mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-08-04 08:44:25 +00:00
"-Synchronized-Data."
This commit is contained in:
CVE Team
parent
ecee97f79c
commit
16c93ac0aa
@ -1,90 +1,90 @@
|
||||
{
|
||||
"data_version" : "4.0",
|
||||
"CVE_data_meta" : {
|
||||
"STATE" : "PUBLIC",
|
||||
"ID" : "CVE-2021-29806",
|
||||
"ASSIGNER" : "psirt@us.ibm.com",
|
||||
"DATE_PUBLIC" : "2021-09-19T00:00:00"
|
||||
},
|
||||
"data_format" : "MITRE",
|
||||
"problemtype" : {
|
||||
"problemtype_data" : [
|
||||
{
|
||||
"description" : [
|
||||
{
|
||||
"lang" : "eng",
|
||||
"value" : "Cross-Site Scripting"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects" : {
|
||||
"vendor" : {
|
||||
"vendor_data" : [
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"STATE": "PUBLIC",
|
||||
"ID": "CVE-2021-29806",
|
||||
"ASSIGNER": "psirt@us.ibm.com",
|
||||
"DATE_PUBLIC": "2021-09-19T00:00:00"
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"product" : {
|
||||
"product_data" : [
|
||||
{
|
||||
"product_name" : "Tivoli Netcool/OMNIbus",
|
||||
"version" : {
|
||||
"version_data" : [
|
||||
{
|
||||
"version_value" : "8.1.0"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name" : "IBM"
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Cross-Site Scripting"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references" : {
|
||||
"reference_data" : [
|
||||
{
|
||||
"url" : "https://www.ibm.com/support/pages/node/6490747",
|
||||
"refsource" : "CONFIRM",
|
||||
"title" : "IBM Security Bulletin 6490747 (Tivoli Netcool/OMNIbus)",
|
||||
"name" : "https://www.ibm.com/support/pages/node/6490747"
|
||||
},
|
||||
{
|
||||
"refsource" : "XF",
|
||||
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/204264",
|
||||
"name" : "ibm-tivoli-cve202129806-xss (204264)",
|
||||
"title" : "X-Force Vulnerability Report"
|
||||
}
|
||||
]
|
||||
},
|
||||
"impact" : {
|
||||
"cvssv3" : {
|
||||
"TM" : {
|
||||
"RL" : "O",
|
||||
"RC" : "C",
|
||||
"E" : "U"
|
||||
},
|
||||
"BM" : {
|
||||
"C" : "L",
|
||||
"PR" : "L",
|
||||
"AV" : "N",
|
||||
"AC" : "L",
|
||||
"I" : "L",
|
||||
"UI" : "N",
|
||||
"SCORE" : "5.400",
|
||||
"A" : "N",
|
||||
"S" : "U"
|
||||
}
|
||||
}
|
||||
},
|
||||
"description" : {
|
||||
"description_data" : [
|
||||
{
|
||||
"value" : "IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204264.",
|
||||
"lang" : "eng"
|
||||
}
|
||||
]
|
||||
},
|
||||
"data_type" : "CVE"
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Tivoli Netcool/OMNIbus",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "8.1.0"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "IBM"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://www.ibm.com/support/pages/node/6490747",
|
||||
"refsource": "CONFIRM",
|
||||
"title": "IBM Security Bulletin 6490747 (Tivoli Netcool/OMNIbus)",
|
||||
"name": "https://www.ibm.com/support/pages/node/6490747"
|
||||
},
|
||||
{
|
||||
"refsource": "XF",
|
||||
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/204264",
|
||||
"name": "ibm-tivoli-cve202129806-xss (204264)",
|
||||
"title": "X-Force Vulnerability Report"
|
||||
}
|
||||
]
|
||||
},
|
||||
"impact": {
|
||||
"cvssv3": {
|
||||
"TM": {
|
||||
"RL": "O",
|
||||
"RC": "C",
|
||||
"E": "U"
|
||||
},
|
||||
"BM": {
|
||||
"C": "L",
|
||||
"PR": "L",
|
||||
"AV": "N",
|
||||
"AC": "L",
|
||||
"I": "L",
|
||||
"UI": "N",
|
||||
"SCORE": "5.400",
|
||||
"A": "N",
|
||||
"S": "U"
|
||||
}
|
||||
}
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"value": "IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204264.",
|
||||
"lang": "eng"
|
||||
}
|
||||
]
|
||||
},
|
||||
"data_type": "CVE"
|
||||
}
|
||||
@ -1,90 +1,90 @@
|
||||
{
|
||||
"data_type" : "CVE",
|
||||
"description" : {
|
||||
"description_data" : [
|
||||
{
|
||||
"lang" : "eng",
|
||||
"value" : "IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204265."
|
||||
}
|
||||
]
|
||||
},
|
||||
"impact" : {
|
||||
"cvssv3" : {
|
||||
"TM" : {
|
||||
"E" : "U",
|
||||
"RC" : "C",
|
||||
"RL" : "O"
|
||||
},
|
||||
"BM" : {
|
||||
"S" : "C",
|
||||
"UI" : "N",
|
||||
"SCORE" : "6.400",
|
||||
"A" : "N",
|
||||
"AV" : "N",
|
||||
"AC" : "L",
|
||||
"I" : "L",
|
||||
"C" : "L",
|
||||
"PR" : "L"
|
||||
}
|
||||
}
|
||||
},
|
||||
"references" : {
|
||||
"reference_data" : [
|
||||
{
|
||||
"refsource" : "CONFIRM",
|
||||
"url" : "https://www.ibm.com/support/pages/node/6490747",
|
||||
"name" : "https://www.ibm.com/support/pages/node/6490747",
|
||||
"title" : "IBM Security Bulletin 6490747 (Tivoli Netcool/OMNIbus)"
|
||||
},
|
||||
{
|
||||
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/204265",
|
||||
"refsource" : "XF",
|
||||
"name" : "ibm-tivoli-cve202129807-xss (204265)",
|
||||
"title" : "X-Force Vulnerability Report"
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects" : {
|
||||
"vendor" : {
|
||||
"vendor_data" : [
|
||||
"data_type": "CVE",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"product" : {
|
||||
"product_data" : [
|
||||
{
|
||||
"version" : {
|
||||
"version_data" : [
|
||||
{
|
||||
"version_value" : "8.1.0"
|
||||
}
|
||||
]
|
||||
},
|
||||
"product_name" : "Tivoli Netcool/OMNIbus"
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name" : "IBM"
|
||||
"lang": "eng",
|
||||
"value": "IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204265."
