From 16c93ac0aad762fdcc50ac381274b975b2b86c84 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 20 Sep 2021 17:01:05 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2021/29xxx/CVE-2021-29806.json | 174 ++++++++++++++++---------------- 2021/29xxx/CVE-2021-29807.json | 172 ++++++++++++++++---------------- 2021/29xxx/CVE-2021-29808.json | 172 ++++++++++++++++---------------- 2021/29xxx/CVE-2021-29809.json | 174 ++++++++++++++++---------------- 2021/29xxx/CVE-2021-29811.json | 176 ++++++++++++++++----------------- 2021/29xxx/CVE-2021-29817.json | 174 ++++++++++++++++---------------- 2021/29xxx/CVE-2021-29818.json | 174 ++++++++++++++++---------------- 2021/29xxx/CVE-2021-29819.json | 176 ++++++++++++++++----------------- 2021/29xxx/CVE-2021-29820.json | 172 ++++++++++++++++---------------- 2021/29xxx/CVE-2021-29821.json | 174 ++++++++++++++++---------------- 2021/29xxx/CVE-2021-29856.json | 174 ++++++++++++++++---------------- 2021/38xxx/CVE-2021-38899.json | 174 ++++++++++++++++---------------- 2021/41xxx/CVE-2021-41073.json | 10 +- 13 files changed, 1048 insertions(+), 1048 deletions(-) diff --git a/2021/29xxx/CVE-2021-29806.json b/2021/29xxx/CVE-2021-29806.json index 0a986ce5e18..5fff9383678 100644 --- a/2021/29xxx/CVE-2021-29806.json +++ b/2021/29xxx/CVE-2021-29806.json @@ -1,90 +1,90 @@ { - "data_version" : "4.0", - "CVE_data_meta" : { - "STATE" : "PUBLIC", - "ID" : "CVE-2021-29806", - "ASSIGNER" : "psirt@us.ibm.com", - "DATE_PUBLIC" : "2021-09-19T00:00:00" - }, - "data_format" : "MITRE", - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Cross-Site Scripting" - } - ] - } - ] - }, - "affects" : { - "vendor" : { - "vendor_data" : [ + "data_version": "4.0", + "CVE_data_meta": { + "STATE": "PUBLIC", + "ID": "CVE-2021-29806", + "ASSIGNER": "psirt@us.ibm.com", + "DATE_PUBLIC": "2021-09-19T00:00:00" + }, + "data_format": "MITRE", + "problemtype": { + "problemtype_data": [ { - "product" : { - "product_data" : [ - { - "product_name" : "Tivoli Netcool/OMNIbus", - "version" : { - "version_data" : [ - { - "version_value" : "8.1.0" - } - ] - } - } - ] - }, - "vendor_name" : "IBM" + "description": [ + { + "lang": "eng", + "value": "Cross-Site Scripting" + } + ] } - ] - } - }, - "references" : { - "reference_data" : [ - { - "url" : "https://www.ibm.com/support/pages/node/6490747", - "refsource" : "CONFIRM", - "title" : "IBM Security Bulletin 6490747 (Tivoli Netcool/OMNIbus)", - "name" : "https://www.ibm.com/support/pages/node/6490747" - }, - { - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/204264", - "name" : "ibm-tivoli-cve202129806-xss (204264)", - "title" : "X-Force Vulnerability Report" - } - ] - }, - "impact" : { - "cvssv3" : { - "TM" : { - "RL" : "O", - "RC" : "C", - "E" : "U" - }, - "BM" : { - "C" : "L", - "PR" : "L", - "AV" : "N", - "AC" : "L", - "I" : "L", - "UI" : "N", - "SCORE" : "5.400", - "A" : "N", - "S" : "U" - } - } - }, - "description" : { - "description_data" : [ - { - "value" : "IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204264.", - "lang" : "eng" - } - ] - }, - "data_type" : "CVE" -} + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Tivoli Netcool/OMNIbus", + "version": { + "version_data": [ + { + "version_value": "8.1.0" + } + ] + } + } + ] + }, + "vendor_name": "IBM" + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.ibm.com/support/pages/node/6490747", + "refsource": "CONFIRM", + "title": "IBM Security Bulletin 6490747 (Tivoli Netcool/OMNIbus)", + "name": "https://www.ibm.com/support/pages/node/6490747" + }, + { + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/204264", + "name": "ibm-tivoli-cve202129806-xss (204264)", + "title": "X-Force Vulnerability Report" + } + ] + }, + "impact": { + "cvssv3": { + "TM": { + "RL": "O", + "RC": "C", + "E": "U" + }, + "BM": { + "C": "L", + "PR": "L", + "AV": "N", + "AC": "L", + "I": "L", + "UI": "N", + "SCORE": "5.400", + "A": "N", + "S": "U" + } + } + }, + "description": { + "description_data": [ + { + "value": "IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204264.", + "lang": "eng" + } + ] + }, + "data_type": "CVE" +} \ No newline at end of file diff --git a/2021/29xxx/CVE-2021-29807.json b/2021/29xxx/CVE-2021-29807.json index c096c72f75b..c2a456f0f15 100644 --- a/2021/29xxx/CVE-2021-29807.json +++ b/2021/29xxx/CVE-2021-29807.json @@ -1,90 +1,90 @@ { - "data_type" : "CVE", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204265." - } - ] - }, - "impact" : { - "cvssv3" : { - "TM" : { - "E" : "U", - "RC" : "C", - "RL" : "O" - }, - "BM" : { - "S" : "C", - "UI" : "N", - "SCORE" : "6.400", - "A" : "N", - "AV" : "N", - "AC" : "L", - "I" : "L", - "C" : "L", - "PR" : "L" - } - } - }, - "references" : { - "reference_data" : [ - { - "refsource" : "CONFIRM", - "url" : "https://www.ibm.com/support/pages/node/6490747", - "name" : "https://www.ibm.com/support/pages/node/6490747", - "title" : "IBM Security Bulletin 6490747 (Tivoli Netcool/OMNIbus)" - }, - { - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/204265", - "refsource" : "XF", - "name" : "ibm-tivoli-cve202129807-xss (204265)", - "title" : "X-Force Vulnerability Report" - } - ] - }, - "affects" : { - "vendor" : { - "vendor_data" : [ + "data_type": "CVE", + "description": { + "description_data": [ { - "product" : { - "product_data" : [ - { - "version" : { - "version_data" : [ - { - "version_value" : "8.1.0" - } - ] - }, - "product_name" : "Tivoli Netcool/OMNIbus" - } - ] - }, - "vendor_name" : "IBM" + "lang": "eng", + "value": "IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204265." } - ] - } - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "value" : "Cross-Site Scripting", - "lang" : "eng" - } + ] + }, + "impact": { + "cvssv3": { + "TM": { + "E": "U", + "RC": "C", + "RL": "O" + }, + "BM": { + "S": "C", + "UI": "N", + "SCORE": "6.400", + "A": "N", + "AV": "N", + "AC": "L", + "I": "L", + "C": "L", + "PR": "L" + } + } + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "url": "https://www.ibm.com/support/pages/node/6490747", + "name": "https://www.ibm.com/support/pages/node/6490747", + "title": "IBM Security Bulletin 6490747 (Tivoli Netcool/OMNIbus)" + }, + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/204265", + "refsource": "XF", + "name": "ibm-tivoli-cve202129807-xss (204265)", + "title": "X-Force Vulnerability Report" + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "version": { + "version_data": [ + { + "version_value": "8.1.0" + } + ] + }, + "product_name": "Tivoli Netcool/OMNIbus" + } + ] + }, + "vendor_name": "IBM" + } ] - } - ] - }, - "data_format" : "MITRE", - "CVE_data_meta" : { - "DATE_PUBLIC" : "2021-09-19T00:00:00", - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2021-29807", - "STATE" : "PUBLIC" - }, - "data_version" : "4.0" -} + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "value": "Cross-Site Scripting", + "lang": "eng" + } + ] + } + ] + }, + "data_format": "MITRE", + "CVE_data_meta": { + "DATE_PUBLIC": "2021-09-19T00:00:00", + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2021-29807", + "STATE": "PUBLIC" + }, + "data_version": "4.0" +} \ No newline at end of file diff --git a/2021/29xxx/CVE-2021-29808.json b/2021/29xxx/CVE-2021-29808.json index d1c6dcf2402..9dd01ccd31f 100644 --- a/2021/29xxx/CVE-2021-29808.json +++ b/2021/29xxx/CVE-2021-29808.json @@ -1,90 +1,90 @@ { - "references" : { - "reference_data" : [ - { - "refsource" : "CONFIRM", - "url" : "https://www.ibm.com/support/pages/node/6490747", - "name" : "https://www.ibm.com/support/pages/node/6490747", - "title" : "IBM Security Bulletin 6490747 (Tivoli Netcool/OMNIbus)" - }, - { - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/204269", - "title" : "X-Force Vulnerability Report", - "name" : "ibm-tivoli-cve202129808-xss (204269)" - } - ] - }, - "impact" : { - "cvssv3" : { - "BM" : { - "AV" : "N", - "AC" : "L", - "I" : "L", - "C" : "L", - "PR" : "L", - "S" : "C", - "UI" : "N", - "SCORE" : "6.400", - "A" : "N" - }, - "TM" : { - "E" : "U", - "RL" : "O", - "RC" : "C" - } - } - }, - "affects" : { - "vendor" : { - "vendor_data" : [ + "references": { + "reference_data": [ { - "product" : { - "product_data" : [ - { - "version" : { - "version_data" : [ - { - "version_value" : "8.1.0" - } - ] - }, - "product_name" : "Tivoli Netcool/OMNIbus" - } - ] - }, - "vendor_name" : "IBM" + "refsource": "CONFIRM", + "url": "https://www.ibm.com/support/pages/node/6490747", + "name": "https://www.ibm.com/support/pages/node/6490747", + "title": "IBM Security Bulletin 6490747 (Tivoli Netcool/OMNIbus)" + }, + { + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/204269", + "title": "X-Force Vulnerability Report", + "name": "ibm-tivoli-cve202129808-xss (204269)" } - ] - } - }, - "data_type" : "CVE", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204269." - } - ] - }, - "data_version" : "4.0", - "data_format" : "MITRE", - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "value" : "Cross-Site Scripting", - "lang" : "eng" - } + ] + }, + "impact": { + "cvssv3": { + "BM": { + "AV": "N", + "AC": "L", + "I": "L", + "C": "L", + "PR": "L", + "S": "C", + "UI": "N", + "SCORE": "6.400", + "A": "N" + }, + "TM": { + "E": "U", + "RL": "O", + "RC": "C" + } + } + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "version": { + "version_data": [ + { + "version_value": "8.1.0" + } + ] + }, + "product_name": "Tivoli