From 01b8e0ae6bc75af390230f7ed8149aceda919018 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Tue, 28 Dec 2021 17:01:18 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2021/35xxx/CVE-2021-35031.json | 90 +++++++++++++++++++++++++++++++++- 2021/36xxx/CVE-2021-36750.json | 5 ++ 2021/44xxx/CVE-2021-44228.json | 44 +++++++---------- 2021/45xxx/CVE-2021-45105.json | 37 +++++--------- 4 files changed, 122 insertions(+), 54 deletions(-) diff --git a/2021/35xxx/CVE-2021-35031.json b/2021/35xxx/CVE-2021-35031.json index d315c33cf16..6ce81cc268b 100644 --- a/2021/35xxx/CVE-2021-35031.json +++ b/2021/35xxx/CVE-2021-35031.json @@ -1 +1,89 @@ -{"data_type":"CVE","data_format":"MITRE","data_version":"4.0","CVE_data_meta":{"ASSIGNER":"PSIRT@zyxel.com.tw","ID":"CVE-2021-35031","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"vendor_name":"Zyxel","product":{"product_data":[{"product_name":"GS1900 series firmware","version":{"version_data":[{"version_value":"2.60"}]}},{"product_name":"XGS1210 series firmware","version":{"version_data":[{"version_value":"1.00(ABTY.4)C0"}]}},{"product_name":"XGS1250 series firmware","version":{"version_data":[{"version_value":"1.00(ABWE.0)C0"}]}}]}}]}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')"}]}]},"references":{"reference_data":[{"refsource":"CONFIRM","name":"https://www.zyxel.com/support/Zyxel_security_advisory_for_OS_command_injection_vulnerabilities_of_switches.shtml","url":"https://www.zyxel.com/support/Zyxel_security_advisory_for_OS_command_injection_vulnerabilities_of_switches.shtml"}]},"impact":{"cvss":{"baseScore":"6.8","vectorString":"CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","version":"3.1"}},"description":{"description_data":[{"lang":"eng","value":"A vulnerability in the TFTP client of Zyxel GS1900 series firmware, XGS1210 series firmware, and XGS1250 series firmware, which could allow an authenticated LAN user to execute arbitrary OS commands via the GUI of the vulnerable device."}]}} \ No newline at end of file +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "security@zyxel.com.tw", + "ID": "CVE-2021-35031", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Zyxel", + "product": { + "product_data": [ + { + "product_name": "GS1900 series firmware", + "version": { + "version_data": [ + { + "version_value": "2.60" + } + ] + } + }, + { + "product_name": "XGS1210 series firmware", + "version": { + "version_data": [ + { + "version_value": "1.00(ABTY.4)C0" + } + ] + } + }, + { + "product_name": "XGS1250 series firmware", + "version": { + "version_data": [ + { + "version_value": "1.00(ABWE.0)C0" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://www.zyxel.com/support/Zyxel_security_advisory_for_OS_command_injection_vulnerabilities_of_switches.shtml", + "url": "https://www.zyxel.com/support/Zyxel_security_advisory_for_OS_command_injection_vulnerabilities_of_switches.shtml" + } + ] + }, + "impact": { + "cvss": { + "baseScore": "6.8", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "version": "3.1" + } + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A vulnerability in the TFTP client of Zyxel GS1900 series firmware, XGS1210 series firmware, and XGS1250 series firmware, which could allow an authenticated LAN user to execute arbitrary OS commands via the GUI of the vulnerable device." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36750.json b/2021/36xxx/CVE-2021-36750.json index b34b74ae4c4..59327774ad9 100644 --- a/2021/36xxx/CVE-2021-36750.json +++ b/2021/36xxx/CVE-2021-36750.json @@ -61,6 +61,11 @@ "refsource": "MISC", "name": "https://encsecurity.zendesk.com/hc/en-us/articles/4413283717265-Update-for-ENC-Software", "url": "https://encsecurity.zendesk.com/hc/en-us/articles/4413283717265-Update-for-ENC-Software" + }, + { + "refsource": "MISC", + "name": "https://www.westerndigital.com/en-ap/support/product-security/wdc-21014-sandisk-secureaccess-software-update", + "url": "https://www.westerndigital.com/en-ap/support/product-security/wdc-21014-sandisk-secureaccess-software-update" } ] } diff --git a/2021/44xxx/CVE-2021-44228.json b/2021/44xxx/CVE-2021-44228.json index 131b74c09fe..f99594fdb9a 100644 --- a/2021/44xxx/CVE-2021-44228.json +++ b/2021/44xxx/CVE-2021-44228.json @@ -68,7 +68,7 @@ "description_data": [ { "lang": "eng", - "value": "Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed.\n\nNote that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects.\n\n\n" + "value": "Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects." } ] }, @@ -245,6 +245,16 @@ "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html" }, + { + "refsource": "CISCO", + "name": "20211210 Vulnerabilities in Apache Log4j Library Affecting Cisco Products: December 2021", + "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd" + }, + { + "refsource": "MLIST", + "name": "[oss-security] 20211215 Re: CVE-2021-45046: Apache Log4j2 Thread Context Message Pattern and Context Lookup Pattern vulnerable to a denial of service attack", + "url": "http://www.openwall.com/lists/oss-security/2021/12/15/3" + }, { "refsource": "MISC", "name": "http://packetstormsecurity.com/files/165282/Log4j-Payload-Generator.html", @@ -270,21 +280,16 @@ "name": "http://packetstormsecurity.com/files/165306/L4sh-Log4j-Remote-Code-Execution.html", "url": "http://packetstormsecurity.com/files/165306/L4sh-Log4j-Remote-Code-Execution.html" }, - { - "refsource": "CISCO", - "name": "20211210 Vulnerabilities in Apache Log4j Library Affecting Cisco Products: December 2021", - "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd" - }, - { - "refsource": "MLIST", - "name": "[oss-security] 20211215 Re: CVE-2021-45046: Apache Log4j2 Thread Context Message Pattern and Context Lookup Pattern vulnerable to a denial of service attack", - "url": "http://www.openwall.com/lists/oss-security/2021/12/15/3" - }, { "refsource": "CONFIRM", "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf" }, + { + "refsource": "FEDORA", + "name": "FEDORA-2021-66d6c484f3", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M5CSVUNV4HWZZXGOKNSK6L7RPM7BOKIB/" + }, { "refsource": "MISC", "name": "http://packetstormsecurity.com/files/165371/VMware-Security-Advisory-2021-0028.4.html", @@ -299,25 +304,10 @@ "refsource": "CONFIRM", "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-66d6c484f3", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M5CSVUNV4HWZZXGOKNSK6L7RPM7BOKIB/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-5c9d12a93e", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EOKPQGV24RRBBI4TBZUDQMM4MEH7MXCY/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-abbe24e41c", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SIG7FZULMNK2XF6FZRU4VWYDQXNMUGAJ/" } ] }, "source": { "discovery": "UNKNOWN" } -} +} \ No newline at end of file diff --git a/2021/45xxx/CVE-2021-45105.json b/2021/45xxx/CVE-2021-45105.json index 45b976d414e..290026964e3 100644 --- a/2021/45xxx/CVE-2021-45105.json +++ b/2021/45xxx/CVE-2021-45105.json @@ -122,11 +122,6 @@ "name": "20211210 Vulnerabilities in Apache Log4j Library Affecting Cisco Products: December 2021", "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd" }, - { - "refsource": "CONFIRM", - "name": "https://security.netapp.com/advisory/ntap-20211218-0001/", - "url": "https://security.netapp.com/advisory/ntap-20211218-0001/" - }, { "refsource": "MLIST", "name": "[oss-security] 20211218 CVE-2021-45105: Apache Log4j2 does not always protect from infinite recursion in lookup evaluation", @@ -137,6 +132,16 @@ "name": "DSA-5024", "url": "https://www.debian.org/security/2021/dsa-5024" }, + { + "refsource": "CONFIRM", + "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf", + "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20211218-0001/", + "url": "https://security.netapp.com/advisory/ntap-20211218-0001/" + }, { "refsource": "MISC", "name": "https://www.zerodayinitiative.com/advisories/ZDI-21-1541/", @@ -146,26 +151,6 @@ "refsource": "CONFIRM", "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-501673.pdf", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-501673.pdf" - }, - { - "refsource": "CONFIRM", - "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211226 [SECURITY] [DLA 2852-1] apache-log4j2 security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00017.html" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-5c9d12a93e", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EOKPQGV24RRBBI4TBZUDQMM4MEH7MXCY/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-abbe24e41c", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SIG7FZULMNK2XF6FZRU4VWYDQXNMUGAJ/" } ] }, @@ -181,4 +166,4 @@ "value": "Implement one of the following mitigation techniques:\n\n* Java 8 (or later) users should upgrade to release 2.17.0.\n\nAlternatively, this can be mitigated in configuration:\n\n* In PatternLayout in the logging configuration, replace Context Lookups like `${ctx:loginId}` or `$${ctx:loginId}` with Thread Context Map patterns (%X, %mdc, or %MDC).\n* Otherwise, in the configuration, remove references to Context Lookups like `${ctx:loginId}` or `$${ctx:loginId}` where they originate \nfrom sources external to the application such as HTTP headers or user input." } ] -} +} \ No newline at end of file