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"problemtype" : {
|
||||
"problemtype_data" : [
|
||||
{
|
||||
"description" : [
|
||||
{
|
||||
"value" : "Cross-Site Scripting",
|
||||
"lang" : "eng"
|
||||
}
|
||||
]
|
||||
},
|
||||
"impact": {
|
||||
"cvssv3": {
|
||||
"TM": {
|
||||
"E": "U",
|
||||
"RC": "C",
|
||||
"RL": "O"
|
||||
},
|
||||
"BM": {
|
||||
"S": "C",
|
||||
"UI": "N",
|
||||
"SCORE": "6.400",
|
||||
"A": "N",
|
||||
"AV": "N",
|
||||
"AC": "L",
|
||||
"I": "L",
|
||||
"C": "L",
|
||||
"PR": "L"
|
||||
}
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.ibm.com/support/pages/node/6490747",
|
||||
"name": "https://www.ibm.com/support/pages/node/6490747",
|
||||
"title": "IBM Security Bulletin 6490747 (Tivoli Netcool/OMNIbus)"
|
||||
},
|
||||
{
|
||||
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/204265",
|
||||
"refsource": "XF",
|
||||
"name": "ibm-tivoli-cve202129807-xss (204265)",
|
||||
"title": "X-Force Vulnerability Report"
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "8.1.0"
|
||||
}
|
||||
]
|
||||
},
|
||||
"product_name": "Tivoli Netcool/OMNIbus"
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "IBM"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"data_format" : "MITRE",
|
||||
"CVE_data_meta" : {
|
||||
"DATE_PUBLIC" : "2021-09-19T00:00:00",
|
||||
"ASSIGNER" : "psirt@us.ibm.com",
|
||||
"ID" : "CVE-2021-29807",
|
||||
"STATE" : "PUBLIC"
|
||||
},
|
||||
"data_version" : "4.0"
|
||||
}
|
||||
}
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"value": "Cross-Site Scripting",
|
||||
"lang": "eng"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"CVE_data_meta": {
|
||||
"DATE_PUBLIC": "2021-09-19T00:00:00",
|
||||
"ASSIGNER": "psirt@us.ibm.com",
|
||||
"ID": "CVE-2021-29807",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"data_version": "4.0"
|
||||
}
|
||||
@ -1,90 +1,90 @@
|
||||
{
|
||||
"references" : {
|
||||
"reference_data" : [
|
||||
{
|
||||
"refsource" : "CONFIRM",
|
||||
"url" : "https://www.ibm.com/support/pages/node/6490747",
|
||||
"name" : "https://www.ibm.com/support/pages/node/6490747",
|
||||
"title" : "IBM Security Bulletin 6490747 (Tivoli Netcool/OMNIbus)"
|
||||
},
|
||||
{
|
||||
"refsource" : "XF",
|
||||
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/204269",
|
||||
"title" : "X-Force Vulnerability Report",
|
||||
"name" : "ibm-tivoli-cve202129808-xss (204269)"
|
||||
}
|
||||
]
|
||||
},
|
||||
"impact" : {
|
||||
"cvssv3" : {
|
||||
"BM" : {
|
||||
"AV" : "N",
|
||||
"AC" : "L",
|
||||
"I" : "L",
|
||||
"C" : "L",
|
||||
"PR" : "L",
|
||||
"S" : "C",
|
||||
"UI" : "N",
|
||||
"SCORE" : "6.400",
|
||||
"A" : "N"
|
||||
},
|
||||
"TM" : {
|
||||
"E" : "U",
|
||||
"RL" : "O",
|
||||
"RC" : "C"
|
||||
}
|
||||
}
|
||||
},
|
||||
"affects" : {
|
||||
"vendor" : {
|
||||
"vendor_data" : [
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"product" : {
|
||||
"product_data" : [
|
||||
{
|
||||
"version" : {
|
||||
"version_data" : [
|
||||
{
|
||||
"version_value" : "8.1.0"
|
||||
}
|
||||
]
|
||||
},
|
||||
"product_name" : "Tivoli Netcool/OMNIbus"
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name" : "IBM"
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.ibm.com/support/pages/node/6490747",
|
||||
"name": "https://www.ibm.com/support/pages/node/6490747",
|
||||
"title": "IBM Security Bulletin 6490747 (Tivoli Netcool/OMNIbus)"
|
||||
},
|
||||
{
|
||||
"refsource": "XF",
|
||||
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/204269",
|
||||
"title": "X-Force Vulnerability Report",
|
||||
"name": "ibm-tivoli-cve202129808-xss (204269)"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_type" : "CVE",
|
||||
"description" : {
|
||||
"description_data" : [
|
||||
{
|
||||
"lang" : "eng",
|
||||
"value" : "IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204269."
|
||||
}
|
||||
]
|
||||
},
|
||||
"data_version" : "4.0",
|
||||
"data_format" : "MITRE",
|
||||
"problemtype" : {
|
||||
"problemtype_data" : [
|
||||
{
|
||||
"description" : [
|
||||
{
|
||||
"value" : "Cross-Site Scripting",
|
||||
"lang" : "eng"
|
||||
}
|
||||
]
|
||||
},
|
||||
"impact": {
|
||||
"cvssv3": {
|
||||
"BM": {
|
||||
"AV": "N",
|
||||
"AC": "L",
|
||||
"I": "L",
|
||||
"C": "L",
|
||||
"PR": "L",
|
||||
"S": "C",
|
||||
"UI": "N",
|
||||
"SCORE": "6.400",
|
||||
"A": "N"
|
||||
},
|
||||
"TM": {
|
||||
"E": "U",
|
||||
"RL": "O",
|
||||
"RC": "C"
|
||||
}
|
||||
}
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "8.1.0"
|
||||
}
|
||||
]
|
||||
},
|
||||
"product_name": "Tivoli Netcool/OMNIbus"
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "IBM"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"CVE_data_meta" : {
|
||||
"DATE_PUBLIC" : "2021-09-19T00:00:00",
|
||||
"ASSIGNER" : "psirt@us.ibm.com",
|
||||
"ID" : "CVE-2021-29808",
|
||||
"STATE" : "PUBLIC"
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
"data_type": "CVE",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204269."