Netcool/OMNIbus" + } + ] + }, + "vendor_name": "IBM" + } ] - } - ] - }, - "CVE_data_meta" : { - "DATE_PUBLIC" : "2021-09-19T00:00:00", - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2021-29808", - "STATE" : "PUBLIC" - } -} + } + }, + "data_type": "CVE", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204269." + } + ] + }, + "data_version": "4.0", + "data_format": "MITRE", + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "value": "Cross-Site Scripting", + "lang": "eng" + } + ] + } + ] + }, + "CVE_data_meta": { + "DATE_PUBLIC": "2021-09-19T00:00:00", + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2021-29808", + "STATE": "PUBLIC" + } +} \ No newline at end of file diff --git a/2021/29xxx/CVE-2021-29809.json b/2021/29xxx/CVE-2021-29809.json index cd173b17e47..4415e99f90e 100644 --- a/2021/29xxx/CVE-2021-29809.json +++ b/2021/29xxx/CVE-2021-29809.json @@ -1,90 +1,90 @@ { - "data_version" : "4.0", - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "DATE_PUBLIC" : "2021-09-19T00:00:00", - "STATE" : "PUBLIC", - "ID" : "CVE-2021-29809" - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "value" : "Cross-Site Scripting", - "lang" : "eng" - } - ] - } - ] - }, - "data_format" : "MITRE", - "affects" : { - "vendor" : { - "vendor_data" : [ + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "DATE_PUBLIC": "2021-09-19T00:00:00", + "STATE": "PUBLIC", + "ID": "CVE-2021-29809" + }, + "problemtype": { + "problemtype_data": [ { - "product" : { - "product_data" : [ - { - "product_name" : "Tivoli Netcool/OMNIbus", - "version" : { - "version_data" : [ - { - "version_value" : "8.1.0" - } - ] - } - } - ] - }, - "vendor_name" : "IBM" + "description": [ + { + "value": "Cross-Site Scripting", + "lang": "eng" + } + ] } - ] - } - }, - "impact" : { - "cvssv3" : { - "BM" : { - "UI" : "N", - "A" : "N", - "SCORE" : "6.400", - "S" : "C", - "C" : "L", - "PR" : "L", - "AC" : "L", - "AV" : "N", - "I" : "L" - }, - "TM" : { - "E" : "U", - "RC" : "C", - "RL" : "O" - } - } - }, - "references" : { - "reference_data" : [ - { - "url" : "https://www.ibm.com/support/pages/node/6490747", - "refsource" : "CONFIRM", - "name" : "https://www.ibm.com/support/pages/node/6490747", - "title" : "IBM Security Bulletin 6490747 (Tivoli Netcool/OMNIbus)" - }, - { - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/204270", - "name" : "ibm-tivoli-cve202129809-xss (204270)", - "title" : "X-Force Vulnerability Report" - } - ] - }, - "description" : { - "description_data" : [ - { - "value" : "IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204270.", - "lang" : "eng" - } - ] - }, - "data_type" : "CVE" -} + ] + }, + "data_format": "MITRE", + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Tivoli Netcool/OMNIbus", + "version": { + "version_data": [ + { + "version_value": "8.1.0" + } + ] + } + } + ] + }, + "vendor_name": "IBM" + } + ] + } + }, + "impact": { + "cvssv3": { + "BM": { + "UI": "N", + "A": "N", + "SCORE": "6.400", + "S": "C", + "C": "L", + "PR": "L", + "AC": "L", + "AV": "N", + "I": "L" + }, + "TM": { + "E": "U", + "RC": "C", + "RL": "O" + } + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.ibm.com/support/pages/node/6490747", + "refsource": "CONFIRM", + "name": "https://www.ibm.com/support/pages/node/6490747", + "title": "IBM Security Bulletin 6490747 (Tivoli Netcool/OMNIbus)" + }, + { + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/204270", + "name": "ibm-tivoli-cve202129809-xss (204270)", + "title": "X-Force Vulnerability Report" + } + ] + }, + "description": { + "description_data": [ + { + "value": "IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204270.", + "lang": "eng" + } + ] + }, + "data_type": "CVE" +} \ No newline at end of file diff --git a/2021/29xxx/CVE-2021-29811.json b/2021/29xxx/CVE-2021-29811.json index 87c3b3b3026..5133399b5f3 100644 --- a/2021/29xxx/CVE-2021-29811.json +++ b/2021/29xxx/CVE-2021-29811.json @@ -1,90 +1,90 @@ { - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "vendor_name" : "IBM", - "product" : { - "product_data" : [ - { - "version" : { - "version_data" : [ - { - "version_value" : "8.1.0" - } - ] - }, - "product_name" : "Tivoli Netcool/OMNIbus" - } - ] - } - } - ] - } - }, - "references" : { - "reference_data" : [ - { - "refsource" : "CONFIRM", - "url" : "https://www.ibm.com/support/pages/node/6490747", - "name" : "https://www.ibm.com/support/pages/node/6490747", - "title" : "IBM Security Bulletin 6490747 (Tivoli Netcool/OMNIbus)" - }, - { - "title" : "X-Force Vulnerability Report", - "name" : "ibm-tivoli-cve202129811-info-disc (204329)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/204329" - } - ] - }, - "impact" : { - "cvssv3" : { - "TM" : { - "RC" : "U", - "RL" : "O", - "E" : "U" - }, - "BM" : { - "S" : "U", - "UI" : "N", - "A" : "N", - "SCORE" : "4.900", - "AC" : "L", - "AV" : "N", - "I" : "N", - "C" : "H", - "PR" : "H" - } - } - }, - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 