admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2021-06-22 18:00:54 +00:00
parent 1be277464c
commit 19bcf9e49d
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
6 changed files with 165 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
2011/5xxx/CVE-2011-5034.json
View File

@ -81,6 +81,16 @@
"name": "http://www.ocert.org/advisories/ocert-2011-003.html",
"refsource": "MISC",
"url": "http://www.ocert.org/advisories/ocert-2011-003.html"
},
{
"refsource": "MLIST",
"name": "[axis-java-dev] 20210622 [jira] [Updated] (AXIS2-6004) AXIS 2 1.7.9 geronimo jars with vulnerability CVE-2011-5034",
"url": "https://lists.apache.org/thread.html/r8dc1a0ae0e0cf9d2494b8cbd66562f99331c4cf635e7781850a9b9ba@%3Cjava-dev.axis.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[axis-java-dev] 20210622 [jira] [Created] (AXIS2-6004) AXIS 2 1.7.9 geronimo jars with vulnerability CVE-2011-5034",
"url": "https://lists.apache.org/thread.html/r20957aa5962a48328f199e2373f408aeeae601a45dd5275a195e2b6e@%3Cjava-dev.axis.apache.org%3E"
}
]
}

53
2021/22xxx/CVE-2021-22361.json
View File

@ -4,14 +4,61 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-22361",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@huawei.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "eCNS280;eSE620X vESS",
"version": {
"version_data": [
{
"version_value": "V100R005C00,V100R005C10"
},
{
"version_value": "V100R001C10SPC200,V100R001C20SPC200"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Authorization"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210519-02-cgp-en",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210519-02-cgp-en"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "There is an improper authorization vulnerability in eCNS280 V100R005C00, V100R005C10 and eSE620X vESS V100R001C10SPC200, V100R001C20SPC200. A file access is not authorized correctly. Attacker with low access may launch privilege escalation in a specific scenario. This may compromise the normal service."
}
]
}

50
2021/22xxx/CVE-2021-22365.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-22365",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@huawei.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "eSE620X vESS",
"version": {
"version_data": [
{
"version_value": "V100R001C10SPC200,V100R001C20SPC200,V200R001C00SPC300"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Possible Out-Of-Bounds Read"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210526-02-outbounds-en",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210526-02-outbounds-en"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "There is an out of bounds read vulnerability in eSE620X vESS V100R001C10SPC200, V100R001C20SPC200, V200R001C00SPC300. A local attacker can exploit this vulnerability by sending specific message to the target device. Due to insufficient validation of internal message, successful exploit may cause the process and the service abnormal."
}
]
}

50
2021/22xxx/CVE-2021-22366.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-22366",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@huawei.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "eSE620X vESS",
"version": {
"version_data": [
{
"version_value": "V100R001C10SPC200,V100R001C20SPC200,V200R001C00SPC300"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-Bounds Read"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210526-03-dos-en",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210526-03-dos-en"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "There is an out-of-bounds read vulnerability in eSE620X vESS V100R001C10SPC200, V100R001C20SPC200, V200R001C00SPC300. The vulnerability is due to a function that handles an internal message contains an out-of-bounds read vulnerability. An attacker could crafted messages between system process, successful exploit could cause Denial of Service (DoS)."
}
]
}

7
2021/33xxx/CVE-2021-33506.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "jitsi-meet-prosody in Jitsi Meet before 5026 does not ensure that restrict_room_creation is set by default."
"value": "jitsi-meet-prosody in Jitsi Meet before 2.0.5963-1 does not ensure that restrict_room_creation is set by default. This can allow an attacker to circumvent conference moderation."
}
]
},
@ -61,6 +61,11 @@
"refsource": "CONFIRM",
"name": "https://github.com/jitsi/jitsi-meet/compare/5025...5026",
"url": "https://github.com/jitsi/jitsi-meet/compare/5025...5026"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/jitsi/security-advisories/blob/master/advisories/JSA-2021-0001.md",
"url": "https://github.com/jitsi/security-advisories/blob/master/advisories/JSA-2021-0001.md"
}
]
}

9
2021/3xxx/CVE-2021-3044.json
View File

@ -79,7 +79,7 @@
"configuration": [
{
"lang": "eng",
"value": "This issue is applicable only to Cortex XSOAR configurations with active API key integrations.\n\nYou can determine whether your configuration is impacted by selecting Settings > Integration > API Keys from the Cortex XSOAR web client."
"value": "This issue is applicable only to Cortex XSOAR configurations with active API key integrations.\n\nYou can determine whether your configuration is impacted by selecting \u2018Settings > Integration > API Keys\u2019 from the Cortex XSOAR web client."
}
],
"credit": [
@ -95,7 +95,7 @@
"description_data": [
{
"lang": "eng",
"value": "An improper authorization vulnerability in Palo Alto Networks Cortex XSOAR enables a remote unauthenticated attacker with network access to the Cortex XSOAR server to perform unauthorized actions through the REST API.\nThis issue impacts:\nCortex XSOAR 6.1.0 builds later than 1016923 and earlier than 1271064;\nCortex XSOAR 6.2.0 builds earlier than 1271065.\n\nThis issue does not impact Cortex XSOAR 5.5.0, Cortex XSOAR 6.0.0, Cortex XSOAR 6.0.1, or Cortex XSOAR 6.0.2 versions.\nAll Cortex XSOAR instances hosted by Palo Alto Networks are upgraded to resolve this vulnerability. No additional action is required for these instances."
"value": "An improper authorization vulnerability in Palo Alto Networks Cortex XSOAR enables a remote unauthenticated attacker with network access to the Cortex XSOAR server to perform unauthorized actions through the REST API. This issue impacts: Cortex XSOAR 6.1.0 builds later than 1016923 and earlier than 1271064; Cortex XSOAR 6.2.0 builds earlier than 1271065. This issue does not impact Cortex XSOAR 5.5.0, Cortex XSOAR 6.0.0, Cortex XSOAR 6.0.1, or Cortex XSOAR 6.0.2 versions. All Cortex XSOAR instances hosted by Palo Alto Networks are upgraded to resolve this vulnerability. No additional action is required for these instances."
}
]
},
@ -139,8 +139,9 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://security.paloaltonetworks.com/CVE-2021-3044"
"refsource": "MISC",
"url": "https://security.paloaltonetworks.com/CVE-2021-3044",
"name": "https://security.paloaltonetworks.com/CVE-2021-3044"
}
]
},