|
||||
}
|
||||
]
|
||||
},
|
||||
"data_version": "4.0",
|
||||
"data_format": "MITRE",
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"value": "Cross-Site Scripting",
|
||||
"lang": "eng"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"CVE_data_meta": {
|
||||
"DATE_PUBLIC": "2021-09-19T00:00:00",
|
||||
"ASSIGNER": "psirt@us.ibm.com",
|
||||
"ID": "CVE-2021-29808",
|
||||
"STATE": "PUBLIC"
|
||||
}
|
||||
}
|
||||
@ -1,90 +1,90 @@
|
||||
{
|
||||
"data_version" : "4.0",
|
||||
"CVE_data_meta" : {
|
||||
"ASSIGNER" : "psirt@us.ibm.com",
|
||||
"DATE_PUBLIC" : "2021-09-19T00:00:00",
|
||||
"STATE" : "PUBLIC",
|
||||
"ID" : "CVE-2021-29809"
|
||||
},
|
||||
"problemtype" : {
|
||||
"problemtype_data" : [
|
||||
{
|
||||
"description" : [
|
||||
{
|
||||
"value" : "Cross-Site Scripting",
|
||||
"lang" : "eng"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"data_format" : "MITRE",
|
||||
"affects" : {
|
||||
"vendor" : {
|
||||
"vendor_data" : [
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ASSIGNER": "psirt@us.ibm.com",
|
||||
"DATE_PUBLIC": "2021-09-19T00:00:00",
|
||||
"STATE": "PUBLIC",
|
||||
"ID": "CVE-2021-29809"
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"product" : {
|
||||
"product_data" : [
|
||||
{
|
||||
"product_name" : "Tivoli Netcool/OMNIbus",
|
||||
"version" : {
|
||||
"version_data" : [
|
||||
{
|
||||
"version_value" : "8.1.0"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name" : "IBM"
|
||||
"description": [
|
||||
{
|
||||
"value": "Cross-Site Scripting",
|
||||
"lang": "eng"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"impact" : {
|
||||
"cvssv3" : {
|
||||
"BM" : {
|
||||
"UI" : "N",
|
||||
"A" : "N",
|
||||
"SCORE" : "6.400",
|
||||
"S" : "C",
|
||||
"C" : "L",
|
||||
"PR" : "L",
|
||||
"AC" : "L",
|
||||
"AV" : "N",
|
||||
"I" : "L"
|
||||
},
|
||||
"TM" : {
|
||||
"E" : "U",
|
||||
"RC" : "C",
|
||||
"RL" : "O"
|
||||
}
|
||||
}
|
||||
},
|
||||
"references" : {
|
||||
"reference_data" : [
|
||||
{
|
||||
"url" : "https://www.ibm.com/support/pages/node/6490747",
|
||||
"refsource" : "CONFIRM",
|
||||
"name" : "https://www.ibm.com/support/pages/node/6490747",
|
||||
"title" : "IBM Security Bulletin 6490747 (Tivoli Netcool/OMNIbus)"
|
||||
},
|
||||
{
|
||||
"refsource" : "XF",
|
||||
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/204270",
|
||||
"name" : "ibm-tivoli-cve202129809-xss (204270)",
|
||||
"title" : "X-Force Vulnerability Report"
|
||||
}
|
||||
]
|
||||
},
|
||||
"description" : {
|
||||
"description_data" : [
|
||||
{
|
||||
"value" : "IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204270.",
|
||||
"lang" : "eng"
|
||||
}
|
||||
]
|
||||
},
|
||||
"data_type" : "CVE"
|
||||
}
|
||||
]
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Tivoli Netcool/OMNIbus",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "8.1.0"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "IBM"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"impact": {
|
||||
"cvssv3": {
|
||||
"BM": {
|
||||
"UI": "N",
|
||||
"A": "N",
|
||||
"SCORE": "6.400",
|
||||
"S": "C",
|
||||
"C": "L",
|
||||
"PR": "L",
|
||||
"AC": "L",
|
||||
"AV": "N",
|
||||
"I": "L"
|
||||
},
|
||||
"TM": {
|
||||
"E": "U",
|
||||
"RC": "C",
|
||||
"RL": "O"
|
||||
}
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://www.ibm.com/support/pages/node/6490747",
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://www.ibm.com/support/pages/node/6490747",
|
||||
"title": "IBM Security Bulletin 6490747 (Tivoli Netcool/OMNIbus)"
|
||||
},
|
||||
{
|
||||
"refsource": "XF",
|
||||
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/204270",
|
||||
"name": "ibm-tivoli-cve202129809-xss (204270)",
|
||||
"title": "X-Force Vulnerability Report"
|
||||
}
|
||||
]
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"value": "IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204270.",
|
||||
"lang": "eng"
|
||||
}
|
||||
]
|
||||
},
|
||||
"data_type": "CVE"
|
||||
}
|
||||
@ -1,90 +1,90 @@
|
||||
{
|
||||
"affects" : {
|
||||
"vendor" : {
|
||||
"vendor_data" : [
|
||||
{
|
||||
"vendor_name" : "IBM",
|
||||
"product" : {
|
||||
"product_data" : [
|
||||
{
|
||||
"version" : {
|
||||
"version_data" : [
|
||||
{
|
||||
"version_value" : "8.1.0"
|
||||
}
|
||||
]
|
||||
},
|
||||
"product_name" : "Tivoli Netcool/OMNIbus"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references" : {
|
||||
"reference_data" : [
|
||||
{
|
||||
"refsource" : "CONFIRM",
|
||||
"url" : "https://www.ibm.com/support/pages/node/6490747",
|
||||
"name" : "https://www.ibm.com/support/pages/node/6490747",
|
||||
"title" : "IBM Security Bulletin 6490747 (Tivoli Netcool/OMNIbus)"
|
||||
},
|
||||
{
|
||||
"title" : "X-Force Vulnerability Report",
|
||||
"name" : "ibm-tivoli-cve202129811-info-disc (204329)",
|
||||
"refsource" : "XF",
|
||||
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/204329"
|
||||
}
|
||||
]
|
||||
},
|
||||
"impact" : {
|
||||
"cvssv3" : {
|
||||
"TM" : {
|
||||
"RC" : "U",
|
||||
"RL" : "O",
|
||||
"E" : "U"
|
||||
},
|
||||
"BM" : {
|
||||
"S" : "U",
|
||||
"UI" : "N",
|
||||
"A" : "N",
|
||||
"SCORE" : "4.900",
|
||||
"AC" : "L",
|
||||
"AV" : "N",
|
||||
"I" : "N",
|
||||
"C" : "H",
|
||||
"PR" : "H"
|
||||
}
|
||||
}
|
||||
},
|
||||
"description" : {
|
||||
"description_data" : [
|
||||
{
|
||||
"lang" : "eng",
|
||||
"value" : "IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 stores user credentials in plain clear text which can be read by an authenticated admin user. IBM X-Force ID: 204329."