stores user credentials in plain clear text which can be read by an authenticated admin user. IBM X-Force ID: 204329." - } - ] - }, - "data_type" : "CVE", - "data_version" : "4.0", - "CVE_data_meta" : { - "ID" : "CVE-2021-29811", - "STATE" : "PUBLIC", - "DATE_PUBLIC" : "2021-09-19T00:00:00", - "ASSIGNER" : "psirt@us.ibm.com" - }, - "data_format" : "MITRE", - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "value" : "Obtain Information", - "lang" : "eng" - } + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "IBM", + "product": { + "product_data": [ + { + "version": { + "version_data": [ + { + "version_value": "8.1.0" + } + ] + }, + "product_name": "Tivoli Netcool/OMNIbus" + } + ] + } + } ] - } - ] - } -} + } + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "url": "https://www.ibm.com/support/pages/node/6490747", + "name": "https://www.ibm.com/support/pages/node/6490747", + "title": "IBM Security Bulletin 6490747 (Tivoli Netcool/OMNIbus)" + }, + { + "title": "X-Force Vulnerability Report", + "name": "ibm-tivoli-cve202129811-info-disc (204329)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/204329" + } + ] + }, + "impact": { + "cvssv3": { + "TM": { + "RC": "U", + "RL": "O", + "E": "U" + }, + "BM": { + "S": "U", + "UI": "N", + "A": "N", + "SCORE": "4.900", + "AC": "L", + "AV": "N", + "I": "N", + "C": "H", + "PR": "H" + } + } + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 stores user credentials in plain clear text which can be read by an authenticated admin user. IBM X-Force ID: 204329." + } + ] + }, + "data_type": "CVE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-29811", + "STATE": "PUBLIC", + "DATE_PUBLIC": "2021-09-19T00:00:00", + "ASSIGNER": "psirt@us.ibm.com" + }, + "data_format": "MITRE", + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "value": "Obtain Information", + "lang": "eng" + } + ] + } + ] + } +} \ No newline at end of file diff --git a/2021/29xxx/CVE-2021-29817.json b/2021/29xxx/CVE-2021-29817.json index 10759902a74..c80e3df053a 100644 --- a/2021/29xxx/CVE-2021-29817.json +++ b/2021/29xxx/CVE-2021-29817.json @@ -1,90 +1,90 @@ { - "CVE_data_meta" : { - "STATE" : "PUBLIC", - "ID" : "CVE-2021-29817", - "ASSIGNER" : "psirt@us.ibm.com", - "DATE_PUBLIC" : "2021-09-19T00:00:00" - }, - "data_format" : "MITRE", - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "value" : "Cross-Site Scripting", - "lang" : "eng" - } - ] - } - ] - }, - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204343." - } - ] - }, - "data_type" : "CVE", - "affects" : { - "vendor" : { - "vendor_data" : [ + "CVE_data_meta": { + "STATE": "PUBLIC", + "ID": "CVE-2021-29817", + "ASSIGNER": "psirt@us.ibm.com", + "DATE_PUBLIC": "2021-09-19T00:00:00" + }, + "data_format": "MITRE", + "problemtype": { + "problemtype_data": [ { - "vendor_name" : "IBM", - "product" : { - "product_data" : [ - { - "version" : { - "version_data" : [ - { - "version_value" : "8.1.0" - } - ] - }, - "product_name" : "Tivoli Netcool/OMNIbus" - } - ] - } + "description": [ + { + "value": "Cross-Site Scripting", + "lang": "eng" + } + ] } - ] - } - }, - "impact" : { - "cvssv3" : { - "BM" : { - "UI" : "R", - "A" : "N", - "SCORE" : "5.400", - "S" : "C", - "C" : "L", - "PR" : "L", - "AC" : "L", - "AV" : "N", - "I" : "L" - }, - "TM" : { - "RC" : "C", - "RL" : "O", - "E" : "H" - } - } - }, - "references" : { - "reference_data" : [ - { - "url" : "https://www.ibm.com/support/pages/node/6490747", - "refsource" : "CONFIRM", - "name" : "https://www.ibm.com/support/pages/node/6490747", - "title" : "IBM Security Bulletin 6490747 (Tivoli Netcool/OMNIbus)" - }, - { - "name" : "ibm-tivoli-cve202129817-xss (204343)", - "title" : "X-Force Vulnerability Report", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/204343", - "refsource" : "XF" - } - ] - } -} + ] + }, + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204343." + } + ] + }, + "data_type": "CVE", + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "IBM", + "product": { + "product_data": [ + { + "version": { + "version_data": [ + { + "version_value": "8.1.0" + } + ] + }, + "product_name": "Tivoli Netcool/OMNIbus" + } + ] + } + } + ] + } + }, + "impact": { + "cvssv3": { + "BM": { + "UI": "R", + "A": "N", + "SCORE": "5.400", + "S": "C", + "C": "L", + "PR": "L", + "AC": "L", + "AV": "N", + "I": "L" + }, + "TM": { + "RC": "C", + "RL": "O", + "E": "H" + } + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.ibm.com/support/pages/node/6490747", + "refsource": "CONFIRM", + "name": "https://www.ibm.com/support/pages/node/6490747", + "title": "IBM Security Bulletin 6490747 (Tivoli Netcool/OMNIbus)" + }, + { + "name": "ibm-tivoli-cve202129817-xss (204343)", + "title": "X-Force