</software_name>
-    <software_license>Misc</software_license>
-
    <CyBOK KA="MAT" topic="Attacks and exploitation">
        <keyword>EXPLOITATION</keyword>
        <keyword>EXPLOITATION FRAMEWORKS</keyword>
@@ -74,4 +74,4 @@
    <CyBOK KA="MAT" topic="Malicious Activities by Malware">
        <keyword>cyber kill chain</keyword>
    </CyBOK>
-</vulnerability>
+</vulnerability>
--- a/modules/vulnerabilities/unix/local/sudoedit/secgen_metadata.xml
+++ b/modules/vulnerabilities/unix/local/sudoedit/secgen_metadata.xml
@@ -39,6 +39,13 @@
        <value>tiaspbiqe2r</value>
    </default_input>

+    <cve>CVE-2023-22809</cve>
+    <cvss_base_score>7</cvss_base_score>
+    <cvss_vector>AV:N/AC:L/Au:N/C:C/I:C/A:C</cvss_vector>
+    <reference>https://nvd.nist.gov/vuln/detail/CVE-2023-22809</reference>
+    <software_name>Sudo</software_name>
+    <software_license>Misc</software_license>
+
    <conflict>
        <name>.*Stretch.*</name>
    </conflict>
@@ -52,13 +59,6 @@
        <name>.*Ubuntu.*</name>
    </conflict>

-    <cve>CVE-2023-22809</cve>
-    <cvss_base_score>7</cvss_base_score>
-    <cvss_vector>AV:N/AC:L/Au:N/C:C/I:C/A:C</cvss_vector>
-    <reference>https://nvd.nist.gov/vuln/detail/CVE-2023-22809</reference>
-    <software_name>Sudo</software_name>
-    <software_license>Misc</software_license>
-
    <CyBOK KA="MAT" topic="Attacks and exploitation">
        <keyword>EXPLOITATION</keyword>
        <keyword>EXPLOITATION FRAMEWORKS</keyword>
@@ -76,4 +76,4 @@
    <CyBOK KA="MAT" topic="Malicious Activities by Malware">
        <keyword>cyber kill chain</keyword>
    </CyBOK>
-</vulnerability>
+</vulnerability>