|
||||
}
|
||||
]
|
||||
},
|
||||
"data_type" : "CVE",
|
||||
"data_version" : "4.0",
|
||||
"CVE_data_meta" : {
|
||||
"ID" : "CVE-2021-29811",
|
||||
"STATE" : "PUBLIC",
|
||||
"DATE_PUBLIC" : "2021-09-19T00:00:00",
|
||||
"ASSIGNER" : "psirt@us.ibm.com"
|
||||
},
|
||||
"data_format" : "MITRE",
|
||||
"problemtype" : {
|
||||
"problemtype_data" : [
|
||||
{
|
||||
"description" : [
|
||||
{
|
||||
"value" : "Obtain Information",
|
||||
"lang" : "eng"
|
||||
}
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "IBM",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "8.1.0"
|
||||
}
|
||||
]
|
||||
},
|
||||
"product_name": "Tivoli Netcool/OMNIbus"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.ibm.com/support/pages/node/6490747",
|
||||
"name": "https://www.ibm.com/support/pages/node/6490747",
|
||||
"title": "IBM Security Bulletin 6490747 (Tivoli Netcool/OMNIbus)"
|
||||
},
|
||||
{
|
||||
"title": "X-Force Vulnerability Report",
|
||||
"name": "ibm-tivoli-cve202129811-info-disc (204329)",
|
||||
"refsource": "XF",
|
||||
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/204329"
|
||||
}
|
||||
]
|
||||
},
|
||||
"impact": {
|
||||
"cvssv3": {
|
||||
"TM": {
|
||||
"RC": "U",
|
||||
"RL": "O",
|
||||
"E": "U"
|
||||
},
|
||||
"BM": {
|
||||
"S": "U",
|
||||
"UI": "N",
|
||||
"A": "N",
|
||||
"SCORE": "4.900",
|
||||
"AC": "L",
|
||||
"AV": "N",
|
||||
"I": "N",
|
||||
"C": "H",
|
||||
"PR": "H"
|
||||
}
|
||||
}
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 stores user credentials in plain clear text which can be read by an authenticated admin user. IBM X-Force ID: 204329."
|
||||
}
|
||||
]
|
||||
},
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2021-29811",
|
||||
"STATE": "PUBLIC",
|
||||
"DATE_PUBLIC": "2021-09-19T00:00:00",
|
||||
"ASSIGNER": "psirt@us.ibm.com"
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"value": "Obtain Information",
|
||||
"lang": "eng"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
@ -1,90 +1,90 @@
|
||||
{
|
||||
"CVE_data_meta" : {
|
||||
"STATE" : "PUBLIC",
|
||||
"ID" : "CVE-2021-29817",
|
||||
"ASSIGNER" : "psirt@us.ibm.com",
|
||||
"DATE_PUBLIC" : "2021-09-19T00:00:00"
|
||||
},
|
||||
"data_format" : "MITRE",
|
||||
"problemtype" : {
|
||||
"problemtype_data" : [
|
||||
{
|
||||
"description" : [
|
||||
{
|
||||
"value" : "Cross-Site Scripting",
|
||||
"lang" : "eng"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"data_version" : "4.0",
|
||||
"description" : {
|
||||
"description_data" : [
|
||||
{
|
||||
"lang" : "eng",
|
||||
"value" : "IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204343."
|
||||
}
|
||||
]
|
||||
},
|
||||
"data_type" : "CVE",
|
||||
"affects" : {
|
||||
"vendor" : {
|
||||
"vendor_data" : [
|
||||
"CVE_data_meta": {
|
||||
"STATE": "PUBLIC",
|
||||
"ID": "CVE-2021-29817",
|
||||
"ASSIGNER": "psirt@us.ibm.com",
|
||||
"DATE_PUBLIC": "2021-09-19T00:00:00"
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"vendor_name" : "IBM",
|
||||
"product" : {
|
||||
"product_data" : [
|
||||
{
|
||||
"version" : {
|
||||
"version_data" : [
|
||||
{
|
||||
"version_value" : "8.1.0"
|
||||
}
|
||||
]
|
||||
},
|
||||
"product_name" : "Tivoli Netcool/OMNIbus"
|
||||
}
|
||||
]
|
||||
}
|
||||
"description": [
|
||||
{
|
||||
"value": "Cross-Site Scripting",
|
||||
"lang": "eng"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"impact" : {
|
||||
"cvssv3" : {
|
||||
"BM" : {
|
||||
"UI" : "R",
|
||||
"A" : "N",
|
||||
"SCORE" : "5.400",
|
||||
"S" : "C",
|
||||
"C" : "L",
|
||||
"PR" : "L",
|
||||
"AC" : "L",
|
||||
"AV" : "N",
|
||||
"I" : "L"
|
||||
},
|
||||
"TM" : {
|
||||
"RC" : "C",
|
||||
"RL" : "O",
|
||||
"E" : "H"
|
||||
}
|
||||
}
|
||||
},
|
||||
"references" : {
|
||||
"reference_data" : [
|
||||
{
|
||||
"url" : "https://www.ibm.com/support/pages/node/6490747",
|
||||
"refsource" : "CONFIRM",
|
||||
"name" : "https://www.ibm.com/support/pages/node/6490747",
|
||||
"title" : "IBM Security Bulletin 6490747 (Tivoli Netcool/OMNIbus)"
|
||||
},
|
||||
{
|
||||
"name" : "ibm-tivoli-cve202129817-xss (204343)",
|
||||
"title" : "X-Force Vulnerability Report",
|
||||
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/204343",
|
||||
"refsource" : "XF"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204343."