Vulnerability Report", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/204343", + "refsource": "XF" + } + ] + } +} \ No newline at end of file diff --git a/2021/29xxx/CVE-2021-29818.json b/2021/29xxx/CVE-2021-29818.json index 2e2a49ae056..2bd54050469 100644 --- a/2021/29xxx/CVE-2021-29818.json +++ b/2021/29xxx/CVE-2021-29818.json @@ -1,90 +1,90 @@ { - "impact" : { - "cvssv3" : { - "TM" : { - "E" : "H", - "RC" : "C", - "RL" : "O" - }, - "BM" : { - "SCORE" : "5.400", - "A" : "N", - "UI" : "R", - "S" : "C", - "PR" : "L", - "C" : "L", - "I" : "L", - "AV" : "N", - "AC" : "L" - } - } - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.ibm.com/support/pages/node/6490747", - "title" : "IBM Security Bulletin 6490747 (Tivoli Netcool/OMNIbus)", - "refsource" : "CONFIRM", - "url" : "https://www.ibm.com/support/pages/node/6490747" - }, - { - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/204345", - "refsource" : "XF", - "name" : "ibm-tivoli-cve202129818-xss (204345)", - "title" : "X-Force Vulnerability Report" - } - ] - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Tivoli Netcool/OMNIbus", - "version" : { - "version_data" : [ - { - "version_value" : "8.1.0" - } - ] - } - } - ] - }, - "vendor_name" : "IBM" + "impact": { + "cvssv3": { + "TM": { + "E": "H", + "RC": "C", + "RL": "O" + }, + "BM": { + "SCORE": "5.400", + "A": "N", + "UI": "R", + "S": "C", + "PR": "L", + "C": "L", + "I": "L", + "AV": "N", + "AC": "L" } - ] - } - }, - "data_type" : "CVE", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204345." - } - ] - }, - "data_version" : "4.0", - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "value" : "Cross-Site Scripting", - "lang" : "eng" - } + } + }, + "references": { + "reference_data": [ + { + "name": "https://www.ibm.com/support/pages/node/6490747", + "title": "IBM Security Bulletin 6490747 (Tivoli Netcool/OMNIbus)", + "refsource": "CONFIRM", + "url": "https://www.ibm.com/support/pages/node/6490747" + }, + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/204345", + "refsource": "XF", + "name": "ibm-tivoli-cve202129818-xss (204345)", + "title": "X-Force Vulnerability Report" + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Tivoli Netcool/OMNIbus", + "version": { + "version_data": [ + { + "version_value": "8.1.0" + } + ] + } + } + ] + }, + "vendor_name": "IBM" + } ] - } - ] - }, - "data_format" : "MITRE", - "CVE_data_meta" : { - "DATE_PUBLIC" : "2021-09-19T00:00:00", - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2021-29818", - "STATE" : "PUBLIC" - } -} + } + }, + "data_type": "CVE", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204345." + } + ] + }, + "data_version": "4.0", + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "value": "Cross-Site Scripting", + "lang": "eng" + } + ] + } + ] + }, + "data_format": "MITRE", + "CVE_data_meta": { + "DATE_PUBLIC": "2021-09-19T00:00:00", + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2021-29818", + "STATE": "PUBLIC" + } +} \ No newline at end of file diff --git a/2021/29xxx/CVE-2021-29819.json b/2021/29xxx/CVE-2021-29819.json index d9b2bc4e01d..06bcedc428d 100644 --- a/2021/29xxx/CVE-2021-29819.json +++ b/2021/29xxx/CVE-2021-29819.json @@ -1,90 +1,90 @@ { - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "version" : { - "version_data" : [ - { - "version_value" : "8.1.0" - } - ] - }, - "product_name" : "Tivoli Netcool/OMNIbus" - } - ] - }, - "vendor_name" : "IBM" - } - ] - } - }, - "impact" : { - "cvssv3" : { - "BM" : { - "PR" : "L", - "C" : "L", - "I" : "L", - "AV" : "N", - "AC" : "L", - "SCORE" : "5.400", - "A" : "N", - "UI" : "R", - "S" : "C" - }, - "TM" : { - "E" : "H", - "RC" : "C", - "RL" : "O" - } - } - }, - "references" : { - "reference_data" : [ - { - "refsource" : "CONFIRM", - "url" : "https://www.ibm.com/support/pages/node/6490747", - "name" : "https://www.ibm.com/support/pages/node/6490747", - "title" : "IBM Security Bulletin 6490747 (Tivoli Netcool/OMNIbus)" - }, - { - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/204346", - "refsource" : "XF", - "title" : "X-Force Vulnerability Report", - "name" : "ibm-tivoli-cve202129819-xss (204346)" - } - ] - }, - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204346." - } - ] - }, - "data_type" : "CVE", - "data_version" : "4.0", - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "DATE_PUBLIC" : "2021-09-19T00:00:00", - "STATE" : "PUBLIC", - "ID" : "CVE-2021-29819" - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Cross-Site Scripting" - } + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "version": { + "version_data": [ + { + "version_value": "8.1.0" + } + ] + }, + "product_name": "Tivoli