From 0b637f95c36972f4178aa3023609e91df7496a7f Mon Sep 17 00:00:00 2001 From: CVE Team Date: Tue, 25 May 2021 14:00:43 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2021/27xxx/CVE-2021-27821.json | 61 ++++++++++++++++++++++++++++++---- 2021/27xxx/CVE-2021-27823.json | 61 ++++++++++++++++++++++++++++++---- 2021/29xxx/CVE-2021-29201.json | 56 +++++++++++++++++++++++++++++-- 2021/29xxx/CVE-2021-29202.json | 56 +++++++++++++++++++++++++++++-- 2021/29xxx/CVE-2021-29204.json | 56 +++++++++++++++++++++++++++++-- 2021/29xxx/CVE-2021-29205.json | 56 +++++++++++++++++++++++++++++-- 2021/29xxx/CVE-2021-29206.json | 56 +++++++++++++++++++++++++++++-- 2021/29xxx/CVE-2021-29207.json | 56 +++++++++++++++++++++++++++++-- 2021/33xxx/CVE-2021-33425.json | 56 +++++++++++++++++++++++++++---- 2021/3xxx/CVE-2021-3565.json | 18 ++++++++++ 10 files changed, 496 insertions(+), 36 deletions(-) create mode 100644 2021/3xxx/CVE-2021-3565.json diff --git a/2021/27xxx/CVE-2021-27821.json b/2021/27xxx/CVE-2021-27821.json index 437056c00dc..8e72060687d 100644 --- a/2021/27xxx/CVE-2021-27821.json +++ b/2021/27xxx/CVE-2021-27821.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-27821", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-27821", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Web Interface for OpenWRT LuCI version 19.07 and lower has been discovered to have a cross-site scripting vulnerability which can lead to attackers carrying out arbitrary code execution." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://openwrt.com", + "refsource": "MISC", + "name": "http://openwrt.com" + }, + { + "url": "http://openwrtorg.com", + "refsource": "MISC", + "name": "http://openwrtorg.com" } ] } diff --git a/2021/27xxx/CVE-2021-27823.json b/2021/27xxx/CVE-2021-27823.json index d985e663b6a..8e3c096c1bc 100644 --- a/2021/27xxx/CVE-2021-27823.json +++ b/2021/27xxx/CVE-2021-27823.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-27823", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-27823", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An information disclosure vulnerability was discovered in /index.class.php (via port 8181) on NetWave System 1.0 which allows unauthenticated attackers to exfiltrate sensitive information from the system." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.netwavesystem.net/", + "refsource": "MISC", + "name": "https://www.netwavesystem.net/" + }, + { + "url": "https://www.mediateknet.net/", + "refsource": "MISC", + "name": "https://www.mediateknet.net/" } ] } diff --git a/2021/29xxx/CVE-2021-29201.json b/2021/29xxx/CVE-2021-29201.json index c9c7ca5f1c3..82f5c8dac14 100644 --- a/2021/29xxx/CVE-2021-29201.json +++ b/2021/29xxx/CVE-2021-29201.json @@ -4,14 +4,64 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-29201", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-alert@hpe.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers", + "version": { + "version_data": [ + { + "version_value": "Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78" + }, + { + "version_value": "Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44" + }, + { + "version_value": "" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "remote xss" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04134en_us", + "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04134en_us" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78." } ] } diff --git a/2021/29xxx/CVE-2021-29202.json b/2021/29xxx/CVE-2021-29202.json index 12dc5860b65..b812f8abdf3 100644 --- a/2021/29xxx/CVE-2021-29202.json +++ b/2021/29xxx/CVE-2021-29202.json @@ -4,14 +4,64 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-29202", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-alert@hpe.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers", + "version": { + "version_data": [ + { + "version_value": "Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78" + }, + { + "version_value": "Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44" + }, + { + "version_value": "" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "local buffer overflow" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04134en_us", + "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04134en_us" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A local buffer overflow vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78." } ] } diff --git a/2021/29xxx/CVE-2021-29204.json b/2021/29xxx/CVE-2021-29204.json index 3fabca9802e..7d17db4ffe3 100644 --- a/2021/29xxx/CVE-2021-29204.json +++ b/2021/29xxx/CVE-2021-29204.json @@ -4,14 +4,64 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-29204", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-alert@hpe.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers", + "version": { + "version_data": [ + { + "version_value": "Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78" + }, + { + "version_value": "Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44" + }, + { + "version_value": "" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "remote xss" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04134en_us", + "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04134en_us" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78." } ] } diff --git a/2021/29xxx/CVE-2021-29205.json b/2021/29xxx/CVE-2021-29205.json index 0f18c22f67f..d5d357c1c81 100644 --- a/2021/29xxx/CVE-2021-29205.json +++ b/2021/29xxx/CVE-2021-29205.json @@ -4,14 +4,64 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-29205", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-alert@hpe.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers", + "version": { + "version_data": [ + { + "version_value": "Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78" + }, + { + "version_value": "Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44" + }, + { + "version_value": "" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "remote xss" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04134en_us", + "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04134en_us" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78." } ] } diff --git a/2021/29xxx/CVE-2021-29206.json b/2021/29xxx/CVE-2021-29206.json index 51bc3f33851..28312c7af49 100644 --- a/2021/29xxx/CVE-2021-29206.json +++ b/2021/29xxx/CVE-2021-29206.json @@ -4,14 +4,64 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-29206", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-alert@hpe.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers", + "version": { + "version_data": [ + { + "version_value": "Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78" + }, + { + "version_value": "Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44" + }, + { + "version_value": "" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "remote xss" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04134en_us", + "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04134en_us" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78." } ] } diff --git a/2021/29xxx/CVE-2021-29207.json b/2021/29xxx/CVE-2021-29207.json index 789a76cfbb7..db3e62d4993 100644 --- a/2021/29xxx/CVE-2021-29207.json +++ b/2021/29xxx/CVE-2021-29207.json @@ -4,14 +4,64 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-29207", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-alert@hpe.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers", + "version": { + "version_data": [ + { + "version_value": "Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78" + }, + { + "version_value": "Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44" + }, + { + "version_value": "" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "remote xss" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04134en_us", + "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04134en_us" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78." } ] } diff --git a/2021/33xxx/CVE-2021-33425.json b/2021/33xxx/CVE-2021-33425.json index 6b452f2ee83..e86a3b3148c 100644 --- a/2021/33xxx/CVE-2021-33425.json +++ b/2021/33xxx/CVE-2021-33425.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-33425", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-33425", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A stored cross-site scripting (XSS) vulnerability was discovered in the Web Interface for OpenWRT LuCI version 19.07 which allows attackers to inject arbitrary Javascript in the OpenWRT Hostname via the Hostname Change operation." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://openwrt.com", + "refsource": "MISC", + "name": "http://openwrt.com" } ] } diff --git a/2021/3xxx/CVE-2021-3565.json b/2021/3xxx/CVE-2021-3565.json new file mode 100644 index 00000000000..929c84366b1 --- /dev/null +++ b/2021/3xxx/CVE-2021-3565.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-3565", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file