|
||||
}
|
||||
]
|
||||
},
|
||||
"data_type": "CVE",
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "IBM",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "8.1.0"
|
||||
}
|
||||
]
|
||||
},
|
||||
"product_name": "Tivoli Netcool/OMNIbus"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"impact": {
|
||||
"cvssv3": {
|
||||
"BM": {
|
||||
"UI": "R",
|
||||
"A": "N",
|
||||
"SCORE": "5.400",
|
||||
"S": "C",
|
||||
"C": "L",
|
||||
"PR": "L",
|
||||
"AC": "L",
|
||||
"AV": "N",
|
||||
"I": "L"
|
||||
},
|
||||
"TM": {
|
||||
"RC": "C",
|
||||
"RL": "O",
|
||||
"E": "H"
|
||||
}
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://www.ibm.com/support/pages/node/6490747",
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://www.ibm.com/support/pages/node/6490747",
|
||||
"title": "IBM Security Bulletin 6490747 (Tivoli Netcool/OMNIbus)"
|
||||
},
|
||||
{
|
||||
"name": "ibm-tivoli-cve202129817-xss (204343)",
|
||||
"title": "X-Force Vulnerability Report",
|
||||
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/204343",
|
||||
"refsource": "XF"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
@ -1,90 +1,90 @@
|
||||
{
|
||||
"impact" : {
|
||||
"cvssv3" : {
|
||||
"TM" : {
|
||||
"E" : "H",
|
||||
"RC" : "C",
|
||||
"RL" : "O"
|
||||
},
|
||||
"BM" : {
|
||||
"SCORE" : "5.400",
|
||||
"A" : "N",
|
||||
"UI" : "R",
|
||||
"S" : "C",
|
||||
"PR" : "L",
|
||||
"C" : "L",
|
||||
"I" : "L",
|
||||
"AV" : "N",
|
||||
"AC" : "L"
|
||||
}
|
||||
}
|
||||
},
|
||||
"references" : {
|
||||
"reference_data" : [
|
||||
{
|
||||
"name" : "https://www.ibm.com/support/pages/node/6490747",
|
||||
"title" : "IBM Security Bulletin 6490747 (Tivoli Netcool/OMNIbus)",
|
||||
"refsource" : "CONFIRM",
|
||||
"url" : "https://www.ibm.com/support/pages/node/6490747"
|
||||
},
|
||||
{
|
||||
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/204345",
|
||||
"refsource" : "XF",
|
||||
"name" : "ibm-tivoli-cve202129818-xss (204345)",
|
||||
"title" : "X-Force Vulnerability Report"
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects" : {
|
||||
"vendor" : {
|
||||
"vendor_data" : [
|
||||
{
|
||||
"product" : {
|
||||
"product_data" : [
|
||||
{
|
||||
"product_name" : "Tivoli Netcool/OMNIbus",
|
||||
"version" : {
|
||||
"version_data" : [
|
||||
{
|
||||
"version_value" : "8.1.0"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name" : "IBM"
|
||||
"impact": {
|
||||
"cvssv3": {
|
||||
"TM": {
|
||||
"E": "H",
|
||||
"RC": "C",
|
||||
"RL": "O"
|
||||
},
|
||||
"BM": {
|
||||
"SCORE": "5.400",
|
||||
"A": "N",
|
||||
"UI": "R",
|
||||
"S": "C",
|
||||
"PR": "L",
|
||||
"C": "L",
|
||||
"I": "L",
|
||||
"AV": "N",
|
||||
"AC": "L"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_type" : "CVE",
|
||||
"description" : {
|
||||
"description_data" : [
|
||||
{
|
||||
"lang" : "eng",
|
||||
"value" : "IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204345."
|
||||
}
|
||||
]
|
||||
},
|
||||
"data_version" : "4.0",
|
||||
"problemtype" : {
|
||||
"problemtype_data" : [
|
||||
{
|
||||
"description" : [
|
||||
{
|
||||
"value" : "Cross-Site Scripting",
|
||||
"lang" : "eng"
|
||||
}
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"name": "https://www.ibm.com/support/pages/node/6490747",
|
||||
"title": "IBM Security Bulletin 6490747 (Tivoli Netcool/OMNIbus)",
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.ibm.com/support/pages/node/6490747"
|
||||
},
|
||||
{
|
||||
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/204345",
|
||||
"refsource": "XF",
|
||||
"name": "ibm-tivoli-cve202129818-xss (204345)",
|
||||
"title": "X-Force Vulnerability Report"
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Tivoli Netcool/OMNIbus",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "8.1.0"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "IBM"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"data_format" : "MITRE",
|
||||
"CVE_data_meta" : {
|
||||
"DATE_PUBLIC" : "2021-09-19T00:00:00",
|
||||
"ASSIGNER" : "psirt@us.ibm.com",
|
||||
"ID" : "CVE-2021-29818",
|
||||
"STATE" : "PUBLIC"
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
"data_type": "CVE",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204345."
|
||||
}
|
||||
]
|
||||
},
|
||||
"data_version": "4.0",
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"value": "Cross-Site Scripting",
|
||||
"lang": "eng"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"CVE_data_meta": {
|
||||
"DATE_PUBLIC": "2021-09-19T00:00:00",
|
||||
"ASSIGNER": "psirt@us.ibm.com",
|
||||
"ID": "CVE-2021-29818",
|
||||
"STATE": "PUBLIC"
|
||||
}
|
||||
}
|
||||
@ -1,90 +1,90 @@
|
||||
{
|
||||
"affects" : {
|
||||
"vendor" : {
|
||||
"vendor_data" : [
|
||||
{
|
||||
"product" : {
|
||||
"product_data" : [
|
||||
{
|
||||
"version" : {
|
||||
"version_data" : [
|
||||
{
|
||||
"version_value" : "8.1.0"
|
||||
}
|
||||
]
|
||||
},
|
||||
"product_name" : "Tivoli Netcool/OMNIbus"
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name" : "IBM"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"impact" : {
|
||||
"cvssv3" : {
|
||||
"BM" : {
|
||||
"PR" : "L",
|
||||
"C" : "L",
|
||||
"I" : "L",
|
||||
"AV" : "N",
|
||||
"AC" : "L",
|
||||
"SCORE" : "5.400",
|
||||
"A" : "N",
|
||||
"UI" : "R",
|
||||
"S" : "C"
|
||||
},
|
||||
"TM" : {
|
||||
"E" : "H",
|
||||
"RC" : "C",
|
||||
"RL" : "O"
|
||||
}
|
||||
}
|
||||
},
|
||||
"references" : {
|
||||
"reference_data" : [
|
||||
{
|
||||
"refsource" : "CONFIRM",
|
||||
"url" : "https://www.ibm.com/support/pages/node/6490747",
|
||||
"name" : "https://www.ibm.com/support/pages/node/6490747",
|
||||
"title" : "IBM Security Bulletin 6490747 (Tivoli Netcool/OMNIbus)"
|
||||
},
|
||||
{
|
||||
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/204346",
|
||||
"refsource" : "XF",
|
||||
"title" : "X-Force Vulnerability Report",
|
||||
"name" : "ibm-tivoli-cve202129819-xss (204346)"
|
||||
}
|
||||
]
|
||||
},
|
||||
"description" : {
|
||||
"description_data" : [
|
||||
{
|
||||
"lang" : "eng",
|
||||
"value" : "IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204346."