Netcool/OMNIbus" + } + ] + }, + "vendor_name": "IBM" + } ] - } - ] - }, - "data_format" : "MITRE" -} + } + }, + "impact": { + "cvssv3": { + "BM": { + "PR": "L", + "C": "L", + "I": "L", + "AV": "N", + "AC": "L", + "SCORE": "5.400", + "A": "N", + "UI": "R", + "S": "C" + }, + "TM": { + "E": "H", + "RC": "C", + "RL": "O" + } + } + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "url": "https://www.ibm.com/support/pages/node/6490747", + "name": "https://www.ibm.com/support/pages/node/6490747", + "title": "IBM Security Bulletin 6490747 (Tivoli Netcool/OMNIbus)" + }, + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/204346", + "refsource": "XF", + "title": "X-Force Vulnerability Report", + "name": "ibm-tivoli-cve202129819-xss (204346)" + } + ] + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204346." + } + ] + }, + "data_type": "CVE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "DATE_PUBLIC": "2021-09-19T00:00:00", + "STATE": "PUBLIC", + "ID": "CVE-2021-29819" + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Cross-Site Scripting" + } + ] + } + ] + }, + "data_format": "MITRE" +} \ No newline at end of file diff --git a/2021/29xxx/CVE-2021-29820.json b/2021/29xxx/CVE-2021-29820.json index 0619161eb14..f9f8b5744d4 100644 --- a/2021/29xxx/CVE-2021-29820.json +++ b/2021/29xxx/CVE-2021-29820.json @@ -1,90 +1,90 @@ { - "data_type" : "CVE", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204347." - } - ] - }, - "impact" : { - "cvssv3" : { - "TM" : { - "RL" : "O", - "RC" : "C", - "E" : "H" - }, - "BM" : { - "C" : "L", - "PR" : "L", - "AC" : "L", - "AV" : "N", - "I" : "L", - "UI" : "R", - "A" : "N", - "SCORE" : "5.400", - "S" : "C" - } - } - }, - "references" : { - "reference_data" : [ - { - "title" : "IBM Security Bulletin 6490747 (Tivoli Netcool/OMNIbus)", - "name" : "https://www.ibm.com/support/pages/node/6490747", - "refsource" : "CONFIRM", - "url" : "https://www.ibm.com/support/pages/node/6490747" - }, - { - "name" : "ibm-tivoli-cve202129820-xss (204347)", - "title" : "X-Force Vulnerability Report", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/204347" - } - ] - }, - "affects" : { - "vendor" : { - "vendor_data" : [ + "data_type": "CVE", + "description": { + "description_data": [ { - "vendor_name" : "IBM", - "product" : { - "product_data" : [ - { - "product_name" : "Tivoli Netcool/OMNIbus", - "version" : { - "version_data" : [ - { - "version_value" : "8.1.0" - } - ] - } - } - ] - } + "lang": "eng", + "value": "IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204347." } - ] - } - }, - "data_format" : "MITRE", - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Cross-Site Scripting" - } + ] + }, + "impact": { + "cvssv3": { + "TM": { + "RL": "O", + "RC": "C", + "E": "H" + }, + "BM": { + "C": "L", + "PR": "L", + "AC": "L", + "AV": "N", + "I": "L", + "UI": "R", + "A": "N", + "SCORE": "5.400", + "S": "C" + } + } + }, + "references": { + "reference_data": [ + { + "title": "IBM Security Bulletin 6490747 (Tivoli Netcool/OMNIbus)", + "name": "https://www.ibm.com/support/pages/node/6490747", + "refsource": "CONFIRM", + "url": "https://www.ibm.com/support/pages/node/6490747" + }, + { + "name": "ibm-tivoli-cve202129820-xss (204347)", + "title": "X-Force Vulnerability Report", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/204347" + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "IBM", + "product": { + "product_data": [ + { + "product_name": "Tivoli Netcool/OMNIbus", + "version": { + "version_data": [ + { + "version_value": "8.1.0" + } + ] + } + } + ] + } + } ] - } - ] - }, - "CVE_data_meta" : { - "STATE" : "PUBLIC", - "ID" : "CVE-2021-29820", - "ASSIGNER" : "psirt@us.ibm.com", - "DATE_PUBLIC" : "2021-09-19T00:00:00" - }, - "data_version" : "4.0" -} + } + }, + "data_format": "MITRE", + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Cross-Site Scripting" + } + ] + } + ] + }, + "CVE_data_meta": { + "STATE": "PUBLIC", + "ID": "CVE-2021-29820", + "ASSIGNER": "psirt@us.ibm.com", + "DATE_PUBLIC": "2021-09-19T00:00:00" + }, + "data_version": "4.0" +} \ No newline at end of file diff --git a/2021/29xxx/CVE-2021-29821.json b/2021/29xxx/CVE-2021-29821.json index 958ac2dab42..4d5da85508c 100644 --- a/2021/29xxx/CVE-2021-29821.json +++ b/2021/29xxx/CVE-2021-29821.json @@ -1,90 +1,90 @@ { - "data_format" : "MITRE", - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Cross-Site Scripting" - } - ] - } - ] - }, - "CVE_data_meta" : { - "DATE_PUBLIC" : "2021-09-19T00:00:00", - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2021-29821", - "STATE" : "PUBLIC" - }, - "data_version" : "4.0", - "data_type" : "CVE", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204348." - } - ] - }, - "references" : { - "reference_data" : [ - { - "refsource" : "CONFIRM", - "url" : "https://www.ibm.com/support/pages/node/6490747", - "title" : "IBM