Update CVE-2023-51608.json

cisagov / vulnrichment

A repo to conduct vulnerability enrichment.

Creative Commons Zero v1.0 Universal

462 stars 35 forks source link

Update CVE-2023-51608.json #30

Closed patrickmgarrity closed 4 months ago

patrickmgarrity commented 4 months ago

Issue was resolved with version 5.0.0.19 which was found here: https://docshield.tungstenautomation.com/PowerPDF/en_US/5.0.0-3uoz7ssq2b/print/ReadMe-KofaxPowerPDFAdvanced-5.0.0.19.htm

CPE corrected to reflect the proper versions affected

jwoytek-cisa commented 4 months ago

@patrickmgarrity Thanks for this report. There are maybe a few things going on here. Among them, the data in the CVE says that it affects versions "R.47.0.0 AutoCAD 2021 & R.47.0.0 AutoCAD LT 2021," which is perhaps incorrect. Additionally, ZDI did not update the CVE when they updated their advisory, so the updated version information didn't get in front of our analysts. I would recommend taking this up with the CNA.

patrickmgarrity commented 4 months ago

Thanks! I did report this to the ZDI and they are planning on fixing this.