|
||||
}
|
||||
]
|
||||
},
|
||||
"data_type" : "CVE",
|
||||
"data_version" : "4.0",
|
||||
"CVE_data_meta" : {
|
||||
"ASSIGNER" : "psirt@us.ibm.com",
|
||||
"DATE_PUBLIC" : "2021-09-19T00:00:00",
|
||||
"STATE" : "PUBLIC",
|
||||
"ID" : "CVE-2021-29819"
|
||||
},
|
||||
"problemtype" : {
|
||||
"problemtype_data" : [
|
||||
{
|
||||
"description" : [
|
||||
{
|
||||
"lang" : "eng",
|
||||
"value" : "Cross-Site Scripting"
|
||||
}
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "8.1.0"
|
||||
}
|
||||
]
|
||||
},
|
||||
"product_name": "Tivoli Netcool/OMNIbus"
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "IBM"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"data_format" : "MITRE"
|
||||
}
|
||||
}
|
||||
},
|
||||
"impact": {
|
||||
"cvssv3": {
|
||||
"BM": {
|
||||
"PR": "L",
|
||||
"C": "L",
|
||||
"I": "L",
|
||||
"AV": "N",
|
||||
"AC": "L",
|
||||
"SCORE": "5.400",
|
||||
"A": "N",
|
||||
"UI": "R",
|
||||
"S": "C"
|
||||
},
|
||||
"TM": {
|
||||
"E": "H",
|
||||
"RC": "C",
|
||||
"RL": "O"
|
||||
}
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.ibm.com/support/pages/node/6490747",
|
||||
"name": "https://www.ibm.com/support/pages/node/6490747",
|
||||
"title": "IBM Security Bulletin 6490747 (Tivoli Netcool/OMNIbus)"
|
||||
},
|
||||
{
|
||||
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/204346",
|
||||
"refsource": "XF",
|
||||
"title": "X-Force Vulnerability Report",
|
||||
"name": "ibm-tivoli-cve202129819-xss (204346)"
|
||||
}
|
||||
]
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204346."
|
||||
}
|
||||
]
|
||||
},
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ASSIGNER": "psirt@us.ibm.com",
|
||||
"DATE_PUBLIC": "2021-09-19T00:00:00",
|
||||
"STATE": "PUBLIC",
|
||||
"ID": "CVE-2021-29819"
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Cross-Site Scripting"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"data_format": "MITRE"
|
||||
}
|
||||
@ -1,90 +1,90 @@
|
||||
{
|
||||
"data_type" : "CVE",
|
||||
"description" : {
|
||||
"description_data" : [
|
||||
{
|
||||
"lang" : "eng",
|
||||
"value" : "IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204347."
|
||||
}
|
||||
]
|
||||
},
|
||||
"impact" : {
|
||||
"cvssv3" : {
|
||||
"TM" : {
|
||||
"RL" : "O",
|
||||
"RC" : "C",
|
||||
"E" : "H"
|
||||
},
|
||||
"BM" : {
|
||||
"C" : "L",
|
||||
"PR" : "L",
|
||||
"AC" : "L",
|
||||
"AV" : "N",
|
||||
"I" : "L",
|
||||
"UI" : "R",
|
||||
"A" : "N",
|
||||
"SCORE" : "5.400",
|
||||
"S" : "C"
|
||||
}
|
||||
}
|
||||
},
|
||||
"references" : {
|
||||
"reference_data" : [
|
||||
{
|
||||
"title" : "IBM Security Bulletin 6490747 (Tivoli Netcool/OMNIbus)",
|
||||
"name" : "https://www.ibm.com/support/pages/node/6490747",
|
||||
"refsource" : "CONFIRM",
|
||||
"url" : "https://www.ibm.com/support/pages/node/6490747"
|
||||
},
|
||||
{
|
||||
"name" : "ibm-tivoli-cve202129820-xss (204347)",
|
||||
"title" : "X-Force Vulnerability Report",
|
||||
"refsource" : "XF",
|
||||
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/204347"
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects" : {
|
||||
"vendor" : {
|
||||
"vendor_data" : [
|
||||
"data_type": "CVE",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"vendor_name" : "IBM",
|
||||
"product" : {
|
||||
"product_data" : [
|
||||
{
|
||||
"product_name" : "Tivoli Netcool/OMNIbus",
|
||||
"version" : {
|
||||
"version_data" : [
|
||||
{
|
||||
"version_value" : "8.1.0"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
"lang": "eng",
|
||||
"value": "IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204347."
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format" : "MITRE",
|
||||
"problemtype" : {
|
||||
"problemtype_data" : [
|
||||
{
|
||||
"description" : [
|
||||
{
|
||||
"lang" : "eng",
|
||||
"value" : "Cross-Site Scripting"
|
||||
}
|
||||
]
|
||||
},
|
||||
"impact": {
|
||||
"cvssv3": {
|
||||
"TM": {
|
||||
"RL": "O",
|
||||
"RC": "C",
|
||||
"E": "H"
|
||||
},
|
||||
"BM": {
|
||||
"C": "L",
|
||||
"PR": "L",
|
||||
"AC": "L",
|
||||
"AV": "N",
|
||||
"I": "L",
|
||||
"UI": "R",
|
||||
"A": "N",
|
||||
"SCORE": "5.400",
|
||||
"S": "C"
|
||||
}
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"title": "IBM Security Bulletin 6490747 (Tivoli Netcool/OMNIbus)",
|
||||
"name": "https://www.ibm.com/support/pages/node/6490747",
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.ibm.com/support/pages/node/6490747"
|
||||
},
|
||||
{
|
||||
"name": "ibm-tivoli-cve202129820-xss (204347)",
|
||||
"title": "X-Force Vulnerability Report",
|
||||
"refsource": "XF",
|
||||
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/204347"
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "IBM",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Tivoli Netcool/OMNIbus",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "8.1.0"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"CVE_data_meta" : {
|
||||
"STATE" : "PUBLIC",
|
||||
"ID" : "CVE-2021-29820",
|
||||
"ASSIGNER" : "psirt@us.ibm.com",
|
||||
"DATE_PUBLIC" : "2021-09-19T00:00:00"
|
||||
},
|
||||
"data_version" : "4.0"
|
||||
}
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Cross-Site Scripting"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"CVE_data_meta": {
|
||||
"STATE": "PUBLIC",
|
||||
"ID": "CVE-2021-29820",
|
||||
"ASSIGNER": "psirt@us.ibm.com",
|
||||
"DATE_PUBLIC": "2021-09-19T00:00:00"
|
||||
},
|
||||
"data_version": "4.0"
|
||||
}
|
||||
@ -1,90 +1,90 @@
|
||||
{
|
||||
"data_format" : "MITRE",
|
||||
"problemtype" : {
|
||||
"problemtype_data" : [
|
||||
{
|
||||
"description" : [
|
||||
{
|
||||
"lang" : "eng",
|
||||
"value" : "Cross-Site Scripting"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"CVE_data_meta" : {
|
||||
"DATE_PUBLIC" : "2021-09-19T00:00:00",
|
||||
"ASSIGNER" : "psirt@us.ibm.com",
|
||||
"ID" : "CVE-2021-29821",
|
||||
"STATE" : "PUBLIC"
|
||||
},
|
||||
"data_version" : "4.0",
|
||||
"data_type" : "CVE",
|
||||
"description" : {
|
||||
"description_data" : [
|
||||
{
|
||||
"lang" : "eng",
|
||||
"value" : "IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204348."