Security Bulletin 6490747 (Tivoli Netcool/OMNIbus)", - "name" : "https://www.ibm.com/support/pages/node/6490747" - }, - { - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/204348", - "refsource" : "XF", - "name" : "ibm-tivoli-cve202129821-xss (204348)", - "title" : "X-Force Vulnerability Report" - } - ] - }, - "impact" : { - "cvssv3" : { - "TM" : { - "E" : "H", - "RC" : "C", - "RL" : "O" - }, - "BM" : { - "S" : "C", - "UI" : "R", - "A" : "N", - "SCORE" : "5.400", - "AC" : "L", - "AV" : "N", - "I" : "L", - "C" : "L", - "PR" : "L" - } - } - }, - "affects" : { - "vendor" : { - "vendor_data" : [ + "data_format": "MITRE", + "problemtype": { + "problemtype_data": [ { - "product" : { - "product_data" : [ - { - "version" : { - "version_data" : [ - { - "version_value" : "8.1.0" - } - ] - }, - "product_name" : "Tivoli Netcool/OMNIbus" - } - ] - }, - "vendor_name" : "IBM" + "description": [ + { + "lang": "eng", + "value": "Cross-Site Scripting" + } + ] } - ] - } - } -} + ] + }, + "CVE_data_meta": { + "DATE_PUBLIC": "2021-09-19T00:00:00", + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2021-29821", + "STATE": "PUBLIC" + }, + "data_version": "4.0", + "data_type": "CVE", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204348." + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "url": "https://www.ibm.com/support/pages/node/6490747", + "title": "IBM Security Bulletin 6490747 (Tivoli Netcool/OMNIbus)", + "name": "https://www.ibm.com/support/pages/node/6490747" + }, + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/204348", + "refsource": "XF", + "name": "ibm-tivoli-cve202129821-xss (204348)", + "title": "X-Force Vulnerability Report" + } + ] + }, + "impact": { + "cvssv3": { + "TM": { + "E": "H", + "RC": "C", + "RL": "O" + }, + "BM": { + "S": "C", + "UI": "R", + "A": "N", + "SCORE": "5.400", + "AC": "L", + "AV": "N", + "I": "L", + "C": "L", + "PR": "L" + } + } + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "version": { + "version_data": [ + { + "version_value": "8.1.0" + } + ] + }, + "product_name": "Tivoli Netcool/OMNIbus" + } + ] + }, + "vendor_name": "IBM" + } + ] + } + } +} \ No newline at end of file diff --git a/2021/29xxx/CVE-2021-29856.json b/2021/29xxx/CVE-2021-29856.json index b280fc8af9b..8d4f463c859 100644 --- a/2021/29xxx/CVE-2021-29856.json +++ b/2021/29xxx/CVE-2021-29856.json @@ -1,90 +1,90 @@ { - "data_version" : "4.0", - "CVE_data_meta" : { - "DATE_PUBLIC" : "2021-09-19T00:00:00", - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2021-29856", - "STATE" : "PUBLIC" - }, - "data_format" : "MITRE", - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Denial of Service" - } - ] - } - ] - }, - "affects" : { - "vendor" : { - "vendor_data" : [ + "data_version": "4.0", + "CVE_data_meta": { + "DATE_PUBLIC": "2021-09-19T00:00:00", + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2021-29856", + "STATE": "PUBLIC" + }, + "data_format": "MITRE", + "problemtype": { + "problemtype_data": [ { - "vendor_name" : "IBM", - "product" : { - "product_data" : [ - { - "version" : { - "version_data" : [ - { - "version_value" : "8.1.0" - } - ] - }, - "product_name" : "Tivoli Netcool/OMNIbus" - } - ] - } + "description": [ + { + "lang": "eng", + "value": "Denial of Service" + } + ] } - ] - } - }, - "impact" : { - "cvssv3" : { - "TM" : { - "RC" : "C", - "RL" : "O", - "E" : "U" - }, - "BM" : { - "UI" : "N", - "SCORE" : "6.500", - "A" : "H", - "S" : "U", - "C" : "N", - "PR" : "L", - "AV" : "N", - "AC" : "L", - "I" : "N" - } - } - }, - "references" : { - "reference_data" : [ - { - "url" : "https://www.ibm.com/support/pages/node/6490747", - "refsource" : "CONFIRM", - "title" : "IBM Security Bulletin 6490747 (Tivoli Netcool/OMNIbus)", - "name" : "https://www.ibm.com/support/pages/node/6490747" - }, - { - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/205685", - "refsource" : "XF", - "name" : "ibm-tivoli-cve202129856-dos (205685)", - "title" : "X-Force Vulnerability Report" - } - ] - }, - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 could allow an authenticated usre to cause a denial of service through the WebGUI Map Creation page. IBM X-Force ID: 205685." - } - ] - }, - "data_type" : "CVE" -} + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "IBM", + "product": { + "product_data": [ + { + "version": { + "version_data": [ + { + "version_value": "8.1.0" + } + ] + }, + "product_name": "Tivoli Netcool/OMNIbus" + } + ] + } + } + ] + } + }, + "impact": { + "cvssv3": { + "TM": { + "RC": "C", + "RL": "O", + "E": "U" + }, + "BM": { + "UI": "N", + "SCORE": "6.500", + "A": "H", + "S": "U", + "C": "N", + "PR": "L", + "AV": "N", + "AC": "L", + "I": "N" + } + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.ibm.com/support/pages/node/6490747", + "refsource": "CONFIRM", + "title": "IBM