Auto-merge PR#1868

2025-08-04 08:44:25 +00:00 · 2021-06-01 10:05:17 -04:00 · 2021-06-01 10:05:17 -04:00 · 0887b59163
commit 0887b59163
parent 51850cd12a cdf2e5ab78
1 changed files with 96 additions and 15 deletions
--- a/2021/29xxx/CVE-2021-29740.json
+++ b/2021/29xxx/CVE-2021-29740.json
@ -1,18 +1,99 @@
 {
-    "data_type": "CVE",
-    "data_format": "MITRE",
-    "data_version": "4.0",
-    "CVE_data_meta": {
-        "ID": "CVE-2021-29740",
-        "ASSIGNER": "cve@mitre.org",
-        "STATE": "RESERVED"
-    },
-    "description": {
-        "description_data": [
+   "impact" : {
+      "cvssv3" : {
+         "TM" : {
+            "RL" : "O",
+            "E" : "U",
+            "RC" : "C"
+         },
+         "BM" : {
+            "I" : "H",
+            "S" : "U",
+            "AC" : "L",
+            "A" : "H",
+            "PR" : "N",
+            "C" : "H",
+            "AV" : "L",
+            "SCORE" : "8.400",
+            "UI" : "N"
+         }
+      }
+   },
+   "data_version" : "4.0",
+   "problemtype" : {
+      "problemtype_data" : [
+         {
+            "description" : [
+               {
+                  "lang" : "eng",
+                  "value" : "Gain Privileges"
+               }
+            ]
+         }
+      ]
+   },
+   "CVE_data_meta" : {
+      "ID" : "CVE-2021-29740",
+      "ASSIGNER" : "psirt@us.ibm.com",
+      "DATE_PUBLIC" : "2021-05-31T00:00:00",
+      "STATE" : "PUBLIC"
+   },
+   "affects" : {
+      "vendor" : {
+         "vendor_data" : [
            {
-                "lang": "eng",
-                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+               "vendor_name" : "IBM",
+               "product" : {
+                  "product_data" : [
+                     {
+                        "product_name" : "Spectrum Scale",
+                        "version" : {
+                           "version_data" : [
+                              {
+                                 "version_value" : "5.0.0"
+                              },
+                              {
+                                 "version_value" : "5.1.0"
+                              },
+                              {
+                                 "version_value" : "5.0.5.6"
+                              },
+                              {
+                                 "version_value" : "5.1.0.3"
+                              }
+                           ]
+                        }
+                     }
+                  ]
+               }
            }
-        ]
-    }
-}
+         ]
+      }
+   },
+   "data_type" : "CVE",
+   "description" : {
+      "description_data" : [
+         {
+            "value" : "IBM Spectrum Scale 5.0.0 through 5.0.5.6 and 5.1.0 through 5.1.0.3 system core component is affected by a format string security vulnerability. An attacker could execute arbitrary code in the context of process memory, potentially escalating their system privileges and taking control over the entire system with root access.  IBM X-Force ID:  201474.",
+            "lang" : "eng"
+         }
+      ]
+   },
+   "data_format" : "MITRE",
+   "references" : {
+      "reference_data" : [
+         {
+            "url" : "https://www.ibm.com/support/pages/node/6457629",
+            "refsource" : "CONFIRM",
+            "name" : "https://www.ibm.com/support/pages/node/6457629",
+            "title" : "IBM Security Bulletin 6457629 (Spectrum Scale)"
+         },
+         {
+            "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/201474",
+            "title" : "X-Force Vulnerability Report",
+            "name" : "ibm-spectrum-cve202129740-priv-escalation (201474)",
+            "refsource" : "XF"
+         }
+      ]
+   }
+}