|
||||
}
|
||||
]
|
||||
},
|
||||
"references" : {
|
||||
"reference_data" : [
|
||||
{
|
||||
"refsource" : "CONFIRM",
|
||||
"url" : "https://www.ibm.com/support/pages/node/6490747",
|
||||
"title" : "IBM Security Bulletin 6490747 (Tivoli Netcool/OMNIbus)",
|
||||
"name" : "https://www.ibm.com/support/pages/node/6490747"
|
||||
},
|
||||
{
|
||||
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/204348",
|
||||
"refsource" : "XF",
|
||||
"name" : "ibm-tivoli-cve202129821-xss (204348)",
|
||||
"title" : "X-Force Vulnerability Report"
|
||||
}
|
||||
]
|
||||
},
|
||||
"impact" : {
|
||||
"cvssv3" : {
|
||||
"TM" : {
|
||||
"E" : "H",
|
||||
"RC" : "C",
|
||||
"RL" : "O"
|
||||
},
|
||||
"BM" : {
|
||||
"S" : "C",
|
||||
"UI" : "R",
|
||||
"A" : "N",
|
||||
"SCORE" : "5.400",
|
||||
"AC" : "L",
|
||||
"AV" : "N",
|
||||
"I" : "L",
|
||||
"C" : "L",
|
||||
"PR" : "L"
|
||||
}
|
||||
}
|
||||
},
|
||||
"affects" : {
|
||||
"vendor" : {
|
||||
"vendor_data" : [
|
||||
"data_format": "MITRE",
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"product" : {
|
||||
"product_data" : [
|
||||
{
|
||||
"version" : {
|
||||
"version_data" : [
|
||||
{
|
||||
"version_value" : "8.1.0"
|
||||
}
|
||||
]
|
||||
},
|
||||
"product_name" : "Tivoli Netcool/OMNIbus"
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name" : "IBM"
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Cross-Site Scripting"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"CVE_data_meta": {
|
||||
"DATE_PUBLIC": "2021-09-19T00:00:00",
|
||||
"ASSIGNER": "psirt@us.ibm.com",
|
||||
"ID": "CVE-2021-29821",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204348."
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.ibm.com/support/pages/node/6490747",
|
||||
"title": "IBM Security Bulletin 6490747 (Tivoli Netcool/OMNIbus)",
|
||||
"name": "https://www.ibm.com/support/pages/node/6490747"
|
||||
},
|
||||
{
|
||||
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/204348",
|
||||
"refsource": "XF",
|
||||
"name": "ibm-tivoli-cve202129821-xss (204348)",
|
||||
"title": "X-Force Vulnerability Report"
|
||||
}
|
||||
]
|
||||
},
|
||||
"impact": {
|
||||
"cvssv3": {
|
||||
"TM": {
|
||||
"E": "H",
|
||||
"RC": "C",
|
||||
"RL": "O"
|
||||
},
|
||||
"BM": {
|
||||
"S": "C",
|
||||
"UI": "R",
|
||||
"A": "N",
|
||||
"SCORE": "5.400",
|
||||
"AC": "L",
|
||||
"AV": "N",
|
||||
"I": "L",
|
||||
"C": "L",
|
||||
"PR": "L"
|
||||
}
|
||||
}
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "8.1.0"
|
||||
}
|
||||
]
|
||||
},
|
||||
"product_name": "Tivoli Netcool/OMNIbus"
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "IBM"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -1,90 +1,90 @@
|
||||
{
|
||||
"data_version" : "4.0",
|
||||
"CVE_data_meta" : {
|
||||
"DATE_PUBLIC" : "2021-09-19T00:00:00",
|
||||
"ASSIGNER" : "psirt@us.ibm.com",
|
||||
"ID" : "CVE-2021-29856",
|
||||
"STATE" : "PUBLIC"
|
||||
},
|
||||
"data_format" : "MITRE",
|
||||
"problemtype" : {
|
||||
"problemtype_data" : [
|
||||
{
|
||||
"description" : [
|
||||
{
|
||||
"lang" : "eng",
|
||||
"value" : "Denial of Service"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects" : {
|
||||
"vendor" : {
|
||||
"vendor_data" : [
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"DATE_PUBLIC": "2021-09-19T00:00:00",
|
||||
"ASSIGNER": "psirt@us.ibm.com",
|
||||
"ID": "CVE-2021-29856",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"vendor_name" : "IBM",
|
||||
"product" : {
|
||||
"product_data" : [
|
||||
{
|
||||
"version" : {
|
||||
"version_data" : [
|
||||
{
|
||||
"version_value" : "8.1.0"
|
||||
}
|
||||
]
|
||||
},
|
||||
"product_name" : "Tivoli Netcool/OMNIbus"
|
||||
}
|
||||
]
|
||||
}
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Denial of Service"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"impact" : {
|
||||
"cvssv3" : {
|
||||
"TM" : {
|
||||
"RC" : "C",
|
||||
"RL" : "O",
|
||||
"E" : "U"
|
||||
},
|
||||
"BM" : {
|
||||
"UI" : "N",
|
||||
"SCORE" : "6.500",
|
||||
"A" : "H",
|
||||
"S" : "U",
|
||||
"C" : "N",
|
||||
"PR" : "L",
|
||||
"AV" : "N",
|
||||
"AC" : "L",
|
||||
"I" : "N"
|
||||
}
|
||||
}
|
||||
},
|
||||
"references" : {
|
||||
"reference_data" : [
|
||||
{
|
||||
"url" : "https://www.ibm.com/support/pages/node/6490747",
|
||||
"refsource" : "CONFIRM",
|
||||
"title" : "IBM Security Bulletin 6490747 (Tivoli Netcool/OMNIbus)",
|
||||
"name" : "https://www.ibm.com/support/pages/node/6490747"
|
||||
},
|
||||
{
|
||||
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/205685",
|
||||
"refsource" : "XF",
|
||||
"name" : "ibm-tivoli-cve202129856-dos (205685)",
|
||||
"title" : "X-Force Vulnerability Report"
|
||||
}
|
||||
]
|
||||
},
|
||||
"description" : {
|
||||
"description_data" : [
|
||||
{
|
||||
"lang" : "eng",
|
||||
"value" : "IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 could allow an authenticated usre to cause a denial of service through the WebGUI Map Creation page. IBM X-Force ID: 205685."