Security Bulletin 6490747 (Tivoli Netcool/OMNIbus)", + "name": "https://www.ibm.com/support/pages/node/6490747" + }, + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/205685", + "refsource": "XF", + "name": "ibm-tivoli-cve202129856-dos (205685)", + "title": "X-Force Vulnerability Report" + } + ] + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 could allow an authenticated usre to cause a denial of service through the WebGUI Map Creation page. IBM X-Force ID: 205685." + } + ] + }, + "data_type": "CVE" +} \ No newline at end of file diff --git a/2021/38xxx/CVE-2021-38899.json b/2021/38xxx/CVE-2021-38899.json index 7de53ac041c..3b7b0f0c4b8 100644 --- a/2021/38xxx/CVE-2021-38899.json +++ b/2021/38xxx/CVE-2021-38899.json @@ -1,90 +1,90 @@ { - "data_version" : "4.0", - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "value" : "Obtain Information", - "lang" : "eng" - } - ] - } - ] - }, - "data_format" : "MITRE", - "CVE_data_meta" : { - "ID" : "CVE-2021-38899", - "STATE" : "PUBLIC", - "DATE_PUBLIC" : "2021-09-17T00:00:00", - "ASSIGNER" : "psirt@us.ibm.com" - }, - "references" : { - "reference_data" : [ - { - "url" : "https://www.ibm.com/support/pages/node/6490435", - "refsource" : "CONFIRM", - "name" : "https://www.ibm.com/support/pages/node/6490435", - "title" : "IBM Security Bulletin 6490435 (Cloud Pak for Data)" - }, - { - "name" : "ibm-cp4d-cve202138899-info-disc (209575)", - "title" : "X-Force Vulnerability Report", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/209575" - } - ] - }, - "impact" : { - "cvssv3" : { - "BM" : { - "S" : "U", - "A" : "N", - "SCORE" : "4.400", - "UI" : "N", - "I" : "N", - "AC" : "L", - "AV" : "L", - "PR" : "H", - "C" : "H" - }, - "TM" : { - "E" : "U", - "RC" : "C", - "RL" : "O" - } - } - }, - "affects" : { - "vendor" : { - "vendor_data" : [ + "data_version": "4.0", + "problemtype": { + "problemtype_data": [ { - "product" : { - "product_data" : [ - { - "version" : { - "version_data" : [ - { - "version_value" : "2.5" - } - ] - }, - "product_name" : "Cloud Pak for Data" - } - ] - }, - "vendor_name" : "IBM" + "description": [ + { + "value": "Obtain Information", + "lang": "eng" + } + ] } - ] - } - }, - "data_type" : "CVE", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM Cloud Pak for Data 2.5 could allow a local user with special privileges to obtain highly sensitive information. IBM X-Force ID: 209575." - } - ] - } -} + ] + }, + "data_format": "MITRE", + "CVE_data_meta": { + "ID": "CVE-2021-38899", + "STATE": "PUBLIC", + "DATE_PUBLIC": "2021-09-17T00:00:00", + "ASSIGNER": "psirt@us.ibm.com" + }, + "references": { + "reference_data": [ + { + "url": "https://www.ibm.com/support/pages/node/6490435", + "refsource": "CONFIRM", + "name": "https://www.ibm.com/support/pages/node/6490435", + "title": "IBM Security Bulletin 6490435 (Cloud Pak for Data)" + }, + { + "name": "ibm-cp4d-cve202138899-info-disc (209575)", + "title": "X-Force Vulnerability Report", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/209575" + } + ] + }, + "impact": { + "cvssv3": { + "BM": { + "S": "U", + "A": "N", + "SCORE": "4.400", + "UI": "N", + "I": "N", + "AC": "L", + "AV": "L", + "PR": "H", + "C": "H" + }, + "TM": { + "E": "U", + "RC": "C", + "RL": "O" + } + } + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "version": { + "version_data": [ + { + "version_value": "2.5" + } + ] + }, + "product_name": "Cloud Pak for Data" + } + ] + }, + "vendor_name": "IBM" + } + ] + } + }, + "data_type": "CVE", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM Cloud Pak for Data 2.5 could allow a local user with special privileges to obtain highly sensitive information. IBM X-Force ID: 209575." + } + ] + } +} \ No newline at end of file diff --git a/2021/41xxx/CVE-2021-41073.json b/2021/41xxx/CVE-2021-41073.json index 4abea9134d5..e06ba7bb03a 100644 --- a/2021/41xxx/CVE-2021-41073.json +++ b/2021/41xxx/CVE-2021-41073.json @@ -52,6 +52,11 @@ }, "references": { "reference_data": [ + { + "refsource": "MLIST", + "name": "[oss-security] 20210918 Linux Kernel: Exploitable vulnerability in io_uring", + "url": "http://www.openwall.com/lists/oss-security/2021/09/18/2" + }, { "refsource": "MISC", "name": "http://www.openwall.com/lists/oss-security/2021/09/18/2", @@ -61,11 +66,6 @@ "refsource": "MISC", "name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=16c8d2df7ec0eed31b7d3b61cb13206a7fb930cc", "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=16c8d2df7ec0eed31b7d3b61cb13206a7fb930cc" - }, - { - "refsource": "MISC", - "name": "https://twitter.com/HenkPoley/status/1439877969548390400", - "url": "https://twitter.com/HenkPoley/status/1439877969548390400" } ] }