|
||||
}
|
||||
]
|
||||
},
|
||||
"data_type" : "CVE"
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "IBM",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "8.1.0"
|
||||
}
|
||||
]
|
||||
},
|
||||
"product_name": "Tivoli Netcool/OMNIbus"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"impact": {
|
||||
"cvssv3": {
|
||||
"TM": {
|
||||
"RC": "C",
|
||||
"RL": "O",
|
||||
"E": "U"
|
||||
},
|
||||
"BM": {
|
||||
"UI": "N",
|
||||
"SCORE": "6.500",
|
||||
"A": "H",
|
||||
"S": "U",
|
||||
"C": "N",
|
||||
"PR": "L",
|
||||
"AV": "N",
|
||||
"AC": "L",
|
||||
"I": "N"
|
||||
}
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://www.ibm.com/support/pages/node/6490747",
|
||||
"refsource": "CONFIRM",
|
||||
"title": "IBM Security Bulletin 6490747 (Tivoli Netcool/OMNIbus)",
|
||||
"name": "https://www.ibm.com/support/pages/node/6490747"
|
||||
},
|
||||
{
|
||||
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/205685",
|
||||
"refsource": "XF",
|
||||
"name": "ibm-tivoli-cve202129856-dos (205685)",
|
||||
"title": "X-Force Vulnerability Report"
|
||||
}
|
||||
]
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 could allow an authenticated usre to cause a denial of service through the WebGUI Map Creation page. IBM X-Force ID: 205685."
|
||||
}
|
||||
]
|
||||
},
|
||||
"data_type": "CVE"
|
||||
}
|
||||
@ -1,90 +1,90 @@
|
||||
{
|
||||
"data_version" : "4.0",
|
||||
"problemtype" : {
|
||||
"problemtype_data" : [
|
||||
{
|
||||
"description" : [
|
||||
{
|
||||
"value" : "Obtain Information",
|
||||
"lang" : "eng"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"data_format" : "MITRE",
|
||||
"CVE_data_meta" : {
|
||||
"ID" : "CVE-2021-38899",
|
||||
"STATE" : "PUBLIC",
|
||||
"DATE_PUBLIC" : "2021-09-17T00:00:00",
|
||||
"ASSIGNER" : "psirt@us.ibm.com"
|
||||
},
|
||||
"references" : {
|
||||
"reference_data" : [
|
||||
{
|
||||
"url" : "https://www.ibm.com/support/pages/node/6490435",
|
||||
"refsource" : "CONFIRM",
|
||||
"name" : "https://www.ibm.com/support/pages/node/6490435",
|
||||
"title" : "IBM Security Bulletin 6490435 (Cloud Pak for Data)"
|
||||
},
|
||||
{
|
||||
"name" : "ibm-cp4d-cve202138899-info-disc (209575)",
|
||||
"title" : "X-Force Vulnerability Report",
|
||||
"refsource" : "XF",
|
||||
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/209575"
|
||||
}
|
||||
]
|
||||
},
|
||||
"impact" : {
|
||||
"cvssv3" : {
|
||||
"BM" : {
|
||||
"S" : "U",
|
||||
"A" : "N",
|
||||
"SCORE" : "4.400",
|
||||
"UI" : "N",
|
||||
"I" : "N",
|
||||
"AC" : "L",
|
||||
"AV" : "L",
|
||||
"PR" : "H",
|
||||
"C" : "H"
|
||||
},
|
||||
"TM" : {
|
||||
"E" : "U",
|
||||
"RC" : "C",
|
||||
"RL" : "O"
|
||||
}
|
||||
}
|
||||
},
|
||||
"affects" : {
|
||||
"vendor" : {
|
||||
"vendor_data" : [
|
||||
"data_version": "4.0",
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"product" : {
|
||||
"product_data" : [
|
||||
{
|
||||
"version" : {
|
||||
"version_data" : [
|
||||
{
|
||||
"version_value" : "2.5"
|
||||
}
|
||||
]
|
||||
},
|
||||
"product_name" : "Cloud Pak for Data"
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name" : "IBM"
|
||||
"description": [
|
||||
{
|
||||
"value": "Obtain Information",
|
||||
"lang": "eng"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_type" : "CVE",
|
||||
"description" : {
|
||||
"description_data" : [
|
||||
{
|
||||
"lang" : "eng",
|
||||
"value" : "IBM Cloud Pak for Data 2.5 could allow a local user with special privileges to obtain highly sensitive information. IBM X-Force ID: 209575."
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2021-38899",
|
||||
"STATE": "PUBLIC",
|
||||
"DATE_PUBLIC": "2021-09-17T00:00:00",
|
||||
"ASSIGNER": "psirt@us.ibm.com"
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://www.ibm.com/support/pages/node/6490435",
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://www.ibm.com/support/pages/node/6490435",
|
||||
"title": "IBM Security Bulletin 6490435 (Cloud Pak for Data)"
|
||||
},
|
||||
{
|
||||
"name": "ibm-cp4d-cve202138899-info-disc (209575)",
|
||||
"title": "X-Force Vulnerability Report",
|
||||
"refsource": "XF",
|
||||
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/209575"
|
||||
}
|
||||
]
|
||||
},
|
||||
"impact": {
|
||||
"cvssv3": {
|
||||
"BM": {
|
||||
"S": "U",
|
||||
"A": "N",
|
||||
"SCORE": "4.400",
|
||||
"UI": "N",
|
||||
"I": "N",
|
||||
"AC": "L",
|
||||
"AV": "L",
|
||||
"PR": "H",
|
||||
"C": "H"
|
||||
},
|
||||
"TM": {
|
||||
"E": "U",
|
||||
"RC": "C",
|
||||
"RL": "O"
|
||||
}
|
||||
}
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "2.5"
|
||||
}
|
||||
]
|
||||
},
|
||||
"product_name": "Cloud Pak for Data"
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "IBM"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_type": "CVE",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "IBM Cloud Pak for Data 2.5 could allow a local user with special privileges to obtain highly sensitive information. IBM X-Force ID: 209575."
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
@ -52,6 +52,11 @@
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "MLIST",
|
||||
"name": "[oss-security] 20210918 Linux Kernel: Exploitable vulnerability in io_uring",
|
||||
"url": "http://www.openwall.com/lists/oss-security/2021/09/18/2"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "http://www.openwall.com/lists/oss-security/2021/09/18/2",
|
||||
@ -61,11 +66,6 @@
|
||||
"refsource": "MISC",
|
||||
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=16c8d2df7ec0eed31b7d3b61cb13206a7fb930cc",
|
||||
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=16c8d2df7ec0eed31b7d3b61cb13206a7fb930cc"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://twitter.com/HenkPoley/status/1439877969548390400",
|
||||
"url": "https://twitter.com/HenkPoley/status/1439877